Ga naar inhoud

Mislukt - Virus gedetecteerd


Aanbevolen berichten

Goedemorgen!

Zoals al een aantal mensen voor mij kom ik niet af van de 'Mislukt - Virus gedetecteerd' boodschap, die sinds korte tijd verschijnt bij het downloaden van bestanden. Dit is echter enkel het geval in Google Chrome, terwijl IE nog zonder haperen werkt.

Op basis van de eerdere posts voor mij heb ik de volgende programma's al een keer hun gang laten gaan:

- HiJackThis

- Avast Antivirus

- ComboFix

- CCleaner

- ADWcleaner

- AVGremover

- Malwarebytes Anti-Malware

Dit alles nadat ik zowel AVG als Chrome had verwijderd. (Chrome ondertussen weer geïnstalleerd om te controleren of het probleem verholpen was)

Log HiJackThis:

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 9:57:51, on 17/05/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.19418)

Boot mode: Normal

Running processes:

C:\Systeem\DAEMON Tools Lite\DTLite.exe

C:\Windows\SysWOW64\CtHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

F:\Systeem\Avast\AvastUI.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

F:\Temp\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [brStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun

O4 - HKLM\..\Run: [avast] "F:\Systeem\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Systeem\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MI1933~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - F:\Systeem\Avast\AvastSvc.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 9386 bytes

Log ComboFix:

ComboFix 13-05-16.02 - Bart De Laat 17/05/2013 9:27.3.4 - x64

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.4094.2838 [GMT 2:00]

Gestart vanuit: c:\users\Bart De Laat\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}

AV: AVG Anti-Virus Free *Disabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}

AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}

SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}

SP: AVG Anti-Virus Free *Disabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}

SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2013-04-17 to 2013-05-17 ))))))))))))))))))))))))))))))

.

.

2013-05-17 07:34 . 2013-05-17 07:38 -------- d-----w- c:\users\Bart De Laat\AppData\Local\temp

2013-05-17 07:34 . 2013-05-17 07:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp

2013-05-17 07:34 . 2013-05-17 07:34 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-05-17 06:53 . 2013-05-17 06:53 -------- d-----w- c:\users\Bart De Laat\AppData\Roaming\Malwarebytes

2013-05-17 06:53 . 2013-05-17 06:53 -------- d-----w- c:\programdata\Malwarebytes

2013-05-17 06:53 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-05-17 06:43 . 2013-05-17 06:43 125 ----a-w- c:\windows\DeleteOnReboot.bat

2013-05-16 12:35 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E2695296-B6A7-4B2A-8F89-1B08716914CD}\mpengine.dll

2013-05-16 09:46 . 2013-05-09 08:59 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2013-05-16 09:46 . 2013-05-09 08:59 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys

2013-05-16 09:46 . 2013-05-09 08:59 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2013-05-16 09:46 . 2013-05-09 08:59 59144 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2013-05-16 09:46 . 2013-05-09 08:59 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2013-05-16 09:46 . 2013-05-09 08:59 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2013-05-16 09:46 . 2013-05-09 08:59 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2013-05-16 09:46 . 2013-05-09 08:59 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2013-05-16 09:46 . 2013-05-09 08:58 287840 ----a-w- c:\windows\system32\aswBoot.exe

2013-05-16 09:46 . 2013-05-09 08:58 41664 ----a-w- c:\windows\avastSS.scr

2013-05-16 09:44 . 2013-05-16 09:46 -------- d-----w- c:\programdata\AVAST Software

2013-05-15 07:23 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-05-08 20:09 . 2013-05-08 20:09 -------- d-----w- c:\users\Bart De Laat\AppData\Local\Windows Live Writer

2013-05-08 20:09 . 2013-05-08 20:09 -------- d-----w- c:\users\Bart De Laat\AppData\Roaming\Windows Live Writer

2013-05-02 11:19 . 2013-05-02 11:20 -------- d-----w- c:\program files (x86)\Google

2013-05-01 19:15 . 2013-05-01 19:15 -------- d-----w- c:\users\Bart De Laat\AppData\Roaming\RStudio

2013-05-01 13:15 . 2013-05-01 19:15 -------- d-----w- c:\users\Bart De Laat\AppData\Local\RStudio-Desktop

2013-04-29 08:39 . 2013-04-29 08:38 311200 ----a-w- c:\windows\system32\javaws.exe

2013-04-29 08:39 . 2013-04-29 08:38 971680 ----a-w- c:\windows\system32\deployJava1.dll

2013-04-29 08:39 . 2013-04-29 08:38 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll

2013-04-29 08:39 . 2013-04-29 08:38 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll

2013-04-29 08:39 . 2013-04-29 08:38 188832 ----a-w- c:\windows\system32\javaw.exe

2013-04-29 08:39 . 2013-04-29 08:38 188320 ----a-w- c:\windows\system32\java.exe

2013-04-29 08:38 . 2013-04-29 08:38 -------- d-----w- c:\program files\Java

2013-04-29 07:40 . 2013-04-29 07:38 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DFABE1AB-CFDD-4AE2-8CF3-B4EDB400890D}\gapaengine.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-05-16 09:27 . 2006-11-02 12:35 75016696 ----a-w- c:\windows\system32\mrt.exe

2013-05-02 15:29 . 2011-02-18 13:21 278800 ------w- c:\windows\system32\MpSigStub.exe

2013-03-31 11:54 . 2013-03-31 11:54 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll

2013-03-11 13:33 . 2013-04-10 08:31 4691304 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-03-09 04:16 . 2013-04-10 08:31 85504 ----a-w- c:\windows\system32\csrsrv.dll

2013-03-09 01:48 . 2013-04-10 08:31 75264 ----a-w- c:\windows\system32\smss.exe

2013-03-08 04:18 . 2013-04-10 08:31 451072 ----a-w- c:\windows\system32\winsrv.dll

2013-03-08 04:17 . 2013-04-10 08:31 2425344 ----a-w- c:\windows\system32\mstscax.dll

2013-03-08 03:52 . 2013-04-10 08:31 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll

2013-03-03 19:13 . 2013-04-10 08:31 1513320 ----a-w- c:\windows\system32\drivers\ntfs.sys

2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll

2013-02-25 22:32 . 2013-02-25 22:32 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll

2013-02-25 22:32 . 2013-02-25 22:32 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll

2013-02-25 22:32 . 2010-07-10 04:38 2826040 ----a-w- c:\windows\system32\nvapi64.dll

2013-02-25 22:32 . 2012-02-16 18:16 1814304 ----a-w- c:\windows\system32\nvdispco64.dll

2013-02-25 22:32 . 2010-07-10 04:38 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll

2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll

2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll

2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll

2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll

2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

2013-02-25 22:32 . 2012-10-10 20:23 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll

2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll

2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll

2013-02-25 22:32 . 2013-02-25 22:32 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll

2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll

2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll

2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll

2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\systeem\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AsioThk32Reg"="CTASIO.DLL" [2010-03-18 47104]

"CTHelper"="CTHELPER.EXE" [2010-03-18 19456]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-01-30 35736]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

"BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2009-06-11 3695416]

"avast"="f:\systeem\Avast\avastUI.exe" [2013-05-09 4858968]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer2"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

Themes

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-05-02 11:20 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2013-05-16 c:\windows\Tasks\avast! Emergency Update.job

- f:\systeem\Avast\AvastEmUpdate.exe [2013-05-16 08:58]

.

2013-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 11:19]

.

2013-05-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-05-02 11:19]

.

2013-05-17 c:\windows\Tasks\User_Feed_Synchronization-{33A3981A-5A77-48A8-AE69-14DB8EBE9771}.job

- c:\windows\system32\msfeedssync.exe [2013-05-15 06:40]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2013-05-09 08:58 133840 ----a-w- f:\systeem\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2009-11-11 2345848]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MI1933~1\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.130.2 195.130.131.2

.

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-646492008-2405596893-3632786542-1000\Software\SecuROM\License information*]

"datasecu"=hex:e4,f8,60,28,f5,79,1c,6e,50,28,ba,9a,3e,3b,60,4e,78,c5,f4,69,fe,

10,00,1c,e4,55,df,d4,66,9f,c9,0b,76,58,d3,af,43,c8,e2,f4,76,9e,62,11,99,7b,\

"rkeysecu"=hex:e1,d2,3e,30,ee,65,9b,1c,5d,bb,f1,4f,65,fe,57,d2

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10m_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10m.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

f:\systeem\Avast\AvastSvc.exe

c:\windows\SysWOW64\CtHelper.exe

c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

.

**************************************************************************

.

Voltooingstijd: 2013-05-17 09:42:18 - machine werd herstart

ComboFix-quarantined-files.txt 2013-05-17 07:42

ComboFix2.txt 2013-05-02 09:15

.

