Archief - dagelijkse crashes

Ænima · 1 okt 2012

Hey!

Sinds een dag of 10 ervaar ik dagelijks een crash van elke actieve applicatie op mijn desktop, bvb.;

-windows verkenner
-word/excel (windows vraagt om programma opnieuw op te starten, wat vervolgens ook lukt)
-google chrome
-enz.

Héél vervelend, gezien er hierdoor telkens wel wat werk verloren gaat...

Het zou super zijn mocht iemand de tijd vinden om eens naar mijn log te kijken.

Alvast bedankt hiervoor!

Groeten,
Kristof

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:25:34, on 1/10/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exea
C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe
C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
C:\Program Files (x86)\Common Files\Autodesk Shared\Revit Shared\LibWrapper30.exe
C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe
D:\gebruiker\Documents\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN | Hotmail | Messenger | Nieuws, sport, entertainment, video, lifestyle, auto en nog veel meer, dat is MSN !
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG

ystem.ini: UserInit=userinit.exe
O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: DIALux 3.1 ULDBrowserHelper Class - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files (x86)\DIALux\DLXShellExtension.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: G Data CloudSecurity Class - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: G Data CloudSecurity - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Google Update] "C:\Users\gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [chromium] C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Toevoegen aan bestaande PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AAA6A2DD-807D-4122-A831-333D2082553D}: NameServer = 195.238.2.21
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Network Licensing Service - Autodesk, Inc. - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: DIAL Communication Service (DialComService) - Unknown owner - C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15226 bytes

Juisterr · 2 okt 2012

Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op.
>>Hier<< kunt u lezen hoe u Combofix dient te gebruiken.

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix.

* (hier of hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

* Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion." herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Ænima · 3 okt 2012

Reeds bedankt voor jouw reply!

Bij deze, de log van ComboFix (1/2, tekst is te lang):

ComboFix 12-10-02.02 - gebruiker 03/10/2012 13:15:13.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.32.1043.18.16367.13842 [GMT 2:00]
Gestart vanuit: d:\gebruiker\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Savings Sidekick
c:\program files (x86)\Savings Sidekick\Savings Sidekick.dll
c:\program files (x86)\Savings Sidekick\Savings Sidekick.exe
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ico
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ini
c:\program files (x86)\Savings Sidekick\Savings SidekickGui.exe
c:\program files (x86)\Savings Sidekick\Savings SidekickInstaller.log
c:\program files (x86)\Savings Sidekick\Uninstall.exe
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\_ctypes.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\_elementtree.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\_hashlib.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\_socket.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\_ssl.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\pyexpat.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\pysqlite2._sqlite.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\python26.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\pythoncom26.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\pywintypes26.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\select.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\unicodedata.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32api.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32com.shell.shell.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32crypt.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32event.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32file.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32inet.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32pdh.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32process.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\win32security.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\windows._cacheinvalidation.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._controls_.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._core_.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._gdi_.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._html2.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._misc_.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._windows_.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wx._wizard.pyd
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wxbase293u_net_vc.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wxbase293u_vc.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wxmsw293u_adv_vc.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wxmsw293u_core_vc.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wxmsw293u_html_vc.dll
c:\users\GEBRUI~1\AppData\Local\Temp\_MEI40202\wxmsw293u_webview_vc.dll
c:\users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\{420FE885-F908-4DC1-8C5E-52CFF55AB891}.xps
c:\users\gebruiker\AppData\Local\Savings Sidekick
c:\users\gebruiker\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\_ctypes.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\_elementtree.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\_hashlib.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\_socket.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\_ssl.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\pyexpat.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\pysqlite2._sqlite.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\python26.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\pythoncom26.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\pywintypes26.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\select.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\unicodedata.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32api.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32com.shell.shell.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32crypt.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32event.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32file.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32inet.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32pdh.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32process.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\win32security.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\windows._cacheinvalidation.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._controls_.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._core_.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._gdi_.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._html2.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._misc_.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._windows_.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wx._wizard.pyd
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wxbase293u_net_vc.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wxbase293u_vc.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wxmsw293u_adv_vc.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wxmsw293u_core_vc.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wxmsw293u_html_vc.dll
c:\users\gebruiker\AppData\Local\Temp\_MEI40202\wxmsw293u_webview_vc.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-03 to 2012-10-03 ))))))))))))))))))))))))))))))
.
.
2012-10-03 11:20 . 2012-10-03 11:20 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2012-10-03 10:58 . 2012-10-03 10:58 -------- d-----w- c:\users\gebruiker\.thumbnails
2012-10-03 10:57 . 2012-10-03 10:58 -------- d-----w- c:\users\gebruiker\.gimp-2.6
2012-09-26 12:07 . 2012-10-03 06:26 -------- d-----r- c:\users\gebruiker\Dropbox
2012-09-26 12:02 . 2012-10-03 11:13 -------- d-----w- c:\users\gebruiker\AppData\Roaming\Dropbox
2012-09-26 06:26 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 15:18 . 2012-09-24 15:18 -------- d-----w- c:\users\gebruiker\AppData\Local\TechSmith
2012-09-24 15:18 . 2012-09-24 15:18 -------- d-----w- c:\program files (x86)\TechSmith
2012-09-19 13:41 . 2012-09-19 13:41 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-19 13:40 . 2012-09-19 13:40 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-09-19 13:40 . 2012-09-19 13:40 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-09-19 13:40 . 2012-09-19 13:40 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-19 13:40 . 2012-09-19 13:40 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-09-18 12:25 . 2012-09-21 06:33 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-09-18 12:25 . 2012-09-19 13:41 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-09-18 12:25 . 2012-09-19 13:41 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2012-09-18 12:25 . 2012-09-19 13:40 68576 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-09-18 12:25 . 2012-09-19 13:40 2288608 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-09-18 12:25 . 2012-09-19 13:40 192600 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-09-18 12:25 . 2012-09-19 13:40 114144 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-09-14 06:20 . 2012-09-14 06:20 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-12 06:24 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 06:24 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 06:24 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 06:24 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 06:24 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 06:24 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 06:24 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-19 13:40 . 2012-01-18 08:41 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-19 13:40 . 2012-01-18 08:41 289768 ----a-w- c:\windows\system32\javaws.exe
2012-09-19 13:40 . 2012-01-18 08:41 189416 ----a-w- c:\windows\system32\javaw.exe
2012-09-19 13:40 . 2012-01-18 08:41 188904 ----a-w- c:\windows\system32\java.exe
2012-09-14 06:20 . 2012-02-08 13:13 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-24 13:43 . 2012-08-24 13:43 384352 ----a-w- c:\windows\system32\drivers\avgtdia.sys
2012-08-22 06:29 . 2012-04-27 11:33 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-07-26 01:21 . 2012-07-26 01:21 291680 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2012-07-18 18:15 . 2012-08-15 06:48 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-13 06:19 . 2012-03-30 15:44 87488 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-13 06:19 . 2012-03-30 15:44 34720 ----a-w- c:\windows\system32\LMIport.dll
2012-07-13 06:19 . 2012-03-30 15:44 80800 ----a-w- c:\windows\system32\LMIinit.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 94208 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2012-01-03 1243040]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-09-06 15668432]
"Spotify Web Helper"="c:\users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-06-04 932528]
"Akamai NetSession Interface"="c:\users\gebruiker\AppData\Local\Akamai\netsession_win.exe" [2012-08-10 4440896]
"chromium"="c:\users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-09-25 1239064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-04-29 284440]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-01-03 36760]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-01-03 815512]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
.
c:\users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-8-27 26924984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update-service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-21 116648]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 DialComService;DIAL Communication Service;c:\program files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe [2011-10-17 1673520]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-01-20 1432400]
R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-21 116648]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-19 114144]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-01-19 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-29 13592]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-07-13 375208]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-12-10 381248]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-03-07 40832]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-03-07 65280]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2011-07-07 174184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-13 413800]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
Inhoud van de 'Gedeelde Taken' map
.
2012-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-31 07:42]
.
2012-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-31 07:42]
.
2012-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3076412844-2721296706-1216296337-1000Core.job
- c:\users\gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-18 07:32]
.
2012-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3076412844-2721296706-1216296337-1000UA.job
- c:\users\gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-18 07:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19 97792 ----a-w- c:\users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-09-06 13:51 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2011-09-07 1694016]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
.

