Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Mappennamen niet zichtbaar

None
35 antwoorden
  • Beste forum-leden,

    Ik heb een vrij irritant probleem. Ik ben de namen van mijn bestandsmappen kwijt. Uiteraard heb ik al even gezocht in de diverse fora, maar daar komen oplossingen naar voren, die bij mij niet de oplossing oplevert.

    Als ik de Windows verkenner gebruik is er niets aan de hand. De mapnamen worden netjes weer gegeven… echter als ik bv. een afbeelding wil opslaan vanuit een programma (opslaan als…), dan zie ik nergens meer de namen weer gegeven.

    Hetzelfde geld voor het openen van bv. een wordbestand vanuit word.

    Ik heb al meerdere zaken geprobeerd, maar ik krijg de mapnamen niet terug. Als ik de weergave wijzig naar details, krijg ik ook geen details meer te zien… alleen de icoontjes zijn nog zichtbaar.

    Iemand enig idee wat hier mis gaat? En hoe ik dit kan oplossen?
  • Hoi, begin met het volgende:

    [b:e4afa5e921]Welk programma[/b:e4afa5e921]: [b:e4afa5e921]OTL.exe[/b:e4afa5e921][/color:e4afa5e921]
    [b:e4afa5e921]Waarvoor/waarom[/b:e4afa5e921]: multifunktioneel tool - analyse en fix
    [b:e4afa5e921]Moeilijkheidsgraad[/b:e4afa5e921]: geen.
    [b:e4afa5e921]Download[/b:e4afa5e921]: [b:e4afa5e921]OTL.exe[/color:e4afa5e921][/b:e4afa5e921] en plaats het bestand op het bureaublad.
    [b:e4afa5e921]Sluit voordat OTL.exe[/color:e4afa5e921] gaat scannen, eerst alle andere openstaande vensters![/b:e4afa5e921]

    [b:e4afa5e921]OTL.exe[/color:e4afa5e921] gebruiken[/b:e4afa5e921]:
    [list:e4afa5e921][*:e4afa5e921] [b:e4afa5e921]Sluit nu eerst alle nog openstaande programmavensters![/color:e4afa5e921][/b:e4afa5e921]
    [list:e4afa5e921][*:e4afa5e921][b:e4afa5e921]Windows 2000[/color:e4afa5e921][/b:e4afa5e921] en [b:e4afa5e921]Windows XP[/b:e4afa5e921][/color:e4afa5e921]: dubbelklik op [b:e4afa5e921]OTL.exe[/b:e4afa5e921][/color:e4afa5e921].
    [*:e4afa5e921][b:e4afa5e921]Windows Vista[/b:e4afa5e921][/color:e4afa5e921], [b:e4afa5e921]Windows 7[/b:e4afa5e921][/color:e4afa5e921] en [b:e4afa5e921]Windows 8[/b:e4afa5e921][/color:e4afa5e921]: via rechtsklik op [b:e4afa5e921]OTL.exe[/b:e4afa5e921][/color:e4afa5e921] en kies voor "Als Administrator uitvoeren".[/list:u:e4afa5e921][/list:u:e4afa5e921]

    [list:e4afa5e921][*:e4afa5e921]Zet een vinkje bij [b:e4afa5e921]Scan All Users[/b:e4afa5e921][/color:e4afa5e921], [b:e4afa5e921]LOP Check[/b:e4afa5e921][/color:e4afa5e921] en bij [b:e4afa5e921]PURITY Check[/b:e4afa5e921][/color:e4afa5e921].

    [*:e4afa5e921]Kopieer en plak ondervermelde (vetgedrukte, blauwe tekst) in het kader onder [img:e4afa5e921]http://www.imgdumper.nl/uploads5/4f9111a6d2e57/4f9111a6d2a6c-OTL-2.png[/img:e4afa5e921]

    [b:e4afa5e921]netsvcs
    BASESERVICES
    DRIVES
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.sys /90
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\*
    %USERPROFILE%\..|smtmp;true;true;true /FP
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    hklm\software\clients\startmenuinternet|command
    s
    hklm\software\clients\startmenuinternet|command /64
    s
    CREATERESTOREPOINT[/color:e4afa5e921][/b:e4afa5e921]

    [*:e4afa5e921]Klik vervolgens op de knop [img:e4afa5e921]http://www.imgdumper.nl/uploads6/50cd93c69c626/50cd93c69be5b-OTL_-_Run_Scan_knop.jpg[/img:e4afa5e921].
    [*:e4afa5e921]Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
    [*:e4afa5e921]De scan zal niet heel erg lang duren.
    [list:e4afa5e921][*:e4afa5e921]Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: [b:e4afa5e921]OTL.Txt[/b:e4afa5e921] en [b:e4afa5e921]Extras.txt[/b:e4afa5e921].
    [*:e4afa5e921]Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.[/list:u:e4afa5e921]
    [*:e4afa5e921][b:e4afa5e921]Notabene:[/b:e4afa5e921][/color:e4afa5e921] indien het log niet in één bericht past, spreidt het dan over twee of meer berichten.[/list:u:e4afa5e921]
  • OTL logfile created on: 4-1-2013 11:33:49 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Passenier\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    7,98 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 65,81% Memory free
    15,96 Gb Paging File | 10,37 Gb Available in Paging File | 64,97% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 1850,60 Gb Total Space | 1165,57 Gb Free Space | 62,98% Space Free | Partition Type: NTFS
    Drive D: | 236,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
    Drive E: | 6,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
    Drive F: | 15,04 Gb Total Space | 11,36 Gb Free Space | 75,48% Space Free | Partition Type: FAT32

    Computer Name: PASSENIER_001 | User Name: Passenier | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========[/color:85a35399f1]

    PRC - [2013-01-04 11:03:51 | 000,602,112 | —- | M] (OldTimer Tools) – C:\Users\Passenier\Desktop\OTL.exe
    PRC - [2012-12-21 08:44:52 | 000,541,760 | —- | M] (Valve Corporation) – C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    PRC - [2012-12-11 21:31:33 | 001,354,736 | —- | M] (Valve Corporation) – C:\Program Files (x86)\Steam\steam.exe
    PRC - [2012-11-28 14:13:16 | 000,059,280 | —- | M] (Apple Inc.) – C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    PRC - [2012-10-19 10:08:58 | 000,998,072 | —- | M] (iolo technologies, LLC) – C:\Program Files (x86)\iolo\System Mechanic\SystemGuardAlerter.exe
    PRC - [2012-10-19 09:41:16 | 001,028,464 | —- | M] (iolo technologies, LLC) – C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
    PRC - [2012-09-10 15:58:16 | 000,059,280 | —- | M] (Apple Inc.) – C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    PRC - [2012-08-29 13:00:12 | 000,059,280 | —- | M] (Apple Inc.) – C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    PRC - [2012-08-09 22:12:18 | 000,055,184 | —- | M] (Apple Inc.) – C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
    PRC - [2012-01-03 05:10:42 | 000,063,960 | —- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    PRC - [2011-09-06 18:29:20 | 004,259,648 | —- | M] (SoftThinks - Dell) – C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
    PRC - [2011-08-18 16:05:54 | 002,751,808 | —- | M] () – C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    PRC - [2011-08-18 16:05:46 | 001,692,480 | —- | M] (SoftThinks SAS) – C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
    PRC - [2011-08-01 18:56:48 | 000,460,096 | —- | M] (SoftThinks - Dell) – C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
    PRC - [2011-07-06 13:32:50 | 000,296,448 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe
    PRC - [2010-09-30 03:06:46 | 000,169,408 | —- | M] (Adobe Systems Incorporated) – C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    PRC - [2010-09-13 17:32:32 | 000,013,336 | —- | M] (Intel Corporation) – C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    PRC - [2009-02-23 11:43:54 | 000,307,200 | —- | M] (Creative Technology Ltd) – C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe


    ========== Modules (No Company Name) ==========[/color:85a35399f1]