Pre-Run: 5.609.308.160 bytes beschikbaar

Post-Run: 4.961.198.080 bytes beschikbaar

.

- - End Of File - - 2CC0E675E0EB15B2E38F6A8925DC28F5

Log AdwCleaner ([R1]):

# AdwCleaner v2.301 - Verslag gemaakt op 17/05/2013 om 08:42:08

# Geactualiseerd op 16/05/2013 door Xplode

# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (64 bits)

# Gebruiker : Bart De Laat - PC-BART

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : F:\Temp\adwcleaner.exe

# Optie [Zoeken]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Aanwezig : C:\Users\Bart De Laat\AppData\LocalLow\boost_interprocess

***** [Register] *****

Sleutel Aanwezig : HKCU\Software\Conduit

Sleutel Aanwezig : HKCU\Software\YahooPartnerToolbar

Sleutel Aanwezig : HKLM\Software\Conduit

***** [browsers] *****

-\\ Internet Explorer v8.0.6001.19418

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [969 octets] - [17/05/2013 08:42:08]

########## EOF - C:\AdwCleaner[R1].txt - [1028 octets] ##########

Log AdwCleaner ([s1]):

# AdwCleaner v2.301 - Verslag gemaakt op 17/05/2013 om 08:43:22

# Geactualiseerd op 16/05/2013 door Xplode

# Besturingssysteem : Windows Vista Home Premium Service Pack 2 (64 bits)

# Gebruiker : Bart De Laat - PC-BART

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : F:\Temp\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Verwijdert bij het opstarten : C:\Users\Bart De Laat\AppData\LocalLow\boost_interprocess

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\YahooPartnerToolbar

Sleutel Verwijdert : HKLM\Software\Conduit

***** [browsers] *****

-\\ Internet Explorer v8.0.6001.19418

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[R1].txt - [1097 octets] - [17/05/2013 08:42:08]

AdwCleaner[s1].txt - [1056 octets] - [17/05/2013 08:43:22]

########## EOF - C:\AdwCleaner[s1].txt - [1116 octets] ##########

Log Mbam:

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.05.17.03

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 8.0.6001.19418

Bart De Laat :: PC-BART [administrator]

Bescherming: Uitgeschakeld

17/05/2013 10:02:20

mbam-log-2013-05-17 (10-02-20).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 239155

Verstreken tijd: 2 minuut/minuten, 32 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

----------------------------------------------------------------------------------

Misschien ook belangrijk: Sinds de eerste scan van Avast (in de veilige modus) is de computer onstabiel, wat dan leidt tot een blauw scherm. Dit lijkt niet altijd na dezelfde tijd te gebeuren.

Alvast heel erg bedankt voor hulp!

Bart

Link naar reactie
Delen op andere sites


Ik zie niet direct een probleem in deze logjes.

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

 
startupall; 
filesrcm; 
uninstall-list; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
    • Running processes
    • Startup Information
    • Installed Programs
    • HijackThis Log
    • Silent Runners
    • Reset Chrome
    • Empty Temp Folders
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Bedankt voor het snelle antwoorden Wabbit!

Het volgende logje was het resultaat:

Zoek.exe Version 4.0.0.2 Updated 15-May-2013

Tool run by Bart De Laat on vr 17/05/2013 at 11:39:22,44.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

F:\Systeem\Avast\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\SysWOW64\CtHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

F:\Systeem\Avast\AvastUI.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\System32\mobsync.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\SysWOW64\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\Bart De Laat\Desktop\zoek.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchProtocolHost.exe

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

Aare AVI to VCD/DVD/SVCD/MPEG Converter

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader X (10.0.1) - Nederlands

Adobe SVG Viewer 6.0

Advertising Center

Apple Application Support

Apple Software Update

avast Free Antivirus

BitComet 1.29

Brother HL-2150N

BS.Player FREE

BSPlayer

CCleaner

Cisco AnyConnect VPN Client

Cool & Quiet

Creative Audio-console

Creative Software AutoUpdate

D3DX10

DAEMON Tools Lite

DeltaSoft JV 2.1.2

DivX Setup

DolbyFiles

Dolphin Futures XPS Viewer version 1.0.0

Driver Sweeper 2.1.0

Driver Wizard

DriverMax 5

Dropbox

Enter The Matrix

ezNZB v3.1.0

GameSpy Arcade

Gapminder Desktop

Google Chrome

Google Update Helper

Grand Theft Auto IV

Grand Theft Auto Vice City

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

IBM SPSS Statistics 19

ImagXpress

Japanese Fonts Support For Adobe Reader X

Java 7 Update 21 (64-bit)

Java 7 Update 9

Java Auto Updater

Java 6 Update 31

Junk Mail filter update

Malwarebytes Anti-Malware versie 1.75.0.1300

Mendeley Desktop 1.6

Mesh Runtime

Messenger Companion

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2742597)

Microsoft .NET Framework 3.5 Language Pack SP1 - nld

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft Antimalware Service NL-NL Language Pack

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE Redistributable

Microsoft IntelliType Pro 7.1

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared 64-bit MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Security Client

Microsoft Security Client NL-NL Language Pack

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Windows Media Video 9 VCM

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

Nero 9 Essentials

Nero BurnRights

Nero BurnRights Help

Nero ControlCenter

Nero CoverDesigner

Nero CoverDesigner Help

Nero Disc Copy Gadget

Nero Disc Copy Gadget Help

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero PhotoSnap

Nero PhotoSnap Help

Nero Recode

Nero Recode Help

Nero ShowTime

Nero StartSmart

Nero StartSmart Help

Nero StartSmart OEM

Nero Vision

Nero Vision Help

NeroExpress

neroxml

NVIDIA-configuratiescherm 311.06

NVIDIA 3D Vision controllerstuurprogramma 285.62

NVIDIA 3D Vision stuurprogramma 311.06

NVIDIA Display Control Panel

NVIDIA Grafisch stuurprogramma 311.06

NVIDIA Install Application

NVIDIA PhysX

NVIDIA PhysX systeemsoftware 9.11.0621

NVIDIA Stereoscopic 3D Driver

NVIDIA Update 1.11.3

NVIDIA Update Components

OpenAL

PokerStars.be

PVSonyDll

QuickTime

R for Windows 3.0.0

Real Alternative 2.0.2

Realtek Ethernet Controller Driver For Windows Vista and Later

Realtek High Definition Audio Driver

Rockstar Games Social Club

RStudio

SABnzbd 0.6.10

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

Segoe UI

Serious Sam: The Second Encounter

Skype Click to Call

SkypeT 6.0

SuperNZB v4.0.5

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Ubisoft Game Launcher

Unreal Tournament G.O.T.Y. Edition

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817359) 32-Bit Edition

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

VC80CRTRedist - 8.0.50727.4053

Visual Studio 2010 x64 Redistributables

WiFi Station

Winamp

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live MIME IFilter

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live Remote Client

Windows Live Remote Client Resources

Windows Live Remote Service

Windows Live Remote Service Resources

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR archiver

==== Deleting Files \ Folders ======================

"C:\ProgramData\ezsidmv.dat" deleted

"C:\Users\Bart De Laat\51FB15F4AD2743BCAD4BDD0354FB6BBD.TMP" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-05-17 06:43:30 4781167AF20A314D55F5F431F97CBFE1 125 ----a-w- C:\Windows\DeleteOnReboot.bat

2013-05-16 09:46:27 E9C8673674ECF840EE59ED805DBE9966 41664 ----a-w- C:\Windows\avastSS.scr

2013-05-02 09:06:58 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2013-05-02 09:06:58 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2013-05-02 09:06:58 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2013-05-02 09:06:58 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

2013-05-02 09:06:58 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

====== C:\Users\BARTDE~1\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-05-16 09:46:47 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\config.nt

2013-05-15 07:19:57 CA5522E83040C39C64BCF9FE06FD1647 1638912 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-05-15 07:19:57 54FB7169B25B52DEE60B29E51518E4F4 6013440 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-05-15 07:19:42 1BE5928B75E79F1E87895651C1312740 11111424 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-05-15 07:19:39 F6888B03E3EE0E82EEEB71E9D1FDE26C 1212928 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-05-15 07:19:38 C1F1B4A2D3348FD770874C278D3221E7 630272 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-05-15 07:19:38 BAF8040BBD5736952A8A3839E073B031 916480 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-05-15 07:19:38 033155718EAB75FF5F4C01D8F7933CE9 1469440 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl

2013-05-15 07:19:37 8CD18B9A2D3BD1F4F7AC21BEF148EDAB 611840 ----a-w- C:\Windows\SysWOW64\mstime.dll