Ænima · 3 okt 2012

(2/2)

------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.es/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
TCP: Interfaces\{AAA6A2DD-807D-4122-A831-333D2082553D}: NameServer = 195.238.2.21
FF - ProfilePath - c:\users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\pp6hwb0n.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS VERWIJDERD - - - -
.
BHO-{11111111-1111-1111-1111-110011501160} - c:\program files (x86)\Savings Sidekick\Savings Sidekick.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-Savings Sidekick - c:\program files (x86)\Savings Sidekick\Uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe
c:\program files (x86)\TeamViewer\Version7\tv_w32.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Voltooingstijd: 2012-10-03 13:29:48 - machine werd herstart
ComboFix-quarantined-files.txt 2012-10-03 11:29
.
Pre-Run: 284.954.537.984 bytes beschikbaar
Post-Run: 297.027.444.736 bytes beschikbaar
.
- - End Of File - - 4673EDC76B4DDA091BAEC8CD3D6044CC

Juisterr · 4 okt 2012

Gaat het al beter nu ?

Ænima · 5 okt 2012

Hey

Nee, nog steeds hetzelfde probleem :-s
't Wordt zelfs erger heb ik de indruk (meerdere keren per dag)...

Alvast bedankt om dit op te volgen.

mvg,
Kristof

Juisterr · 6 okt 2012

De scan kan een tijdje duren omdat je hele schijf afgezocht wordt naar recent geplaatste bestanden.
"zoek.exe" gebruiken:

Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens het gebruik soms als trojan aangezien.

(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
- Windows 2000 en Windows XP: start de tool middels dubbelklik op "zoek.exe".
- Windows Vista en Windows 7: start de tool middels rechtsklik op "zoek.exe" en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande code en plak die in het grote invulvenster:

Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
Code:
```
emptytemp;
filesrcm;
emptyclsid;
startupall;
emptyjava;
emptyflash;
emptyIEcache;
iedefaults;
```
Sluit nu eerst alle overige nog openstaande programmavensters!
Klik daarna op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.

Ænima · 31 okt 2012

Zoek.exe Version 3.0.0.4 Updated 30-10-2012
Tool run by gebruiker on wo 31/10/2012 at 8:30:39,74.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="http://www.google.es/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search/?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"SuggestionsURLFallback"="http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie

ectionHeight}&FORM=IE8SSC&market={language}"
"FaviconURLFallback"="http://www.bing.com/favicon.ico"
"FaviconPath"="C:\\Users\\gebruiker\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"
"DisplayName"="Bing"
"URL"="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"SuggestionsURLFallback"="http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie

ectionHeight}&FORM=IE8SSC&market={language}"
"FaviconPath"="C:\\Users\\gebruiker\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"
"DisplayName"="Bing"
"URL"="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2012-10-12 11:12:13 3542F31DA54D71B07785AB8439E1AF65 41224 ----a-w- C:\Windows\avastSS.scr
2012-10-03 11:13:54 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe
2012-10-03 11:13:54 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe
2012-10-03 11:13:54 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe
2012-10-03 11:13:54 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe
2012-10-03 11:13:54 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2012-10-12 11:12:24 1D0C299F826122260FEDD506101BB68B 24720 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys
2012-10-12 11:12:24 1559E18B3EBD98E1F430BD55A5827B7D 339376 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2012-10-12 11:12:23 E3FC3CC6131D27AC2F5BA244E2F77882 19600 ----a-w- C:\Windows\Sysnative\drivers\aswKbd.sys
2012-10-12 11:12:23 860454645FFA9E012396EFB007FFF865 59728 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys
2012-10-12 11:12:23 603AF911A448D1256243E1E3C72F1739 54072 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2012-10-12 11:12:23 5AD49C7E456231B69B398140253D9FCE 824000 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2012-10-12 11:12:23 12ECBC6F39AB995EABB20DD3D995F8F0 70552 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2012-10-10 07:02:30 E453ACF4E7D44E5530B5D5F2B9CA8563 1659760 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2012-10-24 07:06:46 -------- d-----w- C:\Program Files\TortoiseSVN
2012-10-24 07:06:46 -------- d-----w- C:\Program Files\Common Files\TortoiseOverlays
======= C:\Program Files (x86) =====
2012-10-24 07:06:46 -------- d-----w- C:\Program Files (x86)\Common Files\TortoiseOverlays
2012-10-09 14:25:29 -------- d-----w- C:\Program Files (x86)\WinMerge
======= C: =====
====== C:\Users\gebruiker\AppData\Roaming ======
2012-10-03 11:29:49 -------- d-----w- C:\users\Public\AppData\Local\temp
2012-10-03 11:29:49 -------- d-----w- C:\users\Default\AppData\Local\temp
2012-10-03 11:29:49 -------- d-----w- C:\users\Default User\AppData\Local\temp
====== C:\Users\gebruiker ======
2012-10-03 12:44:26 A684C0524A27EB4E9809ADAE9CCDFB5C 2356 ----a-w- C:\Users\gebruiker\.recently-used.xbel
2012-10-03 11:29:49 -------- d-----w- C:\Users\Public\AppData
2012-10-03 10:58:14 -------- d-----w- C:\Users\gebruiker\.thumbnails
2012-10-03 10:57:34 -------- d-----w- C:\Users\gebruiker\.gimp-2.6