    MOD - [2012-12-21 08:45:24 | 000,647,168 | —- | M] () – C:\Program Files (x86)\Steam\sdl.dll
    MOD - [2012-12-21 08:44:51 | 020,320,240 | —- | M] () – C:\Program Files (x86)\Steam\bin\libcef.dll
    MOD - [2012-12-21 08:44:48 | 000,969,280 | —- | M] () – C:\Program Files (x86)\Steam\bin\chromehtml.dll
    MOD - [2012-12-21 08:44:46 | 000,124,416 | —- | M] () – C:\Program Files (x86)\Steam\bin\avutil-51.dll
    MOD - [2012-12-21 08:44:44 | 000,192,000 | —- | M] () – C:\Program Files (x86)\Steam\bin\avformat-53.dll
    MOD - [2012-12-21 08:44:42 | 001,100,800 | —- | M] () – C:\Program Files (x86)\Steam\bin\avcodec-53.dll
    MOD - [2012-11-19 09:53:09 | 002,297,856 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll
    MOD - [2012-11-18 14:00:31 | 000,368,128 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
    MOD - [2012-11-18 14:00:12 | 014,340,608 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
    MOD - [2012-11-18 14:00:02 | 012,436,480 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
    MOD - [2012-11-18 13:59:58 | 001,591,808 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
    MOD - [2012-11-18 13:59:55 | 012,237,824 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
    MOD - [2012-11-18 13:59:48 | 003,347,968 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
    MOD - [2012-11-18 13:59:45 | 005,452,800 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
    MOD - [2012-11-18 13:59:42 | 007,988,736 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
    MOD - [2012-11-18 13:59:42 | 000,971,264 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
    MOD - [2012-11-18 13:59:38 | 011,493,376 | —- | M] () – C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
    MOD - [2011-08-18 16:05:54 | 002,751,808 | —- | M] () – C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
    MOD - [2011-07-06 13:33:04 | 000,720,896 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\_ssl.pyd
    MOD - [2011-07-06 13:33:04 | 000,286,208 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\_hashlib.pyd
    MOD - [2011-07-06 13:33:04 | 000,153,088 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\pyexpat.pyd
    MOD - [2011-07-06 13:33:04 | 000,073,728 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\_ctypes.pyd
    MOD - [2011-07-06 13:33:04 | 000,040,448 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\_socket.pyd
    MOD - [2011-07-06 13:33:04 | 000,011,776 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\select.pyd
    MOD - [2011-07-06 13:32:50 | 000,296,448 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe
    MOD - [2011-07-06 13:32:50 | 000,066,560 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\cairo._cairo.pyd
    MOD - [2011-07-06 13:32:18 | 001,584,128 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\gtk._gtk.pyd
    MOD - [2011-07-06 13:32:18 | 000,240,640 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\gio._gio.pyd
    MOD - [2011-07-06 13:32:18 | 000,096,768 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\gobject._gobject.pyd
    MOD - [2011-07-06 13:32:18 | 000,049,664 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\glib._glib.pyd
    MOD - [2011-07-06 13:32:16 | 000,178,688 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\atk.pyd
    MOD - [2011-07-06 13:32:16 | 000,097,280 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\pango.pyd
    MOD - [2011-07-06 13:32:16 | 000,014,848 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\gtk.glade.pyd
    MOD - [2011-07-06 13:32:16 | 000,013,824 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\pangocairo.pyd
    MOD - [2011-07-06 13:32:14 | 000,042,496 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\engines\libwimp.dll
    MOD - [2011-07-06 13:32:14 | 000,014,336 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\lib\gtk-2.0\2.10.0\loaders\libpixbufloader-png.dll
    MOD - [2011-07-06 13:31:40 | 001,065,472 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libxml2-2.dll
    MOD - [2011-07-06 13:31:40 | 000,100,864 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\zlib1.dll
    MOD - [2011-07-06 13:31:38 | 000,182,784 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libpng14-14.dll
    MOD - [2011-07-06 13:31:38 | 000,036,352 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libpangocairo-1.0-0.dll
    MOD - [2011-07-06 13:31:36 | 000,799,744 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libcairo-2.dll
    MOD - [2011-07-06 13:31:36 | 000,382,464 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\freetype6.dll
    MOD - [2011-07-06 13:31:36 | 000,189,952 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libfontconfig-1.dll
    MOD - [2011-07-06 13:31:36 | 000,078,336 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libglade-2.0-0.dll
    MOD - [2011-07-06 13:31:36 | 000,020,992 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libffi-5.dll
    MOD - [2011-07-06 13:31:30 | 000,054,784 | —- | M] () – c:\Program Files (x86)\BitLord 2\Bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\crypto.pyd
    MOD - [2011-07-06 13:31:30 | 000,040,448 | —- | M] () – c:\Program Files (x86)\BitLord 2\Bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\SSL.pyd
    MOD - [2011-07-06 13:31:30 | 000,027,136 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\pyHook._cpyHook.pyd
    MOD - [2011-07-06 13:31:30 | 000,010,752 | —- | M] () – c:\Program Files (x86)\BitLord 2\Bitlord files\pyopenssl-0.12-py2.6-win32.egg\OpenSSL\rand.pyd
    MOD - [2011-07-06 13:31:18 | 000,007,168 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\twisted.python._initgroups.pyd
    MOD - [2011-07-06 13:31:04 | 000,179,200 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\winxpgui.pyd
    MOD - [2011-07-06 13:31:04 | 000,167,424 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\win32gui.pyd
    MOD - [2011-07-06 13:31:04 | 000,096,768 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\win32api.pyd
    MOD - [2011-07-06 13:31:04 | 000,035,840 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\win32process.pyd
    MOD - [2011-07-06 13:31:04 | 000,017,408 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\win32event.pyd
    MOD - [2011-07-06 13:30:56 | 000,265,728 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\win32com.shell.shell.pyd
    MOD - [2011-07-06 13:30:56 | 000,019,968 | —- | M] () – c:\Program Files (x86)\BitLord 2\Bitlord files\zope.interface-3.6.2-py2.6-win32.egg\zope\interface\_zope_interface_coptimizations.pyd
    MOD - [2011-07-06 13:30:54 | 001,907,200 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libtorrent.pyd
    MOD - [2011-06-24 21:56:36 | 000,087,328 | —- | M] () – C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    MOD - [2011-06-24 21:56:14 | 001,241,888 | —- | M] () – C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    MOD - [2011-06-14 12:30:20 | 017,716,224 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\libcef.dll
    MOD - [2011-03-17 00:11:16 | 004,297,568 | —- | M] () – C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2010-11-13 01:34:15 | 000,303,104 | —- | M] () – C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
    MOD - [2010-01-22 14:03:40 | 000,353,792 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\pythoncom26.dll
    MOD - [2010-01-22 14:03:40 | 000,110,080 | —- | M] () – C:\Program Files (x86)\BitLord 2\Bitlord files\pywintypes26.dll


    ========== Services (SafeList) ==========[/color:85a35399f1]