2013-05-15 07:19:37 7355129B71888396E4FC0DCEE14407F8 2004992 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-05-15 07:19:37 2D573FDF50FDE5E451E48F3C55A1CDB8 385024 ----a-w- C:\Windows\SysWOW64\html.iec

2013-05-15 07:19:37 29EA0CE598C1F7BEC50D49829E684413 387584 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll

2013-05-15 07:19:36 FF95B060A8ED61BE2BC5B5C74A98C6F5 43520 ----a-w- C:\Windows\SysWOW64\licmgr10.dll

2013-05-15 07:19:36 EA1BB31417CB6263CA1F4DD067CF77C6 105984 ----a-w- C:\Windows\SysWOW64\url.dll

2013-05-15 07:19:36 E9A8DA53A81B4635DCF792B53447A03C 71680 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-05-15 07:19:36 E4FE14F37789D4DB66B61E5CE2380687 164352 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-05-15 07:19:36 D76E079AE08050A6D395457A4F5BBB16 25600 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-05-15 07:19:36 C5DA34BA09D46B3ED8666FBB54D8D162 55808 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-05-15 07:19:36 B812AAE042810E78F9CE03655EC05AAE 67072 ----a-w- C:\Windows\SysWOW64\mshtmled.dll

2013-05-15 07:19:36 AB149D3DA31F33E85B70D803C4B7625C 206848 ----a-w- C:\Windows\SysWOW64\occache.dll

2013-05-15 07:19:36 9DD178C44ADD0825AD3137430AE1E171 13312 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2013-05-15 07:19:36 66FF8438E716F69210D680C56449869E 184320 ----a-w- C:\Windows\SysWOW64\iepeers.dll

2013-05-15 07:19:36 4F8FFF533F6F65A1BDA8A5E1E452AD0B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-05-15 07:19:36 469640833B04976DA276F425A0E2250C 174080 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe

2013-05-15 07:19:36 4685A9AA406786F27F78626536749B4F 133632 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-05-15 07:19:36 13C7DE0BBFAF05EA7A35CCED86532D04 55296 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-05-16 12:57:01 B098D08899B4A4B057EF2209B34A488B 381576 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT

2013-05-16 09:46:47 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\Sysnative\aswBoot.exe

2013-05-15 07:19:58 F023180AE9D268585EF8CADDA3FC0785 9333248 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-05-15 07:19:57 D9314BDA2DB6180A0609C56DD26BC2F3 1638912 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-05-15 07:19:51 570DAA0D122E136209823FA8C042EF65 2774016 ----a-w- C:\Windows\Sysnative\win32k.sys

2013-05-15 07:19:43 8B3B7B7D7E903740137D70C36C35D9AE 12508160 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-05-15 07:19:41 DAD83F761377C736E599C2E25F9B2FF6 1147392 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-05-15 07:19:40 DA72C1CC15F2CE9AA5921E639D36C7AB 742912 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-05-15 07:19:40 85970AF07E0089D8EF372D32C0CC3BD4 1489408 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-05-15 07:19:40 377173C59416F9153EA732CBC310A2B2 459776 ----a-w- C:\Windows\Sysnative\iedkcs32.dll

2013-05-15 07:19:40 0EFD9504AE4F5CDDF92D2DDE9CAF4D08 2356736 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-05-15 07:19:39 EED34B262EEE408C3BBA22055CD403D3 243712 ----a-w- C:\Windows\Sysnative\occache.dll

2013-05-15 07:19:39 E1BD71E08D81803954762C5CB1A44DD4 252416 ----a-w- C:\Windows\Sysnative\iepeers.dll

2013-05-15 07:19:39 C43215E8A84AD81B93EB6A1140310C70 98304 ----a-w- C:\Windows\Sysnative\mshtmled.dll

2013-05-15 07:19:39 A72567AB733FD1F81E4B619C63D784D4 1062912 ----a-w- C:\Windows\Sysnative\mstime.dll

2013-05-15 07:19:39 7D8A31E1CEBCE69407806F3BCFA47447 77312 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-05-15 07:19:39 7280F72FE74700E15736B836147C540B 31744 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-05-15 07:19:39 70D394C2C9E4E4F738E667BB87BBAADF 72192 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-05-15 07:19:39 6AE971240EA9CBE1F833321284D87BF7 219136 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-05-15 07:19:38 92AA03AAF004C64B11885E01FC8EF57E 1538560 ----a-w- C:\Windows\Sysnative\inetcpl.cpl

2013-05-15 07:19:38 8BF72A557C640B313D79D500BEBE2F30 479232 ----a-w- C:\Windows\Sysnative\html.iec

2013-05-15 07:19:38 2AD0CB0ECCAC4726FA9672C1E3FE063C 56832 ----a-w- C:\Windows\Sysnative\licmgr10.dll

2013-05-15 07:19:38 0BAAD832A41C6FA5073FC2881F4D02CA 71680 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll

2013-05-15 07:19:37 748B4E825A5B1E1D77C093970870C2BC 162816 ----a-w- C:\Windows\Sysnative\ieUnatt.exe

2013-05-15 07:19:37 22B1091B4A62582128DCACEA7085E849 108032 ----a-w- C:\Windows\Sysnative\url.dll

2013-05-15 07:19:36 974798D2DCE273F67053699D302B7DD0 12288 ----a-w- C:\Windows\Sysnative\msfeedssync.exe

2013-05-15 07:19:36 4976E0F3C33B303B7B7EFAE1AB282902 132096 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-05-15 07:19:36 2563DF414EBC506F11E301F6E719D8E9 70656 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-05-15 07:19:04 6D798629B0A33D33E0BFED45BC438E1E 47104 ----a-w- C:\Windows\Sysnative\cdd.dll

====== C:\Windows\Sysnative\drivers =====

2013-05-17 06:53:02 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys

2013-05-16 09:46:51 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys

2013-05-16 09:46:50 00E5253353717D3CA12A0F5A6F9991EC 378432 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys

2013-05-16 09:46:49 9A9565BB92EE412B77B7416DD1D32F0B 59144 ----a-w- C:\Windows\Sysnative\drivers\aswRdr.sys

2013-05-16 09:46:49 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys

2013-05-16 09:46:49 10ED1CAB84AA65983C41A11F60294C9B 1025808 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys

2013-05-16 09:46:48 6359B99C955DB9F40B653159A0EED261 189936 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys

2013-05-16 09:46:48 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys

2013-05-16 09:46:47 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys

2013-05-15 07:19:05 F3932288EEECD776FF1F9F653AD878F3 901496 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys

====== C:\Windows\Tasks ======

2013-05-16 09:46:47 E56E3AE18A8CAEDE58D7BF0DFA2A4039 308 ---ha-w- C:\Windows\Tasks\avast! Emergency Update.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-05-02 11:19:38 -------- d-----w- C:\Program Files (x86)\Google

======= C: =====

2013-05-17 06:43:22 50F8474CFBCD72E3C9657DA1578B19A1 1185 ----a-w- C:\AdwCleaner[s1].txt

2013-05-17 06:42:08 66AD3271A290A09CBE37FD05567B53AA 1097 ----a-w- C:\AdwCleaner[R1].txt

====== C:\Users\Bart De Laat\AppData\Roaming ======

2013-05-17 07:42:19 -------- d-----w- C:\users\UpdatusUser\AppData\Local\temp

2013-05-17 07:42:19 -------- d-----w- C:\users\Public\AppData\Local\temp

2013-05-17 07:42:19 -------- d-----w- C:\users\Default\AppData\Local\temp

2013-05-17 07:42:19 -------- d-----w- C:\users\Default User\AppData\Local\temp

2013-05-17 07:42:19 -------- d-----w- C:\users\Bart De Laat\AppData\Local\temp

2013-05-16 12:59:08 17C4B3841AB5218E0EDF8C3761D6B67E 102672 ----a-w- C:\users\Bart De Laat\AppData\Local\GDIPFONTCACHEV1.DAT

2013-05-16 09:46:44 2CFA34581CE9C5EBAC4401BBAA601B15 11614 ----a-w- C:\users\Bart De Laat\AppData\Local\dd_vcredistUI09E1.txt

2013-05-16 09:46:44 02351269F757795F8A208E4E3DFF0804 1870 ----a-w- C:\users\Bart De Laat\AppData\Local\dd_vcredistMSI09E1.txt

2013-05-08 20:09:07 -------- d-----w- C:\users\Bart De Laat\AppData\Roaming\Windows Live Writer

2013-05-08 20:09:07 -------- d-----w- C:\users\Bart De Laat\AppData\Local\Windows Live Writer

2013-05-01 19:15:31 -------- d-----w- C:\users\Bart De Laat\AppData\Roaming\RStudio

2013-05-01 13:15:52 -------- d-----w- C:\users\Bart De Laat\AppData\Local\RStudio-Desktop