====== C: exe-files ==
=== C: other files ==
2012-10-30 12:12:34 FF13BC0EAD656E2DE88BD245BA3D2BF7 1214976 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\wxmsw293u_adv_vc.dll
2012-10-30 12:12:34 D4E7C1546CF3131B7D84B39F8DA9E321 59904 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\mfcm90.dll
2012-10-30 12:12:34 B921FB870C9AC0D509B2CCABBBBE95F3 989696 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\kernel32.dll
2012-10-30 12:12:34 B9030D821E099C79DE1C9125B790E2DA 1162744 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\mfc90u.dll
2012-10-30 12:12:34 ABC5DCAC962AE8AF7AF214DD0D6D4FF6 110592 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\PyWinTypes26.dll
2012-10-30 12:12:34 9E6AD2917D6FD7730FF37B50F7053183 1972224 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\wxbase293u_vc.dll
2012-10-30 12:12:34 9CFCB3CA3D83B4EAA133F0644A2C6F31 23040 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\psapi.dll
2012-10-30 12:12:34 699EFC4D6FE0A2FE24D7049608F2D543 593408 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\wxmsw293u_html_vc.dll
2012-10-30 12:12:34 65EE7A7C20134DED91485AEF23C882D4 354304 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\pythoncom26.dll
2012-10-30 12:12:34 462DDCC5EB88F34AED991416F8E354B2 1156600 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\mfc90.dll
2012-10-30 12:12:34 3D01C7F884349A6170A1E0D3CF812333 81920 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\wxmsw293u_webview_vc.dll
2012-10-30 12:12:34 371226B8346F29011137C7AA9E93F2F6 59904 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\mfcm90u.dll
2012-10-30 12:12:34 30F3D3E322C5339004415D7BC8BF246E 2149888 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\python26.dll
2012-10-30 12:12:34 2B9A6B7B7A3997C12841A5D869F022A4 4555264 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\wxmsw293u_core_vc.dll
2012-10-30 12:12:34 29CD1F3E9148FCD542DEC355A41776AF 152576 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\wxbase293u_net_vc.dll
2012-10-30 12:12:34 08B99916C98E15F6C28D24D73E53B45A 8461312 ----a-w- C:\Users\gebruiker\AppData\Local\Temp\_MEI102042\shell32.dll
2012-10-30 08:44:06 1DF7957D9E651C955D261C768341B415 34816 ----a-w- C:\Autodesk\RME_BE_NL_2013\WTSN.RME_BE_EXT.CalculateDrain.dll
2012-10-30 08:41:50 87C58502137C45DBCE68B0FC6C03ED88 141312 ----a-w- C:\Users\gebruiker\AppData\Local\Microsoft\VCSExpress\10.0\ProjectAssemblies\3oao7bau01\WTSN.RME.BE_Localiser.dll
2012-10-30 08:41:50 5D05139E1724547B030CC40B4879E508 20480 ----a-w- C:\Users\gebruiker\AppData\Local\Microsoft\VCSExpress\10.0\ProjectAssemblies\dhc4naiz01\WTSN.COMMON.dll
2012-10-30 08:41:50 4B5C78098EE98DDB0809D5ECC9CDA4A6 4608 ----a-w- C:\Users\gebruiker\AppData\Local\Microsoft\VCSExpress\10.0\ProjectAssemblies\jvfoolfo01\Properties.Resources.Designer.cs.dll
2012-10-24 10:42:03 D1D90154FEC722544105BAB22D253FBE 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\trk.dll
2012-10-24 10:42:03 C591F4C265E285C094975E45E154F03F 294400 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\plk.dll
2012-10-24 10:42:03 BD31470F7D880B4078B789AEE0B2DF51 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\nor.dll
2012-10-24 10:42:03 90B7C78FC451EFDEB6C600BC1732278D 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\ptb.dll
2012-10-24 10:42:03 8C5E12BEC5EEA07C0EED4FB622C976A6 294400 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\rus.dll
2012-10-24 10:42:03 4B06498C62F337D6E9E6D7970A879573 294400 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\ptg.dll
2012-10-24 10:42:03 4376223193A63D60A5F94E317B8F003F 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\sve.dll
2012-10-24 10:42:02 D2D546D4BCDF42602AEE99FC467AEC73 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\deu.dll
2012-10-24 10:42:02 901C80C55DE87C34429A576145B6C7FC 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\fin.dll
2012-10-24 10:42:02 8FC0B367A58765E9E79269F556FF813E 292864 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\kor.dll
2012-10-24 10:42:02 85D80D4BD19A2E65AF27474498C08B9F 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\nld.dll
2012-10-24 10:42:02 75120931BE27138BDB00390F6CD256AA 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\dan.dll
2012-10-24 10:42:02 6BAB0A21F11A9FB41042B6E1D670E0AA 292864 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\cht.dll
2012-10-24 10:42:02 68C5A06E8987ECA051F612248E3D0DE1 292864 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\chs.dll
2012-10-24 10:42:02 5EF00A8B861E061F9CB01F5C53985F8F 293376 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\jpn.dll
2012-10-24 10:42:02 5670FEEEE98DBFF225D477113D0118D7 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\ita.dll
2012-10-24 10:42:02 39B2438A44C3AD1CB0C4F7D1099A1707 294400 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\fra.dll
2012-10-24 10:42:02 0FC5F4E06E5BA31648B38F197566FB86 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\csy.dll
2012-10-24 10:42:02 048E88D8DC721EEA8EBCFA6EBC02E42D 293888 ----a-w- C:\Users\gebruiker\AppData\Local\Akamai\Languages\esp.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3076412844-2721296706-1216296337-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"Spotify Web Helper"="C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Akamai NetSession Interface"="C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe"
"chromium"="C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Acrobat Speed Launcher"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"
"avast"="C:\Program Files\AVAST Software\Avast Business\avastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"Spotify Web Helper"="C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Akamai NetSession Interface"="C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe"
"chromium"="C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Folders ======================

2012-09-26 12:02:59 1015 ----a-w- C:\users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/03/2012 08:42]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/03/2012 08:42]

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Users\gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

Juisterr · 31 okt 2012

Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
Download AdwCleaner by Xplode naar het bureaublad.

Sluit alle openstaande vensters.
Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
Voor XP: Gewoon dubbelklikken op AdwCleaner.
Klik vervolgens op Verwijderen.
Klik bij AdwCleaner – Information op OK
Klik bij AdwCleaner – Restart Required op OK

Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
Nadat de PC opnieuw is opgestart, opent een logfile.
Post aansluitend de inhoud van dit log in je volgende bericht.

Ænima · 5 nov 2012

Hieronder de log van adwcleaner:

# AdwCleaner v2.006 - Verslag gemaakt op 05/11/2012 om 08:09:41
# Geactualiseerd op 30/10/2012 door Xplode
# Besturingssysteem : Windows 7 Professional Service Pack 1 (64 bits)
# Gebruiker : gebruiker - WITAS9
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : D:\gebruiker\Desktop\adwcleaner.exe
# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

Map Verwijdert : C:\ProgramData\IBUpdaterService

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\AppDataLow\Software
Sleutel Verwijdert : HKCU\Software\InstalledBrowserExtensions
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160}
Sleutel Verwijdert : HKCU\Software\Softonic
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0005060.FBApi.1
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110011501160}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33333333-3333-3333-3333-330033503360}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77777777-7777-7777-7777-770077507760}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077507760}

***** [Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Het register bevat geen enkele ongeoorloofde invoer.

-\\ Mozilla Firefox v15.0.1 (nl)

Profielnaam : default
File : C:\Users\gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\pp6hwb0n.default\prefs.js

Verwijdert : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1341388837);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.active", true);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.affid", "0");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.backgroundver", 7);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1341388837");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1341388837");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Fri Oct 26 2012 12:[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Fri Nov 02 2012 [...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22BE%22");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1351248630");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1347878601607");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2252712%22");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1347878145380");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.domain", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.emailsig", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.exposesites", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.group", 0);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "37");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Fri Oct 26[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 7);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 4);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "(function(f,b){if(typeof(b)==[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 3);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Verwijdert : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 15);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.premium", true);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Verwijdert : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Verwijdert : user_pref("extensions.crossriderapp5060.5060.ver", 37);
Verwijdert : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Verwijdert : user_pref("extensions.crossriderapp5060.apps", "5060");
Verwijdert : user_pref("extensions.crossriderapp5060.bic", "139d3cc1d2a1cd566cd63caf579241b1");
Verwijdert : user_pref("extensions.crossriderapp5060.cid", 5060);
Verwijdert : user_pref("extensions.crossriderapp5060.firstrun", false);
Verwijdert : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Verwijdert : user_pref("extensions.crossriderapp5060.installationdate", 1347878133);
Verwijdert : user_pref("extensions.crossriderapp5060.lastcheck", 22520810);
Verwijdert : user_pref("extensions.crossriderapp5060.lastcheckitem", 22520811);
Verwijdert : user_pref("extensions.crossriderapp5060.misc.lastBgWorkerTimer", "1347879453401");
Verwijdert : user_pref("extensions.crossriderapp5060.misc.lastDomWorkerTimer", "1347879453395");
Verwijdert : user_pref("extensions.crossriderapp5060.modetype", "production");
Verwijdert : user_pref("[email protected]", true);
Verwijdert : user_pref("extensions.enabledAddons", "[email protected]:1.2,{F53C93F1-07D5-430c-[...]

-\\ Google Chrome v22.0.1229.94

File : C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] De file bevat geen enkele ongeoorloofde invoer.

*************************

AdwCleaner[S1].txt - [16272 octets] - [05/11/2012 08:09:41]

########## EOF - C:\AdwCleaner[S1].txt - [16333 octets] ##########

Juisterr · 5 nov 2012

Beter nu ?

Ænima · 6 nov 2012

Net nog opnieuw een crash gehad. Niet dus

't Is nu wel zo dat de problemen zich enkel maar voordoen na een (re)boot, als ik zo'n kwartier bezig ben ongeveer.

In elk geval, nogmaals bedankt om dit op te volgen!

mvg,
Kristof

Juisterr · 6 nov 2012

Download OTL naar je Bureaublad

Dubbelklik op OTL.com om het programma te openen. Zorg ervoor dat all andere vensters gesloten zijn, en laat het programma ongestoord zijn werk doen.
Zet een vinkje bij Scan All Users.
Klik op de knop Quick Scan. Verander de instellingen van OTL niet, tenzij ik je hiervoor specifiek instructies geef. De scan zal niet heel erg lang duren.
- Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is. OTL.Txt en Extras.Txt. Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.
- Kopieer (Bewerken->Alles selecteren, Bewerken->Kopiëren) en plak (Bewerken->Alles selecteren, Bewerken->Plakken) de inhoud van deze twee bestanden één voor één in je volgende bericht.