    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-16 21:10:22 | 000,383,608 | —- | M] (McAfee, Inc.) [On_Demand | Stopped] – C:\Program Files\McAfee\VirusScan\mcods.exe – (McODS)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:37:30 | 000,177,680 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Windows\SysNative\mfevtps.exe – (mfevtp)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:34:50 | 000,218,320 | —- | M] () [Auto | Running] – C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe – (mfefire)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:33:08 | 000,241,016 | —- | M] () [Auto | Running] – C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe – (McShield)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (McProxy)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (McOobeSv)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (McNASvc)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (McNaiAnn)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (mcmscsvc)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (McMPFSvc)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-31 12:20:06 | 000,201,304 | —- | M] (McAfee, Inc.) [Auto | Running] – C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe – (McAfee SiteAdvisor Service)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2011-01-28 11:28:54 | 000,225,216 | —- | M] (McAfee, Inc.) [On_Demand | Stopped] – c:\Program Files\McAfee\MSC\McAWFwk.exe – (McAWFwk)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-12-09 07:00:20 | 000,203,776 | —- | M] (AMD) [Auto | Running] – C:\Windows\SysNative\atiesrxx.exe – (AMD External Events Utility)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-09-22 17:10:10 | 000,057,184 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Program Files\Windows Live\Mesh\wlcrasvc.exe – (wlcrasvc)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-07-21 12:46:28 | 000,951,584 | —- | M] (Broadcom Corporation.) [Auto | Running] – c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe – (btwdins)
    SRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-14 02:41:27 | 001,011,712 | —- | M] (Microsoft Corporation) [Auto | Running] – C:\Program Files\Windows Defender\MpSvc.dll – (WinDefend)
    SRV - [2012-12-21 08:44:52 | 000,541,760 | —- | M] (Valve Corporation) [On_Demand | Running] – C:\Program Files (x86)\Common Files\Steam\SteamService.exe – (Steam Client Service)
    SRV - [2012-12-12 15:25:36 | 000,250,808 | —- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] – C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe – (AdobeFlashPlayerUpdateSvc)
    SRV - [2012-12-03 21:49:41 | 000,115,168 | —- | M] (Mozilla Foundation) [On_Demand | Stopped] – C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe – (MozillaMaintenance)
    SRV - [2012-10-19 09:41:16 | 001,028,464 | —- | M] (iolo technologies, LLC) [Auto | Running] – C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe – (ioloSystemService)
    SRV - [2012-09-05 16:56:44 | 000,234,776 | —- | M] (McAfee, Inc.) [On_Demand | Stopped] – C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe – (McComponentHostService)
    SRV - [2012-07-16 15:31:32 | 002,735,528 | —- | M] (TeamViewer GmbH) [Disabled | Stopped] – C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe – (TeamViewer7)
    SRV - [2012-07-13 12:28:36 | 000,160,944 | R— | M] (Skype Technologies) [Disabled | Stopped] – C:\Program Files (x86)\Skype\Updater\Updater.exe – (SkypeUpdate)
    SRV - [2012-01-03 05:10:42 | 000,063,960 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe – (AdobeARMservice)
    SRV - [2011-08-18 16:05:46 | 001,692,480 | —- | M] (SoftThinks SAS) [Auto | Running] – C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe – (SftService)
    SRV - [2011-05-24 19:33:16 | 000,079,360 | —- | M] (Creative Labs) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe – (Creative Media Toolbox 6 Licensing Service)
    SRV - [2011-05-24 19:29:56 | 000,079,360 | —- | M] (Creative Labs) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe – (Creative ALchemy AL6 Licensing Service)
    SRV - [2011-05-13 09:48:14 | 001,045,256 | —- | M] (Acresso Software Inc.) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe – (FLEXnet Licensing Service)
    SRV - [2011-05-13 09:36:32 | 000,079,360 | —- | M] (Creative Labs) [On_Demand | Stopped] – C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe – (Creative Audio Engine Licensing Service)
    SRV - [2011-01-28 20:34:52 | 000,032,336 | —- | M] (Sanford, L.P.) [Auto | Stopped] – C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe – (DymoPnpService)
    SRV - [2010-11-25 04:34:18 | 000,219,632 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe – (RoxWatch12)
    SRV - [2010-11-25 04:33:18 | 001,116,656 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe – (RoxMediaDB12OEM)
    SRV - [2010-10-26 17:26:58 | 000,236,016 | —- | M] (CyberLink) [Auto | Stopped] – C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe – (CLKMSVC10_9EC60124)
    SRV - [2010-09-30 03:06:46 | 000,169,408 | —- | M] (Adobe Systems Incorporated) [Auto | Running] – C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe – (AdobeActiveFileMonitor9.0)
    SRV - [2010-09-13 17:32:32 | 000,013,336 | —- | M] (Intel Corporation) [Auto | Running] – C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe – (IAStorDataMgrSvc)
    SRV - [2010-08-25 19:28:54 | 002,823,000 | —- | M] (Dell, Inc.) [Auto | Running] – C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe – (NOBU)
    SRV - [2010-03-18 12:16:28 | 000,130,384 | —- | M] (Microsoft Corporation) [Auto | Stopped] – C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe – (clr_optimization_v4.0.30319_32)
    SRV - [2009-06-10 22:23:09 | 000,066,384 | —- | M] (Microsoft Corporation) [Disabled | Stopped] – C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe – (clr_optimization_v2.0.50727_32)
    SRV - [2009-02-23 11:43:54 | 000,307,200 | —- | M] (Creative Technology Ltd) [Auto | Running] – C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe – (CTAudSvcService)
    SRV - [2008-06-20 08:14:46 | 000,362,992 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe – (Roxio Upnp Server 10)
    SRV - [2008-06-20 08:14:40 | 000,313,840 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe – (Roxio UPnP Renderer 10)
    SRV - [2008-06-20 08:12:36 | 000,309,744 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe – (RoxLiveShare10)
    SRV - [2008-06-20 08:12:30 | 000,166,384 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe – (RoxWatch10)
    SRV - [2008-06-20 08:11:56 | 001,120,752 | —- | M] (Sonic Solutions) [Disabled | Stopped] – C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe – (RoxMediaDB10)


    ========== Driver Services (SafeList) ==========[/color:85a35399f1]