====== C:\Users\Bart De Laat ======

2013-05-16 09:46:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

2013-05-02 11:20:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2013-05-02 09:15:24 -------- d-----w- C:\Users\Public\AppData

====== C: exe-files ==

2013-05-17 06:51:53 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Low\Content.IE5\3308904T\mbam-setup-1.75.0.1300[1].exe

2013-05-17 06:43:52 6ED4302372464A4CF4865603C04D03AB 632031 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{D2259F55-CA87-6D6F-5B90-918D8D751CFC}-adwcleaner.exe

2013-05-17 06:41:30 0A90C8A3F94564E7EAF541981EAFA52A 632031 ----a-w- C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Low\Content.IE5\QUT4IO21\adwcleaner[1].exe

2013-05-16 09:46:47 2B0C485EBE31E02C7B405F8DD072598D 287840 ----a-w- C:\Windows\System32\aswBoot.exe

2013-05-15 07:19:40 971B739292B5B225A99FA20E26997ABB 660632 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-05-15 07:19:40 6CDB93988713FB94BEEB16823E5232AD 638104 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2013-05-15 07:19:37 748B4E825A5B1E1D77C093970870C2BC 162816 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-05-15 07:19:36 9DD178C44ADD0825AD3137430AE1E171 13312 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe

2013-05-15 07:19:36 974798D2DCE273F67053699D302B7DD0 12288 ----a-w- C:\Windows\System32\msfeedssync.exe

2013-05-15 07:19:36 469640833B04976DA276F425A0E2250C 174080 ----a-w- C:\Windows\SysWOW64\ie4uinit.exe

2013-05-15 07:19:36 4685A9AA406786F27F78626536749B4F 133632 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe

2013-05-15 07:19:36 2563DF414EBC506F11E301F6E719D8E9 70656 ----a-w- C:\Windows\System32\ie4uinit.exe

=== C: other files ==

2013-05-17 06:53:02 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-05-17 06:43:30 4781167AF20A314D55F5F431F97CBFE1 125 ----a-w- C:\Windows\DeleteOnReboot.bat

2013-05-16 09:46:51 0BAEFD3F648C6E7AB52990DD9565E4E2 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys

2013-05-16 09:46:50 00E5253353717D3CA12A0F5A6F9991EC 378432 ----a-w- C:\Windows\System32\drivers\aswSP.sys

2013-05-16 09:46:49 9A9565BB92EE412B77B7416DD1D32F0B 59144 ----a-w- C:\Windows\System32\drivers\aswRdr.sys

2013-05-16 09:46:49 29DD8E458A84171202AA4979364C30C0 64288 ----a-w- C:\Windows\System32\drivers\aswTdi.sys

2013-05-16 09:46:49 10ED1CAB84AA65983C41A11F60294C9B 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2013-05-16 09:46:48 6359B99C955DB9F40B653159A0EED261 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys

2013-05-16 09:46:48 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys

2013-05-16 09:46:47 FA562F34ED6633C66170B09182B4C049 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2013-05-15 07:19:51 570DAA0D122E136209823FA8C042EF65 2774016 ----a-w- C:\Windows\System32\win32k.sys

2013-05-15 07:19:05 F3932288EEECD776FF1F9F653AD878F3 901496 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-646492008-2405596893-3632786542-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Systeem\DAEMON Tools Lite\DTLite.exe -autorun"

[HKEY_USERS\S-1-5-21-646492008-2405596893-3632786542-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTHelper"="CTHELPER.EXE"

"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"BrStsWnd"="C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun"

"avast"="F:\Systeem\Avast\avastUI.exe /nogui"

"AsioThk32Reg"="REGSVR32.EXE /S CTASIO.DLL"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="C:\Systeem\DAEMON Tools Lite\DTLite.exe -autorun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe ARM"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CreativeTaskScheduler]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CreativeTaskScheduler"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Creative\\Shared Files\\CTSched.exe\" /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CTxfiHlp]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="CTxfiHlp"

"hkey"="HKLM"

"command"="CTXFIHLP.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DAEMON Tools Lite"

"hkey"="HKCU"

"command"="\"C:\\Systeem\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DivXUpdate"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DriverMax"

"hkey"="HKCU"

"command"="\"C:\\Systeem\\DriverMax\\devices.exe\" -agent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DriverMax_RESTART]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DriverMax_RESTART"

"hkey"="HKCU"

"command"="\"C:\\Systeem\\DriverMax\\devices.exe\" -RESTART"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Google Update"

"hkey"="HKCU"

"command"="\"C:\\Users\\Bart De Laat\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Inspector]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Inspector"

"hkey"="HKCU"

"command"="C:\\Users\\Bart De Laat\\AppData\\Roaming\\Protector-tgno.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"F:\\systeem\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WiFi Station.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\WiFi Station.lnk"

"backup"="C:\\Windows\\pss\\WiFi Station.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~2\\Hercules\\WIFIST~1\\WiFiN.exe -s"

"item"="WiFi Station"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BBSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BITCOMET_HELPER_SERVICE]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FontCache]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FontCache3.0.0.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\fsssvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HerculesWiFi]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasAuto]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RasMan]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\wlidsvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WMPNetworkSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc]

==== Task Scheduler Jobs ======================

C:\Windows\tasks\avast\Undertermined Task.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/05/2013 13:19]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/05/2013 13:19]

C:\Windows\tasks\User_Feed_Synchronization-{33A3981A-5A77-48A8-AE69-14DB8EBE9771}.job --ah----- C:\Windows\system32\msfeedssync.exe [04/04/2013 08:40]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

fnjbmmemklcjgepojigaapkoodmkgbae - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx[08/02/2011 02:17]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/10/2011 11:09]

nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx[08/02/2011 02:17]

Skype Click to Call - Bart De Laat - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Uninstall List x64 ======================

Aare AVI to VCD/DVD/SVCD/MPEG Converter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Aare AVI to VCD/DVD/SVCD/MPEG Converter_is1]

Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FDB3B167-F4FA-461D-976F-286304A57B2A}]

Adobe AIR [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR]

Adobe Flash Player 10 ActiveX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX]

Adobe Reader X (10.0.1) - Nederlands [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1043-7B44-AA0000000001}]

Adobe SVG Viewer 6.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Adobe SVG Viewer]

Advertising Center [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B2EC4A38-B545-4A00-8214-13FE0E915E6D}]

Apple Application Support [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}]

Apple Software Update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}]

avast Free Antivirus [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\avast]

BitComet 1.29 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitComet]

Brother HL-2150N [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{712B0273-E51F-4C8D-BC87-C13784D8F960}]

BS.Player FREE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayerf]

BSPlayer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BSPlayer1]

CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner]

Cisco AnyConnect VPN Client [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6005535D-8A83-4108-A757-E1AB9886AECA}]

Cool & Quiet [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}]

Creative Audio-console [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AudioCS]

Creative Software AutoUpdate [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Creative Software AutoUpdate]

D3DX10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E09C4DB7-630C-4F06-A631-8EA7239923AF}]

DAEMON Tools Lite [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Lite]

DeltaSoft JV 2.1.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E87B0CF-BC80-4F99-8423-FBE9ABC7B431}]

DivX Setup [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DivX Setup.divx.com]

DolbyFiles [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}]

Dolphin Futures XPS Viewer version 1.0.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75480068-162F-4D6B-B38E-76606A4E5320}_is1]

Driver Sweeper 2.1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{71929EC1-FDB2-4A67-AAAD-936E4539FA84}_is1]

Driver Wizard [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Driver Wizard_is1]

DriverMax 5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DMX5_is1]

Dropbox [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dropbox]

Enter The Matrix [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9CD92DB1-1B3B-4296-9456-93EA6BCAA4C5}]

ezNZB v3.1.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ezNZB_is1]

GameSpy Arcade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GameSpy Arcade]

Gapminder Desktop [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2E4125CE-DDCF-8CF6-5A4E-88735CF284F9}]

Gapminder Desktop [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\org.gapminder.desktop.434684C0EEE0B6011903D7CB9F42374B4E5823E7.1]

Google Chrome [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Google Chrome]

Google Update Helper [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]

Grand Theft Auto IV [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{579BA58C-F33D-4970-9953-B94B43768AC3}]

Grand Theft Auto Vice City [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}]

IBM SPSS Statistics 19 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}]

ImagXpress [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}]

Japanese Fonts Support For Adobe Reader X [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-5760-0000-A00000000003}]

Java 7 Update 21 (64-bit) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86417021FF}]

Java 7 Update 9 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83217007FF}]

Java Auto Updater [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}]

Java 6 Update 31 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216031FF}]

Junk Mail filter update [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}]

Malwarebytes Anti-Malware versie 1.75.0.1300 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1]