Ænima · 6 nov 2012

Inhoud OTL.Txt (1/3):

OTL logfile created on: 6/11/2012 15:32:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\gebruiker\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

15,98 Gb Total Physical Memory | 13,35 Gb Available Physical Memory | 83,51% Memory free
31,97 Gb Paging File | 29,23 Gb Available in Paging File | 91,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 365,66 Gb Total Space | 270,29 Gb Free Space | 73,92% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 60,31 Gb Free Space | 60,31% Space Free | Partition Type: NTFS
Drive W: | 8238,71 Gb Total Space | 7851,35 Gb Free Space | 95,30% Space Free | Partition Type: NTFS
Drive X: | 8238,71 Gb Total Space | 7851,35 Gb Free Space | 95,30% Space Free | Partition Type: NTFS
Drive Z: | 8238,71 Gb Total Space | 7851,35 Gb Free Space | 95,30% Space Free | Partition Type: NTFS

Computer Name: WITAS9 | User Name: gebruiker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/06 15:29:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\gebruiker\Desktop\OTL.com
PRC - [2012/10/25 15:45:50 | 016,052,192 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2012/10/09 09:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe
PRC - [2012/08/29 11:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012/08/27 05:21:12 | 026,924,984 | ---- | M] (Dropbox, Inc.) -- C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 02:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/07/16 15:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012/07/16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012/07/16 15:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012/07/04 15:18:53 | 004,251,328 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast Business\AvastUI.exe
PRC - [2012/07/04 15:18:52 | 000,200,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast Business\AvastNet.exe
PRC - [2012/07/04 15:18:52 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe
PRC - [2012/06/04 13:08:01 | 000,932,528 | ---- | M] () -- C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/01/17 10:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2012/01/03 14:10:50 | 000,815,512 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/10 21:12:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/04/30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/04/30 00:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/06 08:06:15 | 000,096,256 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32api.pyd
MOD - [2012/11/06 08:06:15 | 000,086,016 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\_elementtree.pyd
MOD - [2012/11/06 08:06:15 | 000,040,448 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\_socket.pyd
MOD - [2012/11/06 08:06:15 | 000,023,040 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32ts.pyd
MOD - [2012/11/06 08:06:14 | 000,792,576 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._gdi_.pyd
MOD - [2012/11/06 08:06:14 | 000,571,392 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\pysqlite2._sqlite.pyd
MOD - [2012/11/06 08:06:14 | 000,263,168 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32com.shell.shell.pyd
MOD - [2012/11/06 08:06:14 | 000,070,656 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._html2.pyd
MOD - [2012/11/06 08:06:14 | 000,011,776 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32crypt.pyd
MOD - [2012/11/06 08:06:13 | 001,024,024 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\windows._cacheinvalidation.pyd
MOD - [2012/11/06 08:06:13 | 000,017,920 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32profile.pyd
MOD - [2012/11/06 08:06:12 | 000,731,136 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._misc_.pyd
MOD - [2012/11/06 08:06:12 | 000,354,304 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\pythoncom26.dll
MOD - [2012/11/06 08:06:12 | 000,110,592 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32security.pyd
MOD - [2012/11/06 08:06:12 | 000,110,592 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\pywintypes26.dll
MOD - [2012/11/06 08:06:12 | 000,073,728 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\_ctypes.pyd
MOD - [2012/11/06 08:06:11 | 000,645,120 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\_ssl.pyd
MOD - [2012/11/06 08:06:10 | 001,169,408 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._core_.pyd
MOD - [2012/11/06 08:06:10 | 000,807,424 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._windows_.pyd
MOD - [2012/11/06 08:06:10 | 000,311,808 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\_hashlib.pyd
MOD - [2012/11/06 08:06:10 | 000,036,352 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32process.pyd
MOD - [2012/11/06 08:06:10 | 000,022,528 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32pdh.pyd
MOD - [2012/11/06 08:06:09 | 000,121,856 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._wizard.pyd
MOD - [2012/11/06 08:06:09 | 000,111,104 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32file.pyd
MOD - [2012/11/06 08:06:09 | 000,039,424 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32inet.pyd
MOD - [2012/11/06 08:06:08 | 001,056,256 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\wx._controls_.pyd
MOD - [2012/11/06 08:06:08 | 000,585,728 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\unicodedata.pyd
MOD - [2012/11/06 08:06:08 | 000,153,088 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\pyexpat.pyd
MOD - [2012/11/06 08:06:08 | 000,017,920 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\win32event.pyd
MOD - [2012/11/06 08:06:07 | 000,011,776 | ---- | M] () -- C:\Users\GEBRUI~1\AppData\Local\Temp\_MEI10922\select.pyd
MOD - [2012/06/14 02:26:37 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8036b60a803443f3c61c48b4959f722d\IAStorUtil.ni.dll
MOD - [2012/06/14 02:23:29 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 02:23:25 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/06/04 13:08:01 | 000,932,528 | ---- | M] () -- C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012/05/14 09:10:52 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d89ee849317b4d93ea78842dd78f79c0\IAStorCommon.ni.dll
MOD - [2012/05/14 07:21:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/14 07:20:39 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/14 07:20:34 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/14 07:20:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/14 07:20:30 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/14 07:19:55 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/01/03 14:12:12 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\nl_NL\AcroTray.NLD
MOD - [2011/04/12 13:59:18 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_nl_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/11/13 00:33:28 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll

========== Services (SafeList) ==========

SRV:64bit: - [2012/07/04 15:18:52 | 000,200,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast Business\AvastNet.exe -- (avast! Net Client Service)
SRV:64bit: - [2012/07/04 15:18:52 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast Business\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/01/20 13:10:38 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2011/09/27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/07/29 13:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2012/09/19 14:40:59 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/29 11:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/08/13 02:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/16 15:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012/07/13 07:20:11 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
SRV - [2012/07/13 07:19:47 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012/06/07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 03:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/10 21:12:48 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/17 23:11:03 | 001,673,520 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\DIAL GmbH\DIAL Communication Framework\DialComService.exe -- (DialComService)
SRV - [2011/09/16 13:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011/04/30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/06/13 04:05:48 | 001,539,224 | ---- | M] (Autodesk, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskNetSrv.exe -- (Autodesk Network Licensing Service)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/24 14:43:16 | 000,384,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/07/26 02:21:28 | 000,291,680 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/07/13 07:19:47 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012/07/04 15:19:17 | 000,824,000 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/04 15:19:17 | 000,339,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/04 15:19:17 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/04 15:19:17 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/04 15:19:16 | 000,070,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/04 15:19:16 | 000,024,720 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/07/04 15:19:16 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/04/19 03:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/31 03:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 12:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 12:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 12:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/09/16 13:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011/09/16 13:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011/09/02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/02 07:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/02 07:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/07/08 00:21:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/04/26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/07 10:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011/03/07 10:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011/01/15 17:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2011/01/13 12:58:00 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/12/16 23:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/21 09:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 22:59:33 | 005,020,672 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 15:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV - [2011/09/16 13:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-BE
IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 68 80 88 C5 3B 33 CD 01 [binary data]
IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_es&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

Ænima · 6 nov 2012

Inhoud OTL.Txt (2/3):

========== FireFox ==========

FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\gebruiker\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\gebruiker\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/09/11 08:17:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012/03/21 08:45:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/03 07:34:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast Business\WebRep\FF [2012/10/12 12:12:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/19 14:41:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/03/21 08:45:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/07/05 07:27:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.0.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012/01/19 09:24:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gebruiker\AppData\Roaming\mozilla\Extensions
[2012/01/19 09:24:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gebruiker\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/10/26 11:54:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\pp6hwb0n.default\extensions
[2012/10/26 11:50:27 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\pp6hwb0n.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012/10/18 07:32:59 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\pp6hwb0n.default\extensions\[email protected]
[2012/10/18 07:32:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\gebruiker\AppData\Roaming\mozilla\Firefox\Profiles\pp6hwb0n.default\extensions\[email protected]\chrome\content\extensionCode
[2012/01/15 22:55:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/01/15 22:55:35 | 000,000,000 | ---D | M] (G Data CloudSecurity) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2012/03/21 08:45:11 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 10.0\ACROBAT\BROWSER\WCFIREFOXEXTN
[2012/07/03 07:34:56 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/09/19 14:41:00 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/19 14:40:58 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/09/19 14:40:58 | 000,001,892 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
[2012/09/19 14:40:58 | 000,004,558 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
[2010/01/01 09:00:00 | 000,001,111 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\vandale-nl.xml
[2012/09/19 14:40:58 | 000,001,049 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