    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:40:24 | 000,069,672 | —- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\cfwids.sys – (cfwids)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:37:42 | 000,339,776 | —- | M] (McAfee, Inc.) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\mfewfpk.sys – (mfewfpk)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:36:30 | 000,106,112 | —- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\mferkdet.sys – (mferkdet)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:35:50 | 000,771,096 | —- | M] (McAfee, Inc.) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\mfehidk.sys – (mfehidk)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:34:58 | 000,515,528 | —- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\mfefirek.sys – (mfefirek)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:34:18 | 000,309,400 | —- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\mfeavfk.sys – (mfeavfk)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-11-09 06:33:58 | 000,178,840 | —- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\mfeapfk.sys – (mfeapfk)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-10-19 09:38:26 | 000,082,160 | —- | M] (Raxco Software, Inc.) [File_System | Auto | Running] – C:\Windows\SysNative\drivers\PDFsFilter.sys – (PDFsFilter)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-09-28 10:32:56 | 000,053,760 | —- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\usbaapl64.sys – (USBAAPL64)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-23 15:10:20 | 000,019,456 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\rdpvideominiport.sys – (RdpVideoMiniport)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-23 15:07:35 | 000,057,856 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\TsUsbFlt.sys – (TsUsbFlt)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-21 12:01:20 | 000,033,240 | —- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\GEARAspiWDM.sys – (GEARAspiWDM)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-08-17 22:26:48 | 000,025,584 | —- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Running] – c:\Program Files\Dell Support Center\pcdsrvc_x64.pkms – (PCDSRVC{1E208CE0-FB7451FF-06020200}_0)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-04-20 15:40:58 | 000,196,440 | —- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HipShieldK.sys – (HipShieldK)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2012-03-01 07:46:16 | 000,023,408 | —- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] – C:\Windows\SysNative\drivers\fs_rec.sys – (Fs_Rec)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2011-03-11 07:41:12 | 000,107,904 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsata.sys – (amdsata)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2011-03-11 07:41:12 | 000,027,008 | —- | M] (Advanced Micro Devices) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\amdxata.sys – (amdxata)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-12-09 07:46:38 | 008,281,088 | —- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\atikmdag.sys – (amdkmdag)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-12-09 06:18:46 | 000,292,352 | —- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\atikmpag.sys – (amdkmdap)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-11-20 14:33:35 | 000,078,720 | —- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\HpSAMD.sys – (HpSAMD)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-11-17 16:04:32 | 000,115,216 | —- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\AtihdW76.sys – (AtiHDAudioService)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-10-19 22:34:26 | 000,056,344 | —- | M] (Intel Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\HECIx64.sys – (MEIx64)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-09-14 13:24:26 | 000,437,272 | —- | M] (Intel Corporation) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\iaStor.sys – (iaStor)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-07-20 07:26:42 | 000,102,952 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwaudio.sys – (btwaudio)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-07-20 07:26:38 | 000,135,720 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwavdt.sys – (btwavdt)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-07-20 07:26:34 | 000,021,544 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwrchid.sys – (btwrchid)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-07-14 00:25:38 | 000,344,616 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwampfl.sys – (btwampfl)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-06-08 13:36:18 | 000,406,056 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\k57nd60a.sys – (k57nd60a)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-05-21 00:42:42 | 003,058,168 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\BCMWL664.SYS – (BCM43XX)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-03-19 02:00:00 | 000,055,856 | —- | M] (Sonic Solutions) [Kernel | Boot | Running] – C:\Windows\SysNative\drivers\PxHlpa64.sys – (PxHlpa64)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-03-02 07:37:40 | 000,039,464 | —- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\btwl2cap.sys – (btwl2cap)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2010-02-27 16:32:14 | 000,158,976 | —- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\Impcd.sys – (Impcd)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-09-08 10:40:14 | 000,023,464 | —- | M] (EldoS Corporation) [Kernel | System | Running] – C:\Windows\SysNative\drivers\ElRawDsk.sys – (ElRawDisk)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-27 07:50:06 | 000,639,512 | —- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\t3.sys – (t3)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-14 02:52:20 | 000,194,128 | —- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\amdsbs.sys – (amdsbs)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-14 02:48:04 | 000,065,600 | —- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\lsi_sas2.sys – (LSI_SAS2)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-14 02:45:55 | 000,024,656 | —- | M] (Promise Technology) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\stexstor.sys – (stexstor)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-14 01:39:20 | 000,023,040 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\WSDPrint.sys – (WSDPrintDevice)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-07-14 01:35:32 | 000,012,288 | —- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\serscan.sys – (StillCam)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-06-10 21:34:33 | 003,286,016 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\evbda.sys – (ebdrv)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-06-10 21:34:28 | 000,468,480 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\bxvbda.sys – (b06bdrv)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-06-10 21:34:23 | 000,270,848 | —- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\b57nd60a.sys – (b57nd60a)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2009-06-10 21:31:59 | 000,031,232 | —- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] – C:\Windows\SysNative\drivers\hcw85cir.sys – (hcw85cir)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2008-03-20 12:34:12 | 000,028,672 | —- | M] (Todos Data System AB) [Kernel | On_Demand | Running] – C:\Windows\SysNative\drivers\aabed2.sys – (e.dentifier2)
    DRV:[b:85a35399f1]64bit:[/b:85a35399f1] - [2006-11-01 11:51:00 | 000,151,656 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysNative\drivers\WimFltr.sys – (WimFltr)
    DRV - [2009-07-14 02:19:10 | 000,019,008 | —- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] – C:\Windows\SysWOW64\drivers\wimmount.sys – (WIMMount)
    DRV - [2008-06-20 09:10:48 | 000,065,520 | —- | M] (Sonic Solutions) [File_System | System | Stopped] – C:\Windows\SysWOW64\drivers\RxFilter.sys – (RxFilter)


    ========== Standard Registry (All) ==========[/color:85a35399f1]


    ========== Internet Explorer ==========[/color:85a35399f1]

    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\..\SearchScopes,DefaultScope = {BE28C22E-F666-424d-B5FD-125C4AFEE34E}
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    IE - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

    IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)

    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/12
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\SearchScopes\{2ACC269A-DA2B-4614-BA38-B865455C2B05}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\SearchScopes\{5A2143F6-626A-409A-8BE6-38BC5E3F445F}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sear
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========[/color:85a35399f1]

    FF - prefs.js..browser.search.update: false
    FF - prefs.js..browser.startup.homepage: "www.google.nl"
    FF - prefs.js..extensions.enabledAddons: en-GB%40dictionaries.addons.mozilla.org:1.19.1
    FF - prefs.js..extensions.enabledAddons: firefox%40ghostery.com:2.8.3
    FF - prefs.js..extensions.enabledAddons: plugin%40yontoo.com:1.20.00
    FF - prefs.js..extensions.enabledAddons: %7B546d2a00-2bbf-11dc-8314-0800200c9a66%7D:1.1.2
    FF - prefs.js..extensions.enabledAddons: fbphotozoom%40installdaddy.com:1.3
    FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
    FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.4.0
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1


    FF:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
    FF:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
    FF:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@ABNAMRO/BECON,version=1.00: C:\Program Files (x86)\ABN AMRO e.dentifier2\Mozilla
    pBECON.dll (ABN AMRO)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins
    pitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@dymo.com/DymoLabelFramework: C:\Program Files (x86)\DYMO\DYMO Label Software\Framework
    pDYMOLabelFramework.dll ( Sanford L.P.)
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64
    pDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2
    pjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: File not found
    FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor
    pmcffplg32.dll (McAfee, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0
    pctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC
    pvlc.dll (VideoLAN)
    FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air
    ppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR
    ppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-08-16 14:11:08 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fbphotozoom@installdaddy.com: C:\Program Files (x86)\fbphotozoom\fbphotozoom13.xpi [2012-03-02 17:25:31 | 000,102,233 | —- | M] ()
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012-09-08 09:18:20 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2013-01-02 11:03:15 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-03 21:49:42 | 000,000,000 | —D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012-12-03 21:49:42 | 000,000,000 | —D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

    [2011-05-22 13:27:44 | 000,000,000 | —D | M] (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\Extensions
    [2012-12-13 11:33:57 | 000,000,000 | —D | M] (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\Firefox\Profiles\parv4eb0.default\extensions
    [2012-05-22 11:42:23 | 000,000,000 | —D | M] (Orange Fox) – C:\Users\Passenier\AppData\Roaming\mozilla\Firefox\Profiles\parv4eb0.default\extensions\{5b35cb30-16b4-11de-8c30-0800200c9a66}
    [2011-08-28 20:24:17 | 000,000,000 | —D | M] (British English Dictionary) – C:\Users\Passenier\AppData\Roaming\mozilla\Firefox\Profiles\parv4eb0.default\extensions\en-GB@dictionaries.addons.mozilla.org
    [2012-09-22 13:04:53 | 000,000,000 | —D | M] (Ghostery) – C:\Users\Passenier\AppData\Roaming\mozilla\Firefox\Profiles\parv4eb0.default\extensions\firefox@ghostery.com
    [2012-03-02 17:25:48 | 000,000,000 | —D | M] (Yontoo) – C:\Users\Passenier\AppData\Roaming\mozilla\Firefox\Profiles\parv4eb0.default\extensions\plugin@yontoo.com
    [2012-12-13 11:33:57 | 000,000,000 | —D | M] (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\Firefox\Profiles\parv4eb0.default\extensions\trash
    [2012-12-13 11:33:57 | 002,151,598 | —- | M] () (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\firefox\profiles\parv4eb0.default\extensions\firebug@software.joehewitt.com.xpi
    [2012-02-23 21:23:17 | 000,041,878 | —- | M] () (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\firefox\profiles\parv4eb0.default\extensions\{546d2a00-2bbf-11dc-8314-0800200c9a66}.xpi
    [2012-11-26 08:37:53 | 000,804,627 | —- | M] () (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\firefox\profiles\parv4eb0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
    [2012-12-10 11:33:57 | 002,142,826 | —- | M] () (No name found) – C:\Users\Passenier\AppData\Roaming\mozilla\firefox\profiles\parv4eb0.default\extensions\trash\firebug@software.joehewitt.com.xpi
    [2012-12-03 21:48:41 | 000,000,000 | —D | M] (No name found) – C:\Program Files (x86)\Mozilla Firefox\extensions
    [2012-12-03 21:49:42 | 000,000,000 | —D | M] (Default) – C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2012-12-03 21:48:41 | 000,000,000 | —D | M] (Java Console) – C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
    [2012-03-02 17:25:31 | 000,102,233 | —- | M] () (No name found) – C:\PROGRAM FILES (X86)\FBPHOTOZOOM\FBPHOTOZOOM13.XPI
    [2012-09-08 09:18:20 | 000,000,000 | —D | M] (McAfee SiteAdvisor) – C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
    [2012-12-03 21:49:42 | 000,262,112 | —- | M] (Mozilla Foundation) – C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2012-09-07 22:09:46 | 000,002,465 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2012-11-29 15:53:29 | 000,002,616 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\bolcom-nl.xml
    [2012-09-07 22:09:45 | 000,003,581 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\google.xml
    [2012-11-29 15:53:29 | 000,004,771 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\marktplaats-nl.xml
    [2012-11-29 15:53:29 | 000,001,262 | —- | M] () – C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-nl.xml