Mendeley Desktop 1.6 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mendeley Desktop]

Mesh Runtime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}]

Messenger Companion [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8142D25E-028A-4563-86ED-5755783C8029}]

Microsoft .NET Framework 1.1 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}]

Microsoft .NET Framework 1.1 Security Update (KB2698023) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M2698023]

Microsoft .NET Framework 1.1 Security Update (KB2742597) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\M2742597]

Microsoft .NET Framework 3.5 Language Pack SP1 - nld [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{101738D7-D805-37A9-BB91-1F2C351782BF}]

Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}]

Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}]

Microsoft .NET Framework 4 Client Profile NLD Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4567EA14-6BCA-3EF9-859B-92CE48B1D704}]

Microsoft Antimalware Service NL-NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}]

Microsoft Games for Windows - LIVE Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{59E4543A-D49D-4489-B445-473D763C79AF}]

Microsoft IntelliType Pro 7.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}]

Microsoft Office Professional Plus 2007 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PROPLUS]

Microsoft Security Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D954C6C2-544B-4091-A47F-11E77162883E}]

Microsoft Security Client NL-NL Language Pack [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DC911ADF-7B60-40F2-A112-FB1EB6402D07}]

Microsoft Security Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft Security Client]

Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}]

Microsoft SQL Server 2005 Compact Edition [ENU] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}]

Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}]

Microsoft Visual C++ 2005 Redistributable (x64) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}]

Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}]

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}]

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}]

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}]

Microsoft Windows Media Video 9 VCM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WMV9_VCM]

MSVCRT [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}]

MSVCRT_amd64 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D0B44725-3666-492D-BEF6-587A14BD9BD9}]

MSXML 4.0 SP2 (KB927978) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}]

MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}]

MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}]

MSXML 4.0 SP2 Parser and SDK [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{716E0306-8318-4364-8B8F-0CC4E9376BAC}]

Nero 9 Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b49d04e7-6249-48b4-963c-5dee3d232071}]

Nero BurnRights [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7829DB6F-A066-4E40-8912-CB07887C20BB}]

Nero BurnRights Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6BDD7C5-89ED-4569-9318-469AA9732572}]

Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}]

Nero ControlCenter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}]

Nero CoverDesigner [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}]

Nero CoverDesigner Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}]

Nero Disc Copy Gadget [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F1861F30-3419-44DB-B2A1-C274825698B3}]

Nero Disc Copy Gadget Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60C731FB-C951-41CE-AD41-8E54C8594609}]

Nero DiscSpeed [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{869200DB-287A-4DC0-B02B-2B6787FBCD4C}]

Nero DiscSpeed Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CC019E3F-59D2-4486-8D4B-878105B62A71}]

Nero DriveSpeed [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{33CF58F5-48D8-4575-83D6-96F574E4D83A}]

Nero DriveSpeed Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E5C7D048-F9B4-4219-B323-8BDB01A2563D}]

Nero Express Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83202942-84B3-4C50-8622-B8C0AA2D2885}]

Nero InfoTool [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FBCDFD61-7DCF-4E71-9226-873BA0053139}]

Nero InfoTool Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}]

Nero Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E8A80433-302B-4FF1-815D-FCC8EAC482FF}]

Nero Online Upgrade [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}]

Nero PhotoSnap [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9E82B934-9A25-445B-B8DF-8012808074AC}]

Nero PhotoSnap Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1C00C7C5-E615-4139-B817-7F4003DE68C0}]

Nero Recode [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}]

Nero Recode Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}]

Nero ShowTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{02627EE5-EACA-4742-A9CC-E687631773E4}]

Nero ShowTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}]

Nero StartSmart [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7748AC8C-18E3-43BB-959B-088FAEA16FB2}]

Nero StartSmart Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2348B586-C9AE-46CE-936C-A68E9426E214}]

Nero StartSmart OEM [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}]

Nero Vision [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{43E39830-1826-415D-8BAE-86845787B54B}]

Nero Vision Help [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}]

NeroExpress [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{595A3116-40BB-4E0F-A2E8-D7951DA56270}]

neroxml [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}]

NVIDIA-configuratiescherm 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel]

NVIDIA 3D Vision controllerstuurprogramma 285.62 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB]

NVIDIA 3D Vision stuurprogramma 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision]

NVIDIA Display Control Panel [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Display Control Panel]

NVIDIA Grafisch stuurprogramma 311.06 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver]

NVIDIA Install Application [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer]

NVIDIA PhysX [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}]

NVIDIA PhysX systeemsoftware 9.11.0621 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX]

NVIDIA Stereoscopic 3D Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIAStereo]

NVIDIA Update 1.11.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update]

NVIDIA Update Components [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update]

OpenAL [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\OpenAL]

PokerStars.be [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PokerStars.be]

PVSonyDll [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}]

QuickTime [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0E64B098-8018-4256-BA23-C316A43AD9B0}]

R for Windows 3.0.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\R for Windows 3.0.0_is1]

Real Alternative 2.0.2 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RealAlt_is1]

Realtek Ethernet Controller Driver For Windows Vista and Later [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}]

Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}]

Rockstar Games Social Club [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{08B3869E-D282-424C-9AFC-870E04A4BA14}]

RStudio [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RStudio]

SABnzbd 0.6.10 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SABnzbd]

Segoe UI [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}]

Serious Sam: The Second Encounter [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5BDAA2F7-8E48-4AFF-AA92-B559D0CDF1AD}]

Skype Click to Call [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}]

SkypeT 6.0 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA17F4FC-FDBF-4CF8-A529-2D983132D053}]

SuperNZB v4.0.5 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SuperNZB_is1]

Ubisoft Game Launcher [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{888F1505-C2B3-4FDE-835D-36353EBD4754}]

Unreal Tournament G.O.T.Y. Edition [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\UnrealTournament]

VC80CRTRedist - 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5EE7D259-D137-4438-9A5F-42F432EC0421}]

Visual Studio 2010 x64 Redistributables [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{21B133D6-5979-47F0-BE1C-F6A6B304693F}]

WiFi Station [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{63E03919-6657-4C9A-9E37-D54E1A2E3009}]

Winamp [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Winamp]

Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D45240D3-B6B3-4FF9-B243-54ECE3E10066}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2A07C35B-8384-4DA4-9A95-442B6C89A073}]

Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite]

Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}]

Windows Live Family Safety [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B22C8566-D522-4B40-A7AF-525F5A70D832}]

Windows Live ID Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1B8ABA62-74F0-47ED-B18C-A43128E591B8}]

Windows Live Installer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0B0F231F-CE6A-483D-AA23-77B364F75917}]

Windows Live Language Selector [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D07A61E5-A59C-433C-BCBD-22025FA2287B}]

Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9D56775A-93F3-44A3-8092-840E3826DE30}]

Windows Live Mail [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D588365A-AE39-4F27-BDAE-B4E72C8E900C}]

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C32CE55C-12BA-4951-8797-0967FDEF556F}]

Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3F4143A1-9C21-4011-8679-3BC1014C6886}]

Windows Live Mesh [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{DECDCB7C-58CC-4865-91AF-627F9798FE48}]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6A563426-3474-41C6-B847-42B39F1485B2}]

Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EB4DF488-AAEF-406F-A341-CB2AAA315B90}]

Windows Live Messenger Companion Core [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}]

Windows Live MIME IFilter [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DA54F80E-261C-41A2-A855-549A144F2F59}]

Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{92EA4134-10D1-418A-91E1-5A0453131A38}]

Windows Live Movie Maker [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}]

Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9BD262D0-B788-4546-A0A5-F4F56EC3834B}]

Windows Live Photo Common [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}]

Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{3336F667-9049-4D46-98B6-4C743EEBC5B1}]

Windows Live Photo Gallery [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}]

Windows Live PIMT Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{83C292B7-38A5-440B-A731-07070E81A64F}]

Windows Live Remote Client [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DF6D988A-EEA0-4277-AAB8-158E086E439B}]

Windows Live Remote Client Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C9F05151-95A9-4B9B-B534-1760E2D014A5}]

Windows Live Remote Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}]

Windows Live Remote Service Resources [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}]

Windows Live SOXE [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{682B3E4F-696A-42DE-A41C-4C07EA1678B4}]

Windows Live SOXE Definitions [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{200FEC62-3C34-4D60-9CE8-EC372E01C08F}]

Windows Live UX Platform [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}]

Windows Live UX Platform Language Pack [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7E017923-16F8-4E32-94EF-0A150BD196FE}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A726AE06-AAA3-43D1-87E3-70F510314F04}]

Windows Live Writer [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}]

Windows Live Writer Resources [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{14B441B7-774D-4170-98EA-A13667AE6218}]

Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}]

WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver]

==== HijackThis Entries ======================

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Systeem\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [brStsWnd] "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun

O4 - HKLM\..\Run: [avast] "F:\Systeem\Avast\avastUI.exe" /nogui

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Systeem\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-646492008-2405596893-3632786542-1001\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MI1933~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: avast! Antivirus - AVAST Software - F:\Systeem\Avast\AvastSvc.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - F:\Systeem\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Silent Runners ======================

Link naar reactie
Delen op andere sites


==== Silent Runners ======================

"Silent Runners.vbs", revision 69.2, Silent Runners - Adware? Disinfect, don't reformat!