========== Chrome ==========

CHR - homepage: Google
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google

riginalQueryForSuggestion}{google

earchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google

earchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: Google
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\gebruiker\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Google Update (Enabled) = C:\Users\gebruiker\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Angry Birds = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Zoeken = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: sharkZapper for Grooveshark = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcaneijaapiiojfmgmdjeapgpapbjohb\1.4.3_0\
CHR - Extension: AutoCAD WS = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcjeclnkejmbepoibfnamioojinoopln\1.4.3_0\
CHR - Extension: Grooveshark Non-Stop = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flgdeakeeekllcpldfampgbamohdagdp\1.1_0\
CHR - Extension: Planetarium = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp\1.1.2_0\
CHR - Extension: AdBlock = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: Ads-free Grooveshark = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafggjhmihflaeblhdhjpbdadcofgfaf\0.5.1_0\
CHR - Extension: Google Cloud Print = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmpbihcdnggfkckonfphcpjjckoebebn\1.2_0\
CHR - Extension: avast! WebRep = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1455_0\
CHR - Extension: Cycling the Alps = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh\4.9.0.0_0\
CHR - Extension: eBook Search = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiodggcinjkmjlciplimhpejdocioond\3.0_0\
CHR - Extension: Google Fusion Tables = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdnmaikkkpjhjifkbhomohbpfmnljeal\1.0_0\
CHR - Extension: AVG Safe Search = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: Harvest = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\laddjnahcdblbgdpbfmlllllmcimepem\1.0_0\
CHR - Extension: Google Maps = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\
CHR - Extension: Google Play Books = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.8_0\
CHR - Extension: Grooveshark Enhancement Suite = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbglmejghppifhhbdhbaijiagbaedeec\1.7_0\
CHR - Extension: AVG Do Not Track = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: WeVideo for Google Drive = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb\1.0.5_0\
CHR - Extension: Readability = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi\1.13_0\
CHR - Extension: Picasa = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
CHR - Extension: Instagram for Chrome = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\3.1.1_0\
CHR - Extension: Instagram for Chrome = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb\3.2_0\
CHR - Extension: Gmail = C:\Users\gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/10/03 12:22:03 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE64.dll (G Data Software AG)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DIALux 3.1 ULDBrowserHelper Class) - {69AB812A-8CE4-4BF3-B49B-3B60A9F31FB2} - C:\Program Files (x86)\DIALux\DLXShellExtension.dll (DIAL GmbH, Germany)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE.dll (G Data Software AG)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE64.dll (G Data Software AG)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast Business\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (G Data CloudSecurity) - {AADAC261-4EE9-473A-AB95-D8E153424C38} - C:\Program Files (x86)\G Data\G Data CloudSecurity\CloudSecurityIE.dll (G Data Software AG)
O3 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast Business\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000..\Run: [Akamai NetSession Interface] C:\Users\gebruiker\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000..\Run: [Spotify Web Helper] C:\Users\gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - Startup: C:\Users\gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3076412844-2721296706-1216296337-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAA6A2DD-807D-4122-A831-333D2082553D}: NameServer = 195.238.2.21
O18:64bit: - Protocol\Handler\dialux - No CLSID value found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\dialux {8352FA4C-39C6-11D3-ADBA-00A0244FB1A2} - C:\Program Files (x86)\DIALux\DLXToolBox.dll (DIAL GmbH, Germany)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/05 16:35:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Ænima · 6 nov 2012

Inhoud OTL.Txt (3/3):

========== Files/Folders - Created Within 30 Days ==========

[2012/11/06 15:29:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\gebruiker\Desktop\OTL.com
[2012/10/31 08:35:43 | 000,000,000 | ---D | C] -- C:\Windows\Temp
[2012/10/31 08:35:43 | 000,000,000 | ---D | C] -- C:\Users\gebruiker\AppData\Local\Temp
[2012/10/30 21:41:01 | 003,811,144 | ---- | C] (Witas Ingenieursbureau bvba ) -- D:\gebruiker\Desktop\setup RME_BE Localiser V3.1.0.ex
[2012/10/25 16:27:43 | 000,000,000 | ---D | C] -- D:\gebruiker\Desktop\ETAP
[2012/10/24 08:12:01 | 000,000,000 | ---D | C] -- D:\gebruiker\Desktop\RME_BE_INSTALLERS 2012
[2012/10/24 08:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseSVN
[2012/10/24 08:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\TortoiseSVN
[2012/10/24 08:06:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\TortoiseOverlays
[2012/10/24 08:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TortoiseOverlays
[2012/10/12 12:12:24 | 000,339,376 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/10/12 12:12:24 | 000,024,720 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/10/12 12:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Endpoint Protection
[2012/10/12 12:12:23 | 000,824,000 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/10/12 12:12:23 | 000,070,552 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/10/12 12:12:23 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/10/12 12:12:23 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/10/12 12:12:23 | 000,019,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012/10/12 12:12:22 | 000,258,560 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/10/12 12:12:13 | 000,201,392 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/10/12 12:12:13 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/12 12:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/10/12 12:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/10/09 15:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMerge
[2012/10/09 15:25:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinMerge
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/11/06 15:29:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\gebruiker\Desktop\OTL.com
[2012/11/06 15:11:00 | 000,001,062 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/06 14:59:00 | 000,001,082 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3076412844-2721296706-1216296337-1000UA.job
[2012/11/06 14:12:15 | 000,237,568 | ---- | M] () -- D:\gebruiker\Desktop\BE_G T-stuk - PE2.rfa
[2012/11/06 09:11:00 | 000,001,058 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/06 09:07:44 | 001,663,048 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/11/06 09:07:44 | 000,743,092 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012/11/06 09:07:44 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/11/06 09:07:44 | 000,152,208 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012/11/06 09:07:44 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/11/06 08:59:00 | 000,001,030 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3076412844-2721296706-1216296337-1000Core.job
[2012/11/06 08:55:25 | 099,463,560 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/11/06 08:12:57 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/06 08:12:57 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/06 08:05:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/06 08:05:03 | 4281,683,966 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/05 16:20:36 | 034,430,976 | ---- | M] () -- D:\gebruiker\Desktop\Project2012.rvt
[2012/11/05 15:24:58 | 031,649,792 | ---- | M] () -- D:\gebruiker\Desktop\Project2012.0002.rvt
[2012/11/05 08:07:51 | 000,540,977 | ---- | M] () -- D:\gebruiker\Desktop\adwcleaner.exe
[2012/10/31 08:29:09 | 000,987,136 | ---- | M] () -- D:\gebruiker\Desktop\zoek.exe
[2012/10/30 21:40:33 | 003,811,144 | ---- | M] (Witas Ingenieursbureau bvba ) -- D:\gebruiker\Desktop\setup RME_BE Localiser V3.1.0.ex
[2012/10/25 17:06:30 | 000,200,704 | ---- | M] () -- D:\gebruiker\Desktop\BE_E_DET TL-armatuur - medium.rfa
[2012/10/25 15:40:58 | 000,180,224 | ---- | M] () -- D:\gebruiker\Desktop\BE_E_DET TL-armatuur - medium.0001.rfa
[2012/10/25 14:47:42 | 050,200,576 | ---- | M] () -- D:\gebruiker\Desktop\TEST VERSIE WITAS.rvt
[2012/10/18 16:30:11 | 000,294,237 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/10/18 07:37:52 | 000,054,316 | ---- | M] () -- D:\gebruiker\Desktop\The Aubin Academy Master Series_ Revit MEP 2012 - Paul F. Aubin, Darryl McClella.pdf
[2012/10/12 12:27:49 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/10/11 16:23:33 | 035,078,144 | ---- | M] () -- D:\gebruiker\Desktop\Project - flip annotatie.rvt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/11/06 14:12:15 | 000,237,568 | ---- | C] () -- D:\gebruiker\Desktop\BE_G T-stuk - PE2.rfa
[2012/11/05 08:07:50 | 000,540,977 | ---- | C] () -- D:\gebruiker\Desktop\adwcleaner.exe
[2012/10/31 08:35:43 | 000,167,424 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2012/10/31 08:29:06 | 000,987,136 | ---- | C] () -- D:\gebruiker\Desktop\zoek.exe
[2012/10/25 15:40:58 | 000,200,704 | ---- | C] () -- D:\gebruiker\Desktop\BE_E_DET TL-armatuur - medium.rfa
[2012/10/25 15:40:58 | 000,180,224 | ---- | C] () -- D:\gebruiker\Desktop\BE_E_DET TL-armatuur - medium.0001.rfa
[2012/10/25 14:45:39 | 050,200,576 | ---- | C] () -- D:\gebruiker\Desktop\TEST VERSIE WITAS.rvt
[2012/10/18 07:37:46 | 000,054,316 | ---- | C] () -- D:\gebruiker\Desktop\The Aubin Academy Master Series_ Revit MEP 2012 - Paul F. Aubin, Darryl McClella.pdf
[2012/10/12 12:12:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/10/09 16:04:20 | 034,430,976 | ---- | C] () -- D:\gebruiker\Desktop\Project2012.rvt
[2012/10/09 16:04:20 | 031,649,792 | ---- | C] () -- D:\gebruiker\Desktop\Project2012.0002.rvt
[2012/10/03 13:44:26 | 000,002,356 | ---- | C] () -- C:\Users\gebruiker\.recently-used.xbel
[2012/10/03 12:13:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/03 12:13:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/03 12:13:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/03 12:13:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/03 12:13:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/30 16:18:44 | 000,027,520 | ---- | C] () -- C:\Users\gebruiker\AppData\Local\dt.dat
[2012/07/04 09:01:01 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012/05/16 16:05:47 | 000,000,250 | ---- | C] () -- C:\Windows\CwControls.INI
[2012/05/15 07:54:14 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\CyraServiceCom.dll
[2012/01/19 14:28:19 | 000,007,595 | ---- | C] () -- C:\Users\gebruiker\AppData\Local\Resmon.ResmonCfg
[2012/01/19 09:24:47 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2012/01/18 09:30:49 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/01/18 09:17:48 | 000,000,103 | ---- | C] () -- C:\Windows\Dialux.ini
[2012/01/17 15:13:09 | 001,640,272 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/08 19:10:56 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2012/01/08 19:06:53 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012/01/08 18:54:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/12/10 21:12:58 | 000,307,008 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/11/09 14:16:44 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll
[2011/05/15 07:55:00 | 000,000,236 | RH-- | C] () -- C:\Windows\sys337d.dat