    O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | —- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2:[b:85a35399f1]64bit:[/b:85a35399f1] - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2:[b:85a35399f1]64bit:[/b:85a35399f1] - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20121223094815.dll (McAfee, Inc.)
    O2:[b:85a35399f1]64bit:[/b:85a35399f1] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2:[b:85a35399f1]64bit:[/b:85a35399f1] - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    O2:[b:85a35399f1]64bit:[/b:85a35399f1] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2:[b:85a35399f1]64bit:[/b:85a35399f1] - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
    O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130101205613.dll (McAfee, Inc.)
    O2 - BHO: (Aanmeldhulp voor Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
    O3:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
    O3:[b:85a35399f1]64bit:[/b:85a35399f1] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
    O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKU\S-1-5-21-4216466511-2592422777-570292537-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-4216466511-2592422777-570292537-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
    O4 - HKU\S-1-5-21-4216466511-2592422777-570292537-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: &Verzenden naar OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: Converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra context menu item: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: &Verzenden naar OneNote - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
    O8 - Extra context menu item: Converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Doel van koppeling converteren naar Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: Doel van koppeling toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O8 - Extra context menu item: Toevoegen aan bestaande PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
    O9:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra Button: @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9:[b:85a35399f1]64bit:[/b:85a35399f1] - Extra 'Tools' menuitem : @c:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
    O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra Button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : Verzenden naar &Bluetooth-apparaat… - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative
    laapi.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10:[b:85a35399f1]64bit:[/b:85a35399f1] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64
    laapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 []
  • OTL Extras logfile created on: 4-1-2013 11:33:49 - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Passenier\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy

    7,98 Gb Total Physical Memory | 5,25 Gb Available Physical Memory | 65,81% Memory free
    15,96 Gb Paging File | 10,37 Gb Available in Paging File | 64,97% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 1850,60 Gb Total Space | 1165,57 Gb Free Space | 62,98% Space Free | Partition Type: NTFS
    Drive D: | 236,60 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
    Drive E: | 6,74 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
    Drive F: | 15,04 Gb Total Space | 11,36 Gb Free Space | 75,48% Space Free | Partition Type: FAT32

    Computer Name: PASSENIER_001 | User Name: Passenier | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========[/color:9fe9dc8704]


    ========== File Associations ==========[/color:9fe9dc8704]

    [b:9fe9dc8704]64bit:[/b:9fe9dc8704] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .url[@ = InternetShortcut] – C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] – C:\Windows\SysWow64\control.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] – C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========[/color:9fe9dc8704]

    [b:9fe9dc8704]64bit:[/b:9fe9dc8704] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    http [open] – Reg Error: Key error.
    https [open] – Reg Error: Key error.
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] – "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –playlist-enqueue "%1" ()
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –no-playlist-enqueue "%1" ()
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] – "%1" %*
    cmdfile [open] – "%1" %*
    comfile [open] – "%1" %*
    cplfile [cplopen] – %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] – "%1" %*
    helpfile [open] – Reg Error: Key error.
    http [open] – Reg Error: Key error.
    https [open] – Reg Error: Key error.
    inffile [install] – %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] – "%1" %*
    regfile [merge] – Reg Error: Key error.
    scrfile [config] – "%1"
    scrfile [install] – rundll32.exe desk.cpl,InstallScreenSaver %l
    txtfile [edit] – Reg Error: Key error.
    Unknown [openas] – %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [AddToPlaylistVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –playlist-enqueue "%1" ()
    Directory [cmd] – cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [PlayWithVLC] – "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" –started-from-file –no-playlist-enqueue "%1" ()
    Folder [open] – %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] – Reg Error: Value error.
    Drive [find] – %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========[/color:9fe9dc8704]

    [b:9fe9dc8704]64bit:[/b:9fe9dc8704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0

    [b:9fe9dc8704]64bit:[/b:9fe9dc8704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [b:9fe9dc8704]64bit:[/b:9fe9dc8704] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========[/color:9fe9dc8704]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========[/color:9fe9dc8704]


    ========== Vista Active Open Ports Exception List ==========[/color:9fe9dc8704]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0C8E3204-4B81-4A9D-8A3B-C23EFA7E112F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
    "{0DCEC52A-0859-493F-A1F7-43473A967833}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{12B787CA-E235-4A01-8AAA-332218092C7D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
    "{21A6D05F-266D-4F90-B9A3-1D8A9426BE47}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
    "{3515E709-6E96-4342-A9AD-C008E70A6403}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{4334C683-C5BD-48EE-9EBD-D23D1ECE9A96}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{5341CDF6-085D-40F1-A676-A4C239D15826}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{5691311B-B695-448A-9C6E-33753F1DC930}" = lport=137 | protocol=17 | dir=in | app=system |
    "{58B5B35F-6977-4490-BA01-257321822992}" = rport=137 | protocol=17 | dir=out | app=system |
    "{5A3C7969-3EC7-4DA9-9EB6-EC84328CDF67}" = rport=138 | protocol=17 | dir=out | app=system |
    "{66EDBE2A-A8A2-49D3-AB30-2043EDA17A58}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{68C6FAC1-C2A3-4142-8A72-E0782FC118BE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{78EEA5C1-AD5B-43A0-AA01-87AF65617602}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{7C5F6CA2-7B01-4014-9315-F44CBC63BDEC}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{8906EE80-4A9E-474F-9BF4-C92C69EA5FF6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{8EFCFC9E-3E6A-43EF-87C9-9E214C67BB64}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{934396B1-227B-4859-864E-6895D3FF5A4B}" = rport=139 | protocol=6 | dir=out | app=system |
    "{A077BDEB-E86F-4768-805F-09B773DC3A2A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{A49A1869-88C7-4FF4-B0EA-EBBA0FF10E88}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{AE50BB03-74B0-4628-9D66-40A6755D72A0}" = lport=10243 | protocol=6 | dir=in | app=system |
    "{AFF5E786-5C66-4AE8-BCD4-AB105CF6FFD1}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{B677EDFE-C72B-4483-9402-82177CF703D3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{BEAD2338-8E05-46E7-83E9-F65AC62C82AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{C18B714F-549A-4E96-BCD1-7EBF84ACDC89}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{CBB5DD52-021C-4ED8-A5A5-F6E65DE495FB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{CCDC86DC-182D-40CD-83B6-20234D3216D2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{CE066AD7-D966-44CF-8575-8C03233294ED}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{D6C45D28-0BB0-4E41-B6A3-B2AD8E59A5D0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{DB607214-E24F-4BAE-A203-1BC0BE6B7FB0}" = lport=138 | protocol=17 | dir=in | app=system |
    "{E7DD6246-5966-4499-919A-8B563924ED42}" = lport=445 | protocol=6 | dir=in | app=system |
    "{E8F4C9E3-3308-4B81-A5BC-24D78D454402}" = lport=139 | protocol=6 | dir=in | app=system |
    "{F8BD6C47-99DC-4EFE-87E1-9252D44FA73C}" = rport=445 | protocol=6 | dir=out | app=system |
    "{F9D70091-7768-4851-92FA-487EF09880AC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{FF1BA61A-3C18-4FFB-B2DA-1DF0A938EC22}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