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

DAEMON Tools Lite = "C:\Systeem\DAEMON Tools Lite\DTLite.exe" -autorun [DT Soft Ltd]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [Realtek Semiconductor]

MSC = "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [MS]

itype = "C:\Program Files\Microsoft IntelliType Pro\itype.exe" [MS]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}

AsioThk32Reg = REGSVR32.EXE /S CTASIO.DLL

CTHelper = CTHELPER.EXE [Creative Technology Ltd]

Adobe Reader Speed Launcher = "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [Adobe Systems Incorporated]

SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [sun Microsystems, Inc.]

BrStsWnd = "C:\Program Files (x86)\Brownie\BrstsW64.exe" Autorun [brother]

avast = "F:\Systeem\Avast\avastUI.exe" /nogui [AVAST Software]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\(Default) = (no title provided)

-> {HKLM...CLSID} = avast! Online Security

\InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE64.dll [AVAST Software]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

-> {HKLM...CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation]

-> {HKLM...Wow...CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Oracle Corporation]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

-> {HKLM...CLSID} = Windows Live ID Sign-in Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

-> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

-> {HKLM...CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

-> {HKLM...Wow...CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub

-> {HKLM...CLSID} = Adobe PDF Link Helper

\InProcServer32\(Default) = [file not found]

-> {HKLM...Wow...CLSID} = Adobe PDF Link Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

{326E768D-4182-46FD-9C16-1449A49795F4}\(Default) = Increase performance and video formats for your HTML5 <video>

-> {HKLM...CLSID} = DivX Plus Web Player HTML5 <video>

\InProcServer32\(Default) = [file not found]

-> {HKLM...Wow...CLSID} = DivX Plus Web Player HTML5 <video>

\InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX, LLC]

{593DDEC6-7468-4cdd-90E1-42DADAA222E9}\(Default) = Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites

-> {HKLM...CLSID} = DivX HiQ

\InProcServer32\(Default) = [file not found]

-> {HKLM...Wow...CLSID} = DivX HiQ

\InProcServer32\(Default) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [DivX, LLC]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

-> {HKLM...CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation]

-> {HKLM...Wow...CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\ssv.dll [Oracle Corporation]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\(Default) = (no title provided)

-> {HKLM...Wow...CLSID} = avast! Online Security

\InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE.dll [AVAST Software]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

-> {HKLM...CLSID} = Windows Live ID Sign-in Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

-> {HKLM...Wow...CLSID} = Aanmeldhulp voor Windows Live ID

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\(Default) = (no title provided)

-> {HKLM...Wow...CLSID} = Windows Live Messenger Companion Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [MS]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO

-> {HKLM...CLSID} = Skype Browser Helper

\InProcServer32\(Default) = [file not found]

-> {HKLM...Wow...CLSID} = Skype Browser Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

-> {HKLM...CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

-> {HKLM...Wow...CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

DropboxExt4\(Default) = {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

DropboxExt1\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...Wow...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.]

DropboxExt2\(Default) = {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...Wow...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.]

DropboxExt3\(Default) = {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...Wow...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.]

HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} = DropboxExt

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class

-> {HKLM...CLSID} = DesktopContext Class

\InProcServer32\(Default) = C:\Program Files\NVIDIA Corporation\Display\nvui.dll [NVIDIA Corporation]

{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension

-> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension

\InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~3\Office12\MSOHEVI.DLL [MS]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler

-> {HKLM...CLSID} = Microsoft Office Metadata Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler

-> {HKLM...CLSID} = Microsoft Office Thumbnail Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{09A47860-11B0-4DA5-AFA5-26D86198A780} = EPP

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS]

{ED6E87C6-8A83-43aa-8208-8DBC8247F4D2} = IntelliType Pro Key Settings Control Panel Property Page

-> {HKLM...CLSID} = IntelliType Pro Key Settings Property Page

\InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplkey.dll [MS]

{111D8120-25EB-4E1C-A4DF-C9EE5FCA35CB} = IntelliType Pro Scrolling Control Panel Property Page

-> {HKLM...CLSID} = IntelliType Pro Scrolling Property Page

\InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplwhl.dll [MS]

{97FA8AA2-EE77-4FF2-9449-424D8924EF21} = IntelliType Pro Zooming Control Panel Property Page

-> {HKLM...CLSID} = IntelliType Pro Zooming Property Page

\InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplzm.dll [MS]

{1825D0FA-5B0C-4e20-A929-3EFD15B6DF71} = IntelliType Pro Touchpad Control Property Page

-> {HKLM...CLSID} = IntelliType Pro Touchpad Control Property Page

\InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcpltp.dll [MS]

{A2569D1F-4E06-43EC-9825-0088B471BE47} = IntelliType Pro Wireless Control Panel Property Page

-> {HKLM...CLSID} = IntelliType Pro Wireless Control Panel Property Page

\InProcServer32\(Default) = C:\Program Files\Microsoft IntelliType Pro\itcplwir.dll [MS]

{472083B0-C522-11CF-8763-00608CC02F24} = avast

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{00020d75-0000-0000-c000-000000000046} = Microsoft Office Outlook Desktop Icon Handler

-> {HKLM...Wow...CLSID} = Microsoft Office Outlook

\InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\MLSHEXT.DLL [MS]

{640167b4-59b0-47a6-b335-a6b3c0695aea} = Portable Media Devices

-> {HKLM...Wow...CLSID} = Portable Media Devices

\InProcServer32\(Default) = C:\Windows\system32\audiodev.dll [file not found]

{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} = NeroCoverEd Live Icons

-> {HKLM...Wow...CLSID} = NeroCoverEdLiveIcons Class

\InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG]

{1CA6BBC9-E9FA-4021-822B-075DF1837B63} = NeroDigitalIconHandler

-> {HKLM...Wow...CLSID} = NeroDigitalIconHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{846083A4-BFC6-4447-985C-6578B466A7D7} = NeroDigitalPropSheetHandler

-> {HKLM...Wow...CLSID} = NeroDigitalPropSheetHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} = NeroDigitalColumnHandler

-> {HKLM...Wow...CLSID} = NeroDigitalColumnHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{4FBFFA8D-F390-471a-AE46-FEB93623AD63} = NeroDigitalInfoHandler

-> {HKLM...Wow...CLSID} = NeroDigitalInfoHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} = NeroDigitalThumbnailHandler

-> {HKLM...Wow...CLSID} = NeroDigitalThumbnailHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided)

-> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim

-> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Shim

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim

-> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Editor Shim

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim

-> {HKLM...Wow...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler

-> {HKLM...Wow...CLSID} = Outlook File Icon Extension

\InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\OLKFSTUB.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

-> {HKLM...Wow...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll [MS]

{B41DB860-8EE4-11D2-9906-E49FADC173CA} = WinRAR shell extension

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler

-> {HKLM...Wow...CLSID} = Microsoft Office Metadata Handler

\InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler

-> {HKLM...Wow...CLSID} = Microsoft Office Thumbnail Handler

\InProcServer32\(Default) = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{472083B0-C522-11CF-8763-00608CC02F24} = avast

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}

-> {HKLM...CLSID} = Microsoft Office InfoPath XML Mime Filter

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKCU\Software\Classes\*\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

-> {HKCU...Wow...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

Cover Designer\(Default) = {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}

-> {HKLM...Wow...CLSID} = NeroCoverEdContextMenu Class

\InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG]

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Wow6432Node\*\shellex\ContextMenuHandlers\

avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

Cover Designer\(Default) = {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}

-> {HKLM...Wow...CLSID} = NeroCoverEdContextMenu Class

\InProcServer32\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll [Nero AG]

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM...CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

HKLM\SOFTWARE\Classes\Wow6432Node\AllFilesystemObjects\shellex\ContextMenuHandlers\

00avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM...CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

HKCU\Software\Classes\Directory\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

-> {HKCU...Wow...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\ContextMenuHandlers\

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}

-> {HKLM...CLSID} = (no title provided)

\InProcServer32\(Default) = C:\PROGRA~1\MICROS~2\shellext.dll [MS]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Wow6432Node\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKCU\Software\Classes\Directory\Background\shellex\ContextMenuHandlers\

DropboxExt\(Default) = {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}

-> {HKCU...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [Dropbox, Inc.]