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/01/19 10:35:35 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\3Dconnexion
[2012/02/06 09:28:15 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Autodesk
[2012/01/15 22:52:36 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\AVG2012
[2012/07/19 10:25:57 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Bluebits
[2012/11/06 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Dropbox
[2012/04/25 09:26:26 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\ICSharpCode
[2012/01/15 22:58:23 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\InfraRecorder
[2012/01/15 23:00:37 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\inkscape
[2012/01/15 22:51:47 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\IrfanView
[2012/01/31 09:39:05 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\ISTool
[2012/04/27 12:33:48 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Leadertech
[2012/05/15 08:22:19 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Leica Geosystems
[2012/01/15 22:54:12 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\OpenOffice.org
[2012/06/18 12:09:51 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Peb
[2012/06/04 14:39:12 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Spotify
[2012/01/18 10:17:47 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Subversion
[2012/04/06 07:26:16 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\TeamViewer
[2012/01/19 09:24:46 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\Thunderbird
[2012/01/15 22:56:49 | 000,000,000 | ---D | M] -- C:\Users\gebruiker\AppData\Roaming\OpenDisc

========== Purity Check ==========

< End of report >

Ænima · 6 nov 2012

Inhoud Extras.Txt (1/2):

OTL Extras logfile created on: 6/11/2012 15:32:47 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = D:\gebruiker\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000813 | Country: België | Language: NLB | Date Format: d/MM/yyyy

15,98 Gb Total Physical Memory | 13,35 Gb Available Physical Memory | 83,51% Memory free
31,97 Gb Paging File | 29,23 Gb Available in Paging File | 91,44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 365,66 Gb Total Space | 270,29 Gb Free Space | 73,92% Space Free | Partition Type: NTFS
Drive D: | 100,00 Gb Total Space | 60,31 Gb Free Space | 60,31% Space Free | Partition Type: NTFS
Drive W: | 8238,71 Gb Total Space | 7851,35 Gb Free Space | 95,30% Space Free | Partition Type: NTFS
Drive X: | 8238,71 Gb Total Space | 7851,35 Gb Free Space | 95,30% Space Free | Partition Type: NTFS
Drive Z: | 8238,71 Gb Total Space | 7851,35 Gb Free Space | 95,30% Space Free | Partition Type: NTFS