    ========== Vista Active Application Exception List ==========[/color:9fe9dc8704]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{03B2C61E-46A5-4DAC-B357-DD94AB70D552}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the immortals\launcher.exe |
    "{03CD9249-9EA6-463B-B456-34DF5320D880}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{05A84E98-4E46-423D-8D6F-1D97C14CA73B}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe |
    "{06916C66-59E8-4877-B44A-D4807C2FB219}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
    "{0AD86F67-7B47-4A21-A993-9C9A814196A8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
    "{0BF72740-8241-4C17-9527-BAE7E6C72EBD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
    "{0DE94CED-BAD4-4F01-8825-AFC7B520CE9C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{0E164239-9A31-4B47-A79E-866010586EAF}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{11718E1F-07E0-48C0-B1FE-F184A316DB24}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
    "{20333BC7-7C60-4033-8F49-DD1FFD5C37E5}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{2463F703-7434-4FCF-A5AD-2B4CF904B8D8}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
    "{25D60E55-18BC-4387-A133-825C375D0769}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
    "{2A7DE5A0-324D-4C49-98BF-81E93EE6B62F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
    "{2CFE33B6-A63C-4BC3-B537-41B7FD2710E6}" = protocol=17 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
    "{2EEB1FB5-56D9-46B3-8A6A-F26EC3B99E54}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{2FFB3537-B6DF-46A9-94C2-33E33426FBE5}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
    "{387B8161-421F-4BAB-9B24-043C38BA7DB8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
    "{3D1EAFE1-88CA-4DDE-9C9B-A2159227EED8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
    "{3FC001BA-2679-4F15-9713-915FAFFDD400}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{41B2844D-9549-40A7-A587-7B501A237F81}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{420AFD0F-3D4B-4A4E-83BB-0105C35D1DDF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{4C9AF9C6-46EB-4602-A7EA-70BE195E801D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{4CE7546E-9E5F-49B0-A590-C894AA26125D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
    "{4E4A9555-C560-402E-9D8F-F9B8C49E080A}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{4E5D352F-48B5-4A02-B3C3-25B5F600BC1A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
    "{546ED8F4-0B99-44F0-B685-DE5970FDC15E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{5AC06963-FF78-467A-91C0-E338B7A222D6}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{5C7A14EE-B8CA-4360-88CA-0CADBC48775A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{60716719-1C47-4C54-9787-96B807EB61E4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
    "{6080F05E-343F-4B99-BB0F-917E62ACA671}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
    "{6119757B-11FD-4216-95F4-33B6B9A5879C}" = protocol=6 | dir=in | app=c:\program files (x86)\bitlord 2\bitlord files\bitlord.exe |
    "{638D9A05-A554-4BE2-BF49-0E5ED0D6B573}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{6494D6DD-C6D4-40E4-A0FF-D117CA871BB3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{669413D2-5DDD-4220-AA28-3BAA5FF61B78}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
    "{66CDBA17-ED0B-4481-8386-5ED3BA8BE92F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{671ED49B-72A5-4602-8027-73DC757ED8E2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{6E5DACA7-2944-4371-888F-94640D887284}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
    "{71BD0320-51C5-4689-B333-EEFF18B5A44A}" = protocol=17 | dir=in | app=c:\users\passenier\appdata\roaming\dropbox\bin\dropbox.exe |
    "{768CD38F-535B-40C5-B289-55E8FA12E132}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\metro 2033\metro2033.exe |
    "{7BF45994-9F8C-43EB-A8EE-D402844DD5FD}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe |
    "{7D67F67F-FF0F-41EB-8206-A4C11C2DEDEC}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{7E3E38DF-BD46-4E7C-A268-9B301CB4B5FB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
    "{7E6A7F17-A015-4985-BFDA-B22CB329B872}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
    "{8712EDB7-09F6-4615-9E2F-DBDBCF892ECF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{9C8C73F6-7634-46D5-AEE9-7F6E03B0FCDF}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |
    "{9D17EFF6-C5B9-4D27-874B-E07E774F14FB}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{9E168F8D-DCB3-4B86-93A1-9E4AE0E0C1EA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{A0A183DC-137A-4FA6-902D-DA616D3A5C51}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{A23FB5CD-7435-4CAA-93EF-797516B49098}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
    "{A28A2CB4-FE11-4E4B-8025-380A337CA0FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
    "{A40C3C58-FCFD-43F9-A098-3B961446688E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{A446032E-C270-4FAB-BF48-9A443F5CF7C4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{AF35C2EC-1822-4DEC-B91F-D0C15C53AA93}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{B0A766C4-24DA-4CD5-AD1F-0F841CC1DECE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
    "{B28162F9-519A-495F-9E70-6CBF11F9BF06}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
    "{B700BB6D-04CB-4413-9613-A988EDCB1F9E}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe |
    "{B7F919F5-C95B-453B-B0F4-B6283F609C80}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5sp.exe |
    "{B8DF158D-9A1B-4075-8C40-5F5CE405B7B9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{B8F2FE32-2C0E-4D37-B6E7-581FA03397C0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sniper ghost warrior\sniper_x86.exe |
    "{BBC50E75-5C29-4A56-B34B-BB4D3BF57B70}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{C0600A04-7FB6-4596-8B5C-D1937113701E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
    "{C0B1B48A-1936-46A8-8CA2-429955C204F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dawn of war 2\dow2.exe |
    "{C3F2C519-2017-45CD-978D-28A73E04C5FB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
    "{C5D259DF-5288-4C98-86D7-C36BA47BE38F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{C8821122-D6FB-4BCD-8456-89D9C7A6B287}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
    "{C8941062-D7D2-4F55-BBF0-0F7BB0B361A9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C90E0ED4-1637-41EA-8C39-491461C964E6}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
    "{CA2E430D-C1EC-4552-830F-864031B43245}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
    "{CA5C9F87-5C20-4F3F-85FC-4D3C6E82DFFB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
    "{D95716D4-227D-486C-9A78-4251DE61B019}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{DBCF8B62-911A-4EAC-8495-03F48676F1CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{DD84D06A-29C5-4C9A-A6F3-87D3A9CC9661}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\airmech\airmech.exe |
    "{DE507BA5-A78D-4931-980E-7FB2F23E0261}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops\blackops.exe |
    "{E29F58EC-F5D5-4B67-9677-EB1E6006EF58}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{E587683D-C378-4D55-82DF-3B3F1E32BE2A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{E64028B8-F015-4395-A12A-C1137A1F846D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
    "{E8109049-B30E-4B55-9588-72FF34368EA9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
    "{E8DF8265-26CF-42F9-826F-1D8D898C9CBE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
    "{EB2BE74A-9767-4C7C-8DF3-DA935A72FBB1}" = protocol=6 | dir=out | app=system |
    "{EB5027AF-5D61-401E-B3D1-AE1D75F5B72D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{EE50D0F7-8FD4-4F8A-9A35-CFD707E6DD1F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
    "{EE6F4246-A5B3-4A7F-9563-50A0C29E5F7F}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe |
    "{F25167D8-D873-480F-A0ED-53771EABDE32}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
    "{F6D5DD4A-6F0F-415D-ACA2-9F33A653B9E6}" = protocol=6 | dir=in | app=c:\users\passenier\appdata\roaming\dropbox\bin\dropbox.exe |
    "{F7AA58F9-BCC5-4A20-9F83-ACB6E4DA6197}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{FC770131-29ED-495F-98A0-769E9BE09112}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\war of the immortals\launcher.exe |
    "{FEA554B9-D7B1-437B-BE5B-DD610D9DDC1E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "TCP Query User{50BE9F1C-F999-4F88-87C2-1AAA2209C91B}C:\users\passenier\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\passenier\appdata\roaming\spotify\spotify.exe |
    "UDP Query User{C1CBCB16-AF05-4DA4-A227-75A5829CFD4A}C:\users\passenier\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\passenier\appdata\roaming\spotify\spotify.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color:9fe9dc8704]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
    "{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
    "{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}" = IBM SPSS Statistics 19
    "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
    "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
    "{1EE2A29D-1D30-5546-2305-EDB418EBCEFD}" = ccc-utility64
    "{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
    "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
    "{4567EA14-6BCA-3EF9-859B-92CE48B1D704}" = Microsoft .NET Framework 4 Client Profile NLD Language Pack
    "{4BC310C4-B898-46E2-B5FB-B85A30AA7142}" = iCloud
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
    "{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
    "{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{881F6DFF-9090-E49F-4CF7-4827705D0F56}" = ATI Catalyst Install Manager
    "{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
    "{90140000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2010
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
    "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
    "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
    "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
    "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
    "{E72B796E-BB9B-44D5-BDCB-36AC39E0C5D0}" = Basissoftware voor HP Officejet Pro 8500 A910
    "{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{F6F37831-C06A-4E0A-9E3B-10AC3A1F537E}" = ATI AVIVO64 Codecs
    "DW WLAN Card" = DW WLAN Card
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile NLD Language Pack" = Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
    "PC-Doctor for Windows" = Dell Support Center