-> {HKCU...Wow...CLSID} = DropboxExt

\InProcServer32\(Default) = C:\Users\Bart De Laat\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [Dropbox, Inc.]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}

-> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension

\InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\Wow6432Node\Directory\Background\shellex\ContextMenuHandlers\

NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}

-> {HKLM...CLSID} = NVIDIA CPL Context Menu Extension

\InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}\(Default) = NeroDigitalExt.NeroDigitalColumnHandler

-> {HKLM...Wow...CLSID} = NeroDigitalColumnHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

-> {HKLM...Wow...CLSID} = PDF Shell Extension

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ColumnHandlers\

{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}\(Default) = NeroDigitalExt.NeroDigitalColumnHandler

-> {HKLM...Wow...CLSID} = NeroDigitalColumnHandler Class

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Nero\SMC\NeroDigitalExt.dll [Nero AG]

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

-> {HKLM...Wow...CLSID} = PDF Shell Extension

\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM...CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\ContextMenuHandlers\

avast\(Default) = {472083B0-C522-11CF-8763-00608CC02F24}

-> {HKLM...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShA64.dll [AVAST Software]

-> {HKLM...Wow...CLSID} = avast

\InProcServer32\(Default) = F:\Systeem\Avast\ashShell.dll [AVAST Software]

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM...CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = F:\Systeem\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

HKLM\SOFTWARE\Classes\Wow6432Node\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}

-> {HKLM...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext64.dll [null data]

WinRAR32\(Default) = {B41DB860-8EE4-11D2-9906-E49FADC173CA}

-> {HKLM...Wow...CLSID} = WinRAR

\InProcServer32\(Default) = C:\Systeem\Winrar\rarext.dll [null data]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

- - - Updated - - -

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

DisableRegistryTools = (REG_DWORD) dword:0x00000000

{unrecognized setting}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:

HKCU\Software\Microsoft\Internet Explorer\Desktop\General\

Wallpaper = C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

Wallpaper = C:\Users\Bart De Laat\AppData\Roaming\Microsoft\Windows Photo Gallery\Bureaubladachtergrond van Windows Fotogalerie.jpg

Enabled Screen Saver:

---------------------

HKCU\Control Panel\Desktop\

SCRNSAVE.EXE = C:\Windows\system32\Bubbles.scr [MS]

Windows Portable Device AutoPlay Handlers

-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

MSLivePhotoAcqHWEventHandler\

Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10

ProgID = Microsoft.LivePhotoAcqHWEventHandler

HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F}

-> {HKLM...CLSID} = (no title provided)

\LocalServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [MS]

MSLivePhotoAcquireDropHandler\

Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10

InvokeProgID = Microsoft.LivePhotoAcqDTShim.1

InvokeVerb = open

HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625}

-> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS]

MSLiveShowPicturesOnArrival\

Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10

InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1

InvokeVerb = open

HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7}

-> {HKLM...CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS]

MSLiveVideoCameraArrivalCaptureWizard\

Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10

ProgID = WLXAutoPlayMgr.WLXHWEventHandler

InitCmdLine = WLXVideoAcquireWizard

HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = {9B5C97F6-B3A5-4A6D-8B03-993EC7291A22}

-> {HKLM...CLSID} = WLXWEventHandler Class

\LocalServer32\(Default) = "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe" [MS]

MSPlayCDAudioOnArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.AudioCD

InvokeVerb = play

HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]

MSPlayDVDMovieOnArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.DVD

InvokeVerb = play

HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /deviceVD "%L" [MS]

MSPlaySuperVideoCDMovieOnArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.VCD

InvokeVerb = play

HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSPlayVideoCDMovieOnArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.VCD

InvokeVerb = play

HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSRipCDAudioOnArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.RipCD

InvokeVerb = Rip

HKLM\SOFTWARE\Classes\WMP.RipCD\shell\Rip\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /RipAudioCD "%L" [MS]

MSWMPBurnCDOnArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.BurnCD

InvokeVerb = Burn

HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]

MSWMPBurnDataDVDArrival\

Provider = @wmploc.dll,-6502

InvokeProgID = WMP.BurnDVD

InvokeVerb = Burn

HKLM\SOFTWARE\Classes\WMP.BurnDVD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /TaskVDWrite /Device:"%L" [MS]

NeroAutoPlay9DVDVideoToNeroDigital\

Provider = Nero Recode

InvokeProgID = Nero.AutoPlay8

InvokeVerb = DVDVideoToNeroDigital_PlayDVDMovieOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\DVDVideoToNeroDigital_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe /New:ReAuthorNeroDigital [Nero AG]

NeroAutoPlay9LaunchNeroStartSmart\

Provider = Nero StartSmart

InvokeProgID = Nero.AutoPlay8

InvokeVerb = LaunchNeroStartSmart_HandleCDBurningOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\LaunchNeroStartSmart_HandleCDBurningOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe /AutoPlay [Nero AG]

NeroAutoPlay9PlayAudioCD\

Provider = Nero ShowTime

InvokeProgID = Nero.AutoPlay8

InvokeVerb = PlayAudioCD_PlayMusicFilesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\PlayAudioCD_PlayMusicFilesOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero ShowTime\ShowTime.exe /Play %L [Nero AG]

NeroAutoPlay9PlayDVD\

Provider = Nero ShowTime

InvokeProgID = Nero.AutoPlay8

InvokeVerb = PlayDVD_PlayVideoFilesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\PlayDVD_PlayVideoFilesOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero ShowTime\ShowTime.exe /Play %L [Nero AG]

NeroAutoPlay9TranscodeVideo\

Provider = Nero Recode

InvokeProgID = Nero.AutoPlay8

InvokeVerb = TranscodeVideo_PlayDVDMovieOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\TranscodeVideo_PlayDVDMovieOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe /New:CopyDVDVideo [Nero AG]

NeroAutoPlay9VideoCapture\

Provider = Nero Vision

ProgID = Shell.HWEventHandlerShellExecute

InitCmdLine = "C:\Program Files (x86)\Nero\Nero 9\Nero Vision\NeroVision.exe" /New:VideoCapture

HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}

-> {HKLM...CLSID} = Shell Execute Hardware Event Handler

\LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS]

NeroAutoPlay9ViewPhotos\

Provider = Nero PhotoSnap Viewer

InvokeProgID = Nero.AutoPlay8

InvokeVerb = ViewPhotos_ShowPicturesOnArrival

HKLM\SOFTWARE\Classes\Nero.AutoPlay8\shell\ViewPhotos_ShowPicturesOnArrival\command\(Default) = C:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe / [Nero AG]

Windows Sidebar Gadgets: {++}

------------------------

C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows Sidebar\Settings.ini

%PROGRAMFILES%\windows sidebar\gadgets\Clock.gadget

%PROGRAMFILES%\windows sidebar\gadgets\RSSFeeds.Gadget

"C:%5CProgram%20Files%5CWindows%20Sidebar%5CShared%20Gadgets%5CaswSidebar.gadget"

Non-disabled Scheduled Tasks: {++}

-----------------------------

C:\Windows\System32\Tasks

CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd]

CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS]

GoogleUpdateTaskMachineCore -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c [Google Inc.]

GoogleUpdateTaskMachineUA -> launches: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]

Microsoft_Hardware_Launch_IType_exe -> (HIDDEN!) launches: C:\Program Files\Microsoft IntelliType Pro\IType.exe [MS]

User_Feed_Synchronization-{33A3981A-5A77-48A8-AE69-14DB8EBE9771} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS]

{1E4FD3CE-91AE-4FEC-87E4-65167C0C0E7E} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Bart De Laat\Desktop\MyLab_Desk_Setup\Setup.exe" -d "C:\Users\Bart De Laat\Desktop\MyLab_Desk_Setup" [MS]

{20BFCCCF-DBAB-4B31-ABE5-EB85513C5284} -> launches: C:\Program Files (x86)\Skype\\Phone\Skype.exe [skype Technologies S.A.]