Computer Name: WITAS9 | User Name: gebruiker | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1CCFF15A-70FB-4FEB-87D2-DBEDFB15F79F}" = lport=25322 | protocol=17 | dir=in | name=avast! sbc |
"{687E6141-1F35-485B-B7DF-632270B26AFE}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{C5995B6A-3B2C-4216-A879-75DEB6E90DA9}" = lport=25322 | protocol=6 | dir=in | name=avast! sbc |
"{D4E6DBA1-FECA-4FEE-A0D0-C4D5EDF11994}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03BEEB19-E96C-4B77-80C5-468E62739719}" = protocol=6 | dir=in | app=c:\users\gebruiker\appdata\roaming\dropbox\bin\dropbox.exe |
"{1363ED91-0236-4D3B-BA61-B04A4B4E1C29}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{16423F2E-4483-46D7-B70C-4113DE2317CD}" = protocol=6 | dir=in | app=c:\users\gebruiker\appdata\roaming\spotify\spotify.exe |
"{239F1141-7BEE-42BB-813C-CDE632BCDB3A}" = protocol=17 | dir=in | app=c:\users\gebruiker\appdata\roaming\dropbox\bin\dropbox.exe |
"{2677DC29-523F-442E-AFF1-9DDB133B803F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{2E010F3B-1200-40E0-95F7-F5E61E24F8AE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{2F935235-1113-4FD3-AF74-C37A407E2453}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3ACDFA13-7B00-4472-B089-8FBB814C6060}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3EED63CF-338A-48DC-9800-66F8A77B8DDE}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{41CCC6FC-42C6-4673-8409-43AA8237816B}" = dir=in | app=c:\peb\2.0.1\jre1.5.0_18\bin\java.exe |
"{4476AF56-9C5F-4E1B-9C9F-6CEFE2D12686}" = dir=in | app=c:\windows\system32\msdtc.exe |
"{4C82B4A3-9725-4F96-9DF6-F07853FC7F06}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{4F4222F9-5E61-4A33-B0D1-CA7417504BF8}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{524E5C49-1184-42A4-9A72-14B930CE9964}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{59A6CB4E-2AB0-48A9-824A-1A7E13AFF56D}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{842FCBEF-C117-4C9C-A281-7627179925F2}" = protocol=17 | dir=in | app=c:\users\gebruiker\appdata\roaming\spotify\spotify.exe |
"{8455DC57-04CB-4B2C-9436-35A3B3AE0DEF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{85C041A6-E27B-4E05-8184-BA447A878D77}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{8730B20D-0A6D-4FA0-B0CC-94E6B18E7D31}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{96EB1838-09BA-487B-9C4A-6D45271FFCB1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9D6F5D7F-FD5B-4835-BECF-41EA5B71C24A}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{A9D2A8E3-6FB1-4FD3-939E-E91B655D2D8E}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{AD5D457C-DC1B-454B-B280-956426C46019}" = dir=in | app=c:\peb\2.0.1\jre1.5.0_18\bin\javaw.exe |
"{AF568C12-F006-4564-A9E5-207E31236203}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{BC6D8776-D3BD-4C9B-B252-F2BCA887D285}" = dir=out | app=c:\peb\2.0.1\jre1.5.0_18\bin\javaw.exe |
"{BF409E89-8583-4407-98F4-4FFB25E5E7C7}" = dir=out | app=c:\peb\2.0.1\jre1.5.0_18\bin\java.exe |
"{D0960FC5-0D1E-4FBF-AAAE-CF8517D03491}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{EB6F646D-5B61-4614-9BE2-2801F31C0556}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{F3606702-F5DA-45FA-A102-EC766C404ED7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F53DC89E-6521-4C24-8857-87027E42AE19}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{F814C31A-18C9-4D79-BCAA-6934A227C441}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{FAFCF7CF-B87D-4AD2-90CA-5597A88CB17A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"TCP Query User{285FE542-9E6C-4FDF-90A9-434049F61ECB}C:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{8E4DEB9F-0FDE-407B-BD55-3322E49C4FB3}C:\users\gebruiker\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\gebruiker\appdata\local\akamai\netsession_win.exe |
"UDP Query User{1E2235A8-41E1-47FA-ADF9-2BF8D70EEFD6}C:\users\gebruiker\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\gebruiker\appdata\local\akamai\netsession_win.exe |
"UDP Query User{CF3C97A3-E552-49BB-8419-8AD1D87D42B5}C:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0CA30245-F843-407F-8FA6-52880DF8E67C}" = 3Dconnexion Plug-In for NX v3.0 - v8.0
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2001197F-7545-41F7-9078-E8D23B3BBEAF}" = 3Dconnexion Plug-In for Photoshop CS3 - CS5
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)
"{344C0D46-2EF4-4BC8-AE03-3DACDA9B9485}" = AVG 2012
"{3781D899-BB45-44D5-ADE0-E8299CC5AAEF}" = 3Dconnexion Plug-In for 3ds Max v9 - 2012
"{3CE64BF1-5AC5-4B46-B2E7-9897923F3BBE}" = 3Dconnexion Plug-In for Maya v8.5 - 2012
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-A006-0409-0102-0060B0CE6BBA}" = AutoCAD MEP 2012 - English
"{5783F2D7-A006-0409-1102-0060B0CE6BBA}" = AutoCAD MEP 2012 Language Pack - English
"{5783F2D7-A028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2012
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{71EFF430-1A34-423E-8EAF-A80173960A8E}" = TortoiseSVN 1.7.10.23359 (64 bit)
"{7346B4A0-1200-0310-0409-705C0D862004}" = Revit MEP 2012
"{7346B4A0-1200-0311-0409-705C0D862004}" = Revit MEP 2012 Language Pack - English
"{7346B4A0-1300-0310-0409-705C0D862004}" = Revit MEP 2013
"{7346B4A0-1300-0311-0409-705C0D862004}" = Revit MEP 2013 Language Pack - English
"{7346B4A0-1300-0510-040C-705C0D862004}" = Revit 2013
"{7346B4A0-1300-0511-040C-705C0D862004}" = Module linguistique de Revit 2013 - Français
"{79DB6EB2-1072-4F72-8263-5461607775C7}" = 3Dconnexion Add-On for XSI v5.0 - 2012
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010
"{90A80D89-A0E4-33C1-B13D-B93CB3496867}" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision stuurprogramma 276.42
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA-configuratiescherm 276.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafisch stuurprogramma 276.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.02
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision controllerstuurprogramma 276.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio-stuurprogramma 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{BCA26999-EC22-3007-BB79-638913079C9A}" = Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{C026CEB6-EDE7-4C02-B860-F5DEAA93A72B}" = 3Dconnexion Add-In for Inventor 11 - 2012
"{C31F3560-0007-4955-9F65-75CB47F82DB5}" = Autodesk Revit MEP 2011 x64
"{C3417F46-8A6E-4728-BAE2-C5D1604741B1}" = Feature Extraction for Autodesk Revit 2012
"{C3FB95A9-7A13-431E-B6E5-0E1E43DB8176}" = 3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 1.0
"{C4CBE331-9BFC-456B-A4D8-4E43E5EA3788}" = 3Dconnexion Add-In for AutoCAD 2007 - 2010
"{CCB10E03-45F1-46D2-821B-9BE8D3A6D864}_is1" = RME_BE Localiser V2.3.0
"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU
"{D4B4ACE4-983C-4734-AD8C-D45662DB4296}" = 3Dconnexion 3DxWare (x64)
"{E77EA99F-5EDE-4F54-8C9D-FCC57F87DAD6}" = 3Dconnexion Add-In for SolidWorks 2005 - 2012 (x64)
"{EE49E6E2-67AE-4B7B-9804-BF099C4EDA14}" = 3Dconnexion Add-In for Solid Edge V18 - ST4
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"AutoCAD MEP 2012 - English" = AutoCAD MEP 2012 - English
"Autodesk Revit 2013" = Autodesk Revit 2013
"Autodesk Revit MEP 2011 x64" = Autodesk Revit MEP 2011 x64
"Autodesk Revit MEP 2012" = Autodesk Revit MEP 2012
"Autodesk Revit MEP 2013" = Autodesk Revit MEP 2013
"AVG" = AVG 2012
"DWG TrueView 2012" = DWG TrueView 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU" = Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"sp6" = Logitech SetPoint 6.32

Ænima · 6 nov 2012

Inhoud Extras.Txt (2/2):

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{13B61614-9B6B-4A45-A62A-D3272D53192F}" = G Data CloudSecurity
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{1910EF67-D4B8-4561-9252-4F2EFF2E17AE}" = 3Dconnexion Plug-in for Acrobat 3D
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2BFDA78F-39F7-4537-9995-71424CFA88BB}" = LogMeIn
"{2F45F727-D45A-466B-9350-464A3C41BD8A}" = Autodesk Revit MEP 2013 Space Naming Utility
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{44BAF785-9664-4790-BA18-CA971E888E41}" = Leica CloudWorx for Revit 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{4F6F5C1E-F109-4A58-8F43-9A1039CDAFC9}" = Zumtobel - Product Explorer
"{562D0D31-FBAF-4505-8B27-4EC92EEA91D6}" = DIAL Communication Framework
"{58760EEC-8B6A-43F4-81AA-696E381DFADD}" = Autodesk Material Library Medium Resolution Image Library 2013
"{59F24743-2EA1-3A45-B8C2-6E0E1E078FA8}" = Microsoft Visual C# 2010 Express - ENU
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{60925EBA-240B-43D6-998C-FF9CC255168F}" = Trikker V1.5.16
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AAB8068-BEB6-4CB6-958E-717EA6402467}" = 3Dconnexion Trainer
"{6D236956-B79D-4748-BEA3-A039334A66AB}" = 3Dconnexion Collage
"{6DA2B636-698A-3294-BF4A-B5E11B238CDD}" = Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A41B75-926C-43F5-B981-C633F6FB3C5C}" = Leica Cyclone 7.4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{852252AE-F555-4BA1-B451-4E4C230D18F2}" = 3Dconnexion Extension for SketchUp
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8CC9F4D8-D938-412B-B67D-A28FA7BDB8AA}" = Jing
"{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}" = Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
"{90140000-0015-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
"{90140000-0016-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
"{90140000-0018-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
"{90140000-0019-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
"{90140000-001A-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
"{90140000-001B-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
"{90140000-001F-0413-0000-0000000FF1CE}_Office14.SingleImage_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0413-1000-0000000FF1CE}_Office14.SingleImage_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
"{90140000-002C-0413-0000-0000000FF1CE}_Office14.SingleImage_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
"{90140000-006E-0413-0000-0000000FF1CE}_Office14.SingleImage_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
"{90140000-00A1-0413-0000-0000000FF1CE}_Office14.SingleImage_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91221AAC-F2A0-4028-8016-C7DAF63CB6CC}" = FARO LS 1.1.408.2
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E12684-DD23-4D11-ACAF-6041954BCA00}_is1" = ISTool 5.3.0.1
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1040-7D70-BA7E-000000000005}" = Adobe Acrobat X Standard - Italiano, Español, Nederlands, Português
"{AC76BA86-7AD7-1043-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Nederlands
"{B313002A-C539-4C41-8291-235257CC3688}" = Worksharing Monitor for Autodesk Revit 2013
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}" = 3Dconnexion 3DxSoftware (x64 Edition)
"{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}" = Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729
"{C3BAE9CC-EC6B-4B3E-80C1-C1EC29A09AF8}" = OpenOffice.org 3.3
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{DFCCFB23-85D5-4C5D-95A0-024AA313C038}" = Worksharing Monitor for Autodesk Revit 2012
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF67AE1A-6B31-4C98-91A9-F195D8702150}" = Google Drive
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}" = Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity_is1" = Audacity 1.2.6
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"avast" = avast! Endpoint Protection
"Dia" = Dia (kendu soilik)
"DIALux" = DIALux 4.10
"FARO LS_is1" = FARO LS 4.8.2.25521
"ffdshow_is1" = ffdshow v1.2.4422 [2012-04-09]
"HRglobal Serie_is1" = HRglobal Serie
"InfraRecorder" = InfraRecorder
"Inkscape" = Inkscape 0.48.0
"Inno Setup 5_is1" = Inno Setup QuickStart Pack version 5.3.7
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft Visual C# 2010 Express - ENU" = Microsoft Visual C# 2010 Express - ENU
"Mozilla Firefox 15.0.1 (x86 nl)" = Mozilla Firefox 15.0.1 (x86 nl)
"Mozilla Thunderbird (3.0.3)" = Mozilla Thunderbird (3.0.3)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office 2010 voor Thuisgebruik en Zakelijke toepassingen
"POV-Ray for Windows v3.6" = POV-Ray for Windows v3.6.0
"TeamViewer 7" = TeamViewer 7
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinMerge_is1" = WinMerge 2.12.4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3076412844-2721296706-1216296337-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/11/2012 9:47:24 | Computer Name = WITAS9 | Source = .NET Runtime | ID = 1026
Description =