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
    "{010A785B-F920-4350-821B-6309909C20BB}" = THX TruStudio PC
    "{024AB1F9-2387-4FDD-A5BD-9ADAFA5CE772}" = calibre
    "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
    "{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
    "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
    "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
    "{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
    "{185CE178-48CD-3588-3229-533617DDC1AD}" = CCC Help Finnish
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
    "{1BF5CA6C-C8BE-1770-F4BE-8CC6FB86DD5B}" = CCC Help Greek
    "{1C1473A1-1A26-4C8F-9548-A52D03066CE7}" = Catalyst Control Center - Branding
    "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
    "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
    "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
    "{20D9C870-49DE-4A1F-9EA7-6BC3FCC97B1B}" = Dell Stage
    "{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
    "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
    "{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
    "{2D0DFB43-7D2D-464F-99CF-2183816151AA}" = Dell MusicStage
    "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
    "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress
    "{325D2AC9-5905-39DB-80F8-56D8685C3209}" = Visual Studio Tools for the Office system 3.0 Runtime Language Pack - NLD
    "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
    "{36842FC7-F4A5-E25F-1068-916EB9CF0BC7}" = CCC Help Spanish
    "{3958FD3B-1D45-4468-E037-106691DD86AB}" = CCC Help Swedish
    "{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
    "{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
    "{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
    "{405263FC-E3B5-4CA4-A619-783D7176D25C}" = CCC Help Norwegian
    "{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
    "{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
    "{44E5BA62-0210-64FA-0E82-5D3A01B0B779}" = CCC Help Dutch
    "{45642795-567E-4B46-85E7-5CDBC8B2F697}" = inSSIDer
    "{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
    "{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A24C59F-689D-4B0F-3B39-B6DB3D8D7298}" = CCC Help Chinese Traditional
    "{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE
    "{537BF16E-7412-448C-95D8-846E85A1D817}" = Roxio Creator Platinum
    "{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
    "{55BF7E3E-F00A-4A3D-BB76-09228B35FFD6}" = ABN AMRO e.dentifier2 software
    "{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
    "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
    "{5E558E4F-6630-E777-04A3-1775A4429626}" = Catalyst Control Center InstallProxy
    "{5FD58FE9-90E9-AAE3-5EC9-C1292CE8E118}" = CCC Help German
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{66E89BFB-BF09-1FF1-B4CF-01934C4AF5E9}" = Catalyst Control Center Localization All
    "{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
    "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
    "{6BFA6B05-8BBA-0B9E-25D4-3FA20E5D604C}" = CCC Help Japanese
    "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
    "{7329D06E-012D-2AE1-952E-F12BC9551DB6}" = CCC Help Portuguese
    "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
    "{73CA459A-3A47-EEBA-1BBD-E9A684A94CB1}" = CCC Help Czech
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
    "{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
    "{8142D25E-028A-4563-86ED-5755783C8029}" = Messenger Companion
    "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
    "{840F1343-C902-A552-64E8-D5C37C7A62D2}" = CCC Help Italian
    "{86B3F2D6-AC2B-0015-8AE1-F2F77F781B0C}" = EndNote X5
    "{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Haelp
    "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
    "{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
    "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
    "{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
    "{90140000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2010
    "{90140000-0015-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2010
    "{90140000-0016-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2010
    "{90140000-0018-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2010
    "{90140000-0019-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2010
    "{90140000-001A-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2010
    "{90140000-001B-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2010
    "{90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002A-0413-1000-0000000FF1CE}_Office14.PROPLUSR_{B9427E36-0B0A-48F4-8A51-1C178708A28E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2010
    "{90140000-002C-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{D3B92058-CF96-445F-A297-F7ED19C4E841}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-0413-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Dutch) 2010
    "{90140000-0044-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0054-0413-0000-0000000FF1CE}" = Microsoft Office Visio MUI (Dutch) 2010
    "{90140000-0054-0413-0000-0000000FF1CE}_Office14.VISIOR_{01C54C3B-1844-4874-9B6F-CAFC0B4C43B0}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
    "{90140000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2010
    "{90140000-006E-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{260407D0-98A1-4D9A-A956-3D1DEDDDF3B9}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0413-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Dutch) 2010
    "{90140000-00A1-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-0413-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Dutch) 2010
    "{90140000-00BA-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{7A6AD1A3-6EC6-4840-8A29-4CCD27A21069}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
    "{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
    "{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
    "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
    "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module
    "{A40FB177-D824-CBC1-DD77-87E6F8614C54}" = ccc-core-static
    "{A590C358-ACC1-3654-0473-77857D73214A}" = CCC Help English
    "{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
    "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
    "{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
    "{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay
    "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
    "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
    "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
    "{AACC8417-9D5D-A0B4-3A5C-03DB3DF030AD}" = CCC Help Korean
    "{AC76BA86-1040-7D70-7760-000000000005}" = Adobe Acrobat X Pro - Italiano, Español, Nederlands, Português
    "{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
    "{B196A780-B79C-4F35-976D-D3A9D63076BE}" = CCC Help Russian
    "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
    "{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
    "{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Creator Platinum
    "{C143FE2D-8B52-A8AD-8A90-5A8F32B77D89}" = CCC Help Hungarian
    "{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
    "{C5AC39F1-001D-4338-84C6-35109525588A}" = TweetDeck
    "{C7BEFFC9-2D4E-3E80-A3C4-FBCE1D8D0771}" = CCC Help Chinese Standard
    "{C93170A0-CBF9-481F-B972-B4FA5AEE0E06}" = Sound Blaster X-Fi
    "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
    "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
    "{D56C7EAB-BEE6-4D51-86CF-419FFC07FF11}_is1" = iolo technologies' Search and Recover
    "{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
    "{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
    "{D8961DCD-84AF-281C-F3DD-A5109A17DBE0}" = CCC Help Thai
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{DA32037B-5A44-A050-E107-A172FEA36C87}" = CCC Help French
    "{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
    "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
    "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
    "{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer
    "{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage
    "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
    "{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9
    "{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
    "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
    "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
    "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter
    "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F1A14CB2-A048-45A6-AFDA-3571296E1D76}" = Creative Media Toolbox 6
    "{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help
    "{F4F45762-D0C4-461D-A885-DD7E28844556}" = GAP-Diveplanner
    "{F690BD28-335C-B221-F8ED-17CF552AC0F9}" = CCC Help Danish
    "{FA676E0B-D499-4D52-920E-0DB4AAC1CCB8}" = Staplessen Photoshop Elements 9
    "{FABAB9BD-E97B-187D-9A8C-46DDED643981}" = CCC Help Polish
    "{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
    "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    "Aangifte inkomstenbelasting voor ondernemers 2011" = Aangifte inkomstenbelasting voor ondernemers 2011
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9
    "ALchemy" = Creative ALchemy
    "AudioCS" = Creative Configuratiescherm voor geluid
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "Creative Software AutoUpdate" = Creative Software AutoUpdate
    "Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
    "Diagnostics 4_5" = Creative Diagnostics
    "DriveScrubber 3_is1" = iolo technologies' DriveScrubber 3
    "FileZilla Client" = FileZilla Client 3.6.0.2
    "GemistDownloader" = GemistDownloader
    "Host OpenAL" = Host OpenAL
    "InstallShield_{41068A8C-3F30-46B6-978A-EA692F28D1AF}" = Multimedia Card Reader
    "InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
    "InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
    "InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Mozilla Firefox 17.0.1 (x86 nl)" = Mozilla Firefox 17.0.1 (x86 nl)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MSC" = McAfee AntiVirus Plus
    "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
    "Office14.VISIOR" = Microsoft Visio Professional 2010
    "PremElem90" = Adobe Premiere Elements 9
    "ResearchSoft Direct Export Helper" = ResearchSoft Direct Export Helper
    "Steam App 15620" = Warhammer® 40,000™: Dawn of War® II
    "Steam App 209710" = War of the Immortals
    "Steam App 34830" = Sniper: Ghost Warrior
    "Steam App 42680" = Call of Duty: Modern Warfare 3
    "Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
    "Steam App 42700" = Call of Duty: Black Ops
    "Steam App 42710" = Call of Duty: Black Ops - Multiplayer
    "Steam App 43110" = Metro 2033
    "TeamViewer 7" = TeamViewer 7
    "Uninstaller_B4736000_Creative Media Toolbox 6" = Creative Media Toolbox 6 (Shared Components)
    "Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
    "Visual Studio Tools for the Office system 3.0 Runtime Language Pack - NLD" = Taalpakket voor Visual Studio Tools for Office 3.0 Runtime - NLD
    "VLC media player" = VLC media player 2.0.2
    "WaveStudio 7" = Creative WaveStudio 7
    "WinLiveSuite" = Windows Live Essentials
    "World of Warcraft" = World of Warcraft