{34174CD2-9054-478C-BBE6-3B1344EEBAAE} -> launches: C:\Windows\system32\pcalua.exe -a M:\Downloads\daemon411-lite-x86.exe -d M:\Downloads [MS]

{39770C49-2774-46DD-ACA1-C1C88DAF1831} -> launches: C:\Windows\system32\pcalua.exe -a M:\Memoire\MyLab_Desk_Setup\bin\Esaote.Biolab.Install.Console.exe -d M:\Memoire\MyLab_Desk_Setup\bin [MS]

{6149A077-537A-42F7-8E9A-6B6C732EE033} -> launches: C:\Windows\system32\pcalua.exe -a H:\Setup.exe -d H:\ [MS]

{8209880A-6A37-4A32-A4B9-EA190A5FA716} -> launches: C:\Windows\system32\pcalua.exe -a M:\Memoire\MyLab_Desk_Setup\bin\Setup.exe -d M:\Memoire\MyLab_Desk_Setup\bin [MS]

{9D47EC1F-58B5-457A-B8F3-625B0B6BE094} -> launches: C:\Windows\system32\pcalua.exe -a "H:\Pc-EKg 2.02\Install.exe" -d "H:\Pc-EKg 2.02" [MS]

{A21EBABC-6594-451F-87C5-DA7A132D4F5C} -> launches: C:\Windows\system32\pcalua.exe -a "C:\Users\Bart De Laat\Downloads\Intel Chipset Driver 7.2.2.1006\Chipset\Setup.exe" -d "C:\Users\Bart De Laat\Downloads\Intel Chipset Driver 7.2.2.1006\Chipset" [MS]

C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware

Microsoft Antimalware Scheduled Scan -> launches: C:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client

AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}

-> {HKLM...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler

\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

-> {HKLM...Wow...CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler

\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth

UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient

SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

-> {HKLM...CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

-> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

-> {HKLM...CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

-> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

UserTask-Roam -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

-> {HKLM...CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

-> {HKLM...Wow...CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program

Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS]

OptinNotification -> launches: %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag

ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c -i [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center

ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]

mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) -gc [MS]

OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]

OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [MS]

UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC

HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}

-> {HKLM...CLSID} = HotStart User Agent

\InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

TMM -> launches: {35EF4182-F900-4632-B072-8639E4478A61}

-> {HKLM...CLSID} = Transient Multi-Monitor Manager

\InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS]

-> {HKLM...Wow...CLSID} = Transient Multi-Monitor Manager

\InProcServer32\(Default) = C:\Windows\System32\TMM.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI

LPRemove -> launches: %windir%\system32\lpremove.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia

SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}

-> {HKLM...CLSID} = Microsoft PlaySoundService Class

\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

-> {HKLM...Wow...CLSID} = Microsoft PlaySoundService Class

\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetworkAccessProtection

NAPStatus UI -> launches: {f09878a1-4652-4292-aa63-8c7d4fd7648f}

-> {HKLM...CLSID} = Nap ITask Handler Implementation

\InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS]

-> {HKLM...Wow...CLSID} = Nap ITask Handler Implementation

\InProcServer32\(Default) = C:\Windows\System32\QAgent.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC

RACAgent -> (HIDDEN!) launches: %windir%\system32\RacAgent.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance

RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Shell

CrawlStartPages -> launches: {51653423-e62d-4ff7-894a-dabb2b8e21e2}

-> {HKLM...CLSID} = CrawlStartPages Task Handler

\InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS]

-> {HKLM...Wow...CLSID} = CrawlStartPages Task Handler

\InProcServer32\(Default) = C:\Windows\System32\srchadmin.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow

GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}

-> {HKLM...CLSID} = GadgetsManager Class

\InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore

SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip

IpAddressConflict1 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]

IpAddressConflict2 -> launches: rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

WSHReset -> (HIDDEN!) launches: %systemroot%\system32\netsh.exe interface tcp set heuristic wsh=default [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework

MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}

-> {HKLM...CLSID} = MsCtfMonitor task handler

\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

-> {HKLM...Wow...CLSID} = MsCtfMonitor task handler

\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP

UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI

ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}

-> {HKLM...CLSID} = DiagnosticInfrastructureCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

-> {HKLM...Wow...CLSID} = DiagnosticInfrastructureCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting

QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Wired

GatherWiredInfo -> launches: %windir%\system32\gatherWiredInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Wireless

GatherWirelessInfo -> launches: %windir%\system32\gatherWirelessInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE

Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1}

-> {HKLM...Wow...CLSID} = Windows Live Social Object Extractor Engine Definition Updater

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS]

C:\Windows\System32\Tasks\WPD

SqmUpload_S-1-5-21-646492008-2405596893-3632786542-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]

000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]

000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries64\ {++}

000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]

000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]

000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 10

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries64\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 10

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} = (no title provided)

-> {HKLM...CLSID} = avast! Online Security

\InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE64.dll [AVAST Software]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\

{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} = (no title provided)

-> {HKLM...Wow...CLSID} = avast! Online Security

\InProcServer32\(Default) = F:\Systeem\Avast\aswWebRepIE.dll [AVAST Software]

Explorer Bars

HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\

{0000036B-C524-4050-81A0-243669A86B9F}\

ButtonText = @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600

CLSIDExtension = {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3}

-> {HKLM...Wow...CLSID} = Windows Live Messenger Companion Command Bar Button

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [MS]

{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\

ButtonText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004

MenuText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003

CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC}

-> {HKLM...Wow...CLSID} = BlogThisToolbarButton Class

\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [MS]

{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\

ButtonText = Skype Click to Call

MenuText = Skype Click to Call

CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5}

-> {HKLM...Wow...CLSID} = Skype Browser Helper

\InProcServer32\(Default) = C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\

ButtonText = Research

BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

-> {HKLM...Wow...CLSID} = &Onderzoeken

\InProcServer32\(Default) = C:\PROGRA~2\MI1933~1\Office12\REFIEBAR.DLL [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

avast! Antivirus, avast! Antivirus, "F:\Systeem\Avast\AvastSvc.exe" [AVAST Software]

Cisco AnyConnect VPN Agent, vpnagent, "C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe" [Cisco Systems, Inc.]

Creative Audio Service, CTAudSvcService, C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [Creative Technology Ltd]

Microsoft .NET Framework NGEN v4.0.30319_X64, clr_optimization_v4.0.30319_64, C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [MS]

Microsoft .NET Framework NGEN v4.0.30319_X86, clr_optimization_v4.0.30319_32, C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [MS]

Microsoft Antimalware Service, MsMpSvc, "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [MS]

NVIDIA Display Driver Service, nvsvc, "C:\Windows\system32\nvvsvc.exe" [NVIDIA Corporation]

NVIDIA Stereoscopic 3D Driver Service, Stereo Service, "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe" [NVIDIA Corporation]

NVIDIA Update Service Daemon, nvUpdatusService, "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [NVIDIA Corporation]

Safe Mode Drivers & Services (subkey name, subkey default value):

-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> MsMpSvc, Service

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> MsMpSvc, Service

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Low\Content.IE5 emptied successfully

C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Content.IE5\index.dat will be deleted at reboot

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Bart De Laat\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\BARTDE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Bart De Laat\AppData\Local\Microsoft\Windows\d\Content.IE5\index.dat" not found

"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on vr 17/05/2013 at 11:48:43,89 ======================

In drie delen, omdat de server het er anders moeilijk mee had.

Hopelijk is er iets dat meer duidelijkheid geeft.

nogmaals bedankt,

Link naar reactie
Delen op andere sites


Probeer eens Avast opnieuw te installeren over de bestaande versie heen. Download eventueel eerst de nieuwste versie.

Als dat niet lukt of het probleem is niet opgelost, verwijder dan Avast volledig, ruim het register op met CCleaner en installeer dan de nieuwste versie van Avast.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (als je niet wilt dat Google Chrome op je PC als standaard-webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”.

Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Link naar reactie
Delen op andere sites

Nieuwste versie van Avast erover geinstalleerd; dat ging zonder problemen, maar de foutmelding bleef bestaan. Toen installatie ongedaan gemaakt en met CCleaner het register opgeruimd; nog altijd een foutmelding.

Nu net Chrome ook nog eens verwijderd (met Ccleaner erachter aan door het register), maar helaas, nog geen beterschap...

Is het tijd om de windows-CD's weer boven te halen?

Link naar reactie
Delen op andere sites

Daar zou ik nog mee wachten want volgens mij is het een zaak van de virusscanner of van Chrome.

En ik gok op chrome aangezien je in je eerste bericht zegt dat IE het probleem niet heeft.

Chrome resetten lukt niet door enkel verwijderen en opnieuw installeren.

Om Chrome te resetten moet je Chrome verwijderen en dan het bestandje first run verwijderen in de map C:\Gebruikers\gebruikersnaam\AppData\Local\Google\Chrome\Application

Daarna kan je Chrome weer installeren en zou je een "propere" versie moeten hebben.

Bron

Als het met het resetten van Chrome nog niet is opgelost, kan je eens een andere virusscanner proberen; Avira of AVG hebben ook free versies.

Link naar reactie
Delen op andere sites

Chrome nogmaals verwijderd en nu ook het mapje in de appdata. Avast ook nogmaals verwijderd en CCleaner na beiden nog een keer laten draaien. Daarna ook nog eens de zoek.exe, de adwcleaner en combofix laten draaien, maar zonder resultaat: de nieuwe chrome geeft nog steeds de ' mislukt - Virus gedetecteerd ' melding...

Ik zal ondertussen Avira eens installeren, misschien dat die iets op pikt.

groeten,

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...