Error - 5/11/2012 9:47:24 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WTSN.INSTALLER.AddinManagerConsole.exe,
versie: 3.0.0.0, tijdstempel: 0x5097c25a Naam van module met fout: KERNELBASE.dll,
versie: 6.1.7601.17932, tijdstempel: 0x503285c2 Uitzonderingscode: 0xe0434352 Foutoffset:
0x000000000000caed Id van proces met fout: 0xcc0 Starttijd van toepassing met fout:
0x01cdbb5c15b050a7 Pad naar toepassing met fout: D:\gebruiker\Desktop\RME_BE_INSTALLERS
2012\WTSN.INSTALLER.AddinManagerConsole\bin\Debug\WTSN.INSTALLER.AddinManagerConsole.exe
Pad
naar module met fout: C:\Windows\system32\KERNELBASE.dll Rapport-id: 53b98b7c-274f-11e2-8a55-50e54953206f

Error - 5/11/2012 9:57:07 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WSCommCntr3.exe, versie: 3.5.12.0, tijdstempel:
0x4ea9c430 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000004e4b4 Id van proces
met fout: 0x5a8 Starttijd van toepassing met fout: 0x01cdbb5d705a154a Pad naar toepassing
met fout: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe
Pad
naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: af65cfc7-2750-11e2-8a55-50e54953206f

Error - 5/11/2012 10:59:27 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WSCommCntr3.exe, versie: 3.5.12.0, tijdstempel:
0x4ea9c430 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000004e4b4 Id van proces
met fout: 0x1ac0 Starttijd van toepassing met fout: 0x01cdbb6625cb39cb Pad naar toepassing
met fout: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe
Pad
naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 64992710-2759-11e2-8a55-50e54953206f

Error - 5/11/2012 10:59:50 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WSCommCntr3.exe, versie: 3.5.12.0, tijdstempel:
0x4ea9c430 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000004e4b4 Id van proces
met fout: 0xce8 Starttijd van toepassing met fout: 0x01cdbb66340789c7 Pad naar toepassing
met fout: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe
Pad
naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 71e6cdce-2759-11e2-8a55-50e54953206f

Error - 5/11/2012 11:33:29 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WSCommCntr3.exe, versie: 3.5.12.0, tijdstempel:
0x4ea9c430 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000004e4b4 Id van proces
met fout: 0x2390 Starttijd van toepassing met fout: 0x01cdbb6ae7411f10 Pad naar toepassing
met fout: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe
Pad
naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 25b922e4-275e-11e2-8a55-50e54953206f

Error - 6/11/2012 3:06:43 | Computer Name = WITAS9 | Source = WinMgmt | ID = 10
Description =

Error - 6/11/2012 3:13:33 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WSCommCntr3.exe, versie: 3.5.12.0, tijdstempel:
0x4ea9c430 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000004e4b4 Id van proces
met fout: 0x1bc4 Starttijd van toepassing met fout: 0x01cdbbee3ab1fe01 Pad naar toepassing
met fout: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe
Pad
naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 7902ca31-27e1-11e2-bb0c-50e54953206f

Error - 6/11/2012 3:13:49 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: explorer.exe, versie: 6.1.7601.17567,
tijdstempel: 0x4d672ee4 Naam van module met fout: DropboxExt64.14.dll, versie: 1.0.0.14,
tijdstempel: 0x4bfd6934 Uitzonderingscode: 0xc000041d Foutoffset: 0x0000000000005a68
Id
van proces met fout: 0x368 Starttijd van toepassing met fout: 0x01cdbbee3b8bbf61
Pad
naar toepassing met fout: C:\Windows\explorer.exe Pad naar module met fout: C:\Users\gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
Rapport-id:
82c9d508-27e1-11e2-bb0c-50e54953206f

Error - 6/11/2012 3:18:44 | Computer Name = WITAS9 | Source = Application Error | ID = 1000
Description = Naam van toepassing met fout: WSCommCntr3.exe, versie: 3.5.12.0, tijdstempel:
0x4ea9c430 Naam van module met fout: ntdll.dll, versie: 6.1.7601.17725, tijdstempel:
0x4ec4aa8e Uitzonderingscode: 0xc0000005 Foutoffset: 0x000000000004e4b4 Id van proces
met fout: 0x828 Starttijd van toepassing met fout: 0x01cdbbeef4591dbb Pad naar toepassing
met fout: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr3\lib\WSCommCntr3.exe
Pad
naar module met fout: C:\Windows\SYSTEM32\ntdll.dll Rapport-id: 32412b03-27e2-11e2-bb0c-50e54953206f

[ System Events ]
Error - 22/10/2012 2:39:58 | Computer Name = WITAS9 | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: AVG WatchDog.

Error - 22/10/2012 2:39:58 | Computer Name = WITAS9 | Source = Service Control Manager | ID = 7000
Description = De AVG WatchDog-service kan vanwege de volgende fout niet worden gestart:
%%1053

Error - 31/10/2012 3:38:42 | Computer Name = WITAS9 | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: LogMeIn.

Error - 31/10/2012 3:38:48 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

Error - 31/10/2012 3:38:48 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

Error - 31/10/2012 3:38:48 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

Error - 31/10/2012 3:38:51 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

Error - 31/10/2012 3:38:51 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

Error - 31/10/2012 3:38:51 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

Error - 31/10/2012 3:38:51 | Computer Name = WITAS9 | Source = Application Popup | ID = 1060
Description = \??\C:\Users\GEBRUI~1\AppData\Local\Temp\catchme.sys kan niet worden
geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de
software om een compatibele versie van het stuurprogramma.

< End of report >

Juisterr · 7 nov 2012

Start OTL

Plak het volgende onder Custom Scans/Fixes

:Commands
[createrestorepoint]

:OTL

ervices

:Reg

:Files
ipconfig /flushdns /c

:Commands
[purity]
[resethosts]
[emptytemp]
[emptyflash]

[reboot]

Klik om te vergroten...
Klik daarna bovenaan op de knop Run Fix
Laat het programma ongestoord zijn werk doen. De pc zal na afloop opnieuw opgestart worden.

Ænima · 9 nov 2012

Hierbij de inhoud vazn de .log na deze fix:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP-configuratie
De DNS-omzettingscache is leeggemaakt.
D:\gebruiker\Desktop\cmd.bat deleted successfully.
D:\gebruiker\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: gebruiker
->Temp folder emptied: 322107341 bytes
->Temporary Internet Files folder emptied: 83017955 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 98367772 bytes
->Google Chrome cache emptied: 17097221 bytes
->Flash cache emptied: 0 bytes

User: LogMeInRemoteUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6483 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50227 bytes
RecycleBin emptied: 1806493980 bytes

Total Files Cleaned = 2.219,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: gebruiker
->Flash cache emptied: 0 bytes

User: LogMeInRemoteUser

User: Public

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.69.0 log created on 11092012_080023

Files\Folders moved on Reboot...
C:\Users\gebruiker\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Archief - dagelijkse crashes

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member

Ænima

Legacy Member

Ænima

Legacy Member

Ænima

Legacy Member

Ænima

Legacy Member

Juisterr

Legacy Member

Ænima

Legacy Member