    ========== HKEY_USERS Uninstall List ==========[/color:9fe9dc8704]

    [HKEY_USERS\S-1-5-21-4216466511-2592422777-570292537-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Aldfaer" = Aldfaer
    "Dropbox" = Dropbox
    "f031ef6ac137efc5" = Dell Driver Download Manager
    "Spotify" = Spotify

    ========== Last 20 Event Log Errors ==========[/color:9fe9dc8704]

    [ Application Events ]
    Error - 4-9-2012 10:53:14 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 6022

    Error - 4-9-2012 10:53:15 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 4-9-2012 10:53:15 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 7020

    Error - 4-9-2012 10:53:15 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 7020

    Error - 4-9-2012 10:53:16 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 4-9-2012 10:53:16 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 8019

    Error - 4-9-2012 10:53:16 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 8019

    Error - 4-9-2012 10:53:17 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 4-9-2012 10:53:17 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 9048

    Error - 4-9-2012 10:53:17 | Computer Name = Passenier_001 | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 9048

    [ Dell Events ]
    Error - 22-6-2011 13:20:30 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 26-6-2011 2:10:52 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 26-6-2011 2:10:52 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 9-7-2011 14:03:43 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 9-7-2011 14:03:43 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 24-7-2011 3:18:40 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 24-7-2011 3:18:40 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 30-7-2011 5:51:29 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 30-7-2011 5:51:29 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    Error - 2-8-2011 14:13:14 | Computer Name = Passenier_001 | Source = DataSafe | ID = 17
    Description = De bewerking werd onderbroken en kon niet worden afgemaakt.

    [ System Events ]
    Error - 3-1-2013 15:13:37 | Computer Name = Passenier_001 | Source = Microsoft-Windows-Kernel-General | ID = 5
    Description =

    Error - 3-1-2013 15:15:32 | Computer Name = Passenier_001 | Source = Microsoft-Windows-Kernel-General | ID = 5
    Description =

    Error - 3-1-2013 15:17:26 | Computer Name = Passenier_001 | Source = Microsoft-Windows-Kernel-General | ID = 5
    Description =

    Error - 3-1-2013 15:19:29 | Computer Name = Passenier_001 | Source = Microsoft-Windows-Kernel-General | ID = 5
    Description =

    Error - 3-1-2013 20:03:05 | Computer Name = Passenier_001 | Source = Service Control Manager | ID = 7031
    Description = De McAfee McShield-service is onverwacht gestopt. Dit is 1 keer gebeurd.
    De volgende herstelbewerking zal over 5000 milliseconden worden uitgevoerd: Service
    opnieuw starten.

    Error - 4-1-2013 3:54:22 | Computer Name = Passenier_001 | Source = Service Control Manager | ID = 7023
    Description = De Windows Driver Foundation - User-mode Driver Framework-service
    is gestopt met de volgende foutcode: %%1114.

    Error - 4-1-2013 6:24:59 | Computer Name = Passenier_001 | Source = NetBT | ID = 4319
    Description = Dubbele naam aangetroffen op het TCP-netwerk. Het IP-adres van de computer
    dat het bericht heeft verzonden, staat in de gegevens. Gebruik nbtstat -n in een
    opdrachtvenster
    als u wilt zien welke naam conflicteert.

    Error - 4-1-2013 6:24:59 | Computer Name = Passenier_001 | Source = NetBT | ID = 4319
    Description = Dubbele naam aangetroffen op het TCP-netwerk. Het IP-adres van de computer
    dat het bericht heeft verzonden, staat in de gegevens. Gebruik nbtstat -n in een
    opdrachtvenster
    als u wilt zien welke naam conflicteert.

    Error - 4-1-2013 6:25:29 | Computer Name = Passenier_001 | Source = NetBT | ID = 4319
    Description = Dubbele naam aangetroffen op het TCP-netwerk. Het IP-adres van de computer
    dat het bericht heeft verzonden, staat in de gegevens. Gebruik nbtstat -n in een
    opdrachtvenster
    als u wilt zien welke naam conflicteert.

    Error - 4-1-2013 6:38:00 | Computer Name = Passenier_001 | Source = NetBT | ID = 4319
    Description = Dubbele naam aangetroffen op het TCP-netwerk. Het IP-adres van de computer
    dat het bericht heeft verzonden, staat in de gegevens. Gebruik nbtstat -n in een
    opdrachtvenster
    als u wilt zien welke naam conflicteert.


    < End of report >
  • Indien jij de [b:9863baa2ed]Dell DataSafe Local Backup[/b:9863baa2ed] niet gebruikt, kan je die software beter deïnstalleren.
    Dat scheelt dan ook weer in de lopende processen!

    [b:9863baa2ed]Welk programma[/b:9863baa2ed]: [b:9863baa2ed]ComboFix[/b:9863baa2ed][/color:9863baa2ed]
    [b:9863baa2ed]Waarvoor/waarom[/b:9863baa2ed]: Zeer specialistische scanner om Windows diepgaand te onderzoeken en op te schonen.
    [b:9863baa2ed]Moeilijkheidsgraad[/b:9863baa2ed]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:9863baa2ed]Downloadlokatie[/b:9863baa2ed]: Dit programma absoluut naar het bureaublad downloaden!
    [b:9863baa2ed]Download ComboFix via één van deze locaties[/b:9863baa2ed]:
    [list:9863baa2ed][*:9863baa2ed][b:9863baa2ed]Bleepingcomputer[/b:9863baa2ed]
    [*:9863baa2ed][b:9863baa2ed]ForoSpyware[/b:9863baa2ed]
    [*:9863baa2ed][b:9863baa2ed]Geekstogo[/b:9863baa2ed][/list:u:9863baa2ed]
    [b:9863baa2ed]Hier[/color:9863baa2ed][/b:9863baa2ed] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor je ComboFix start gedeaktiveert zijn!
    [b:9863baa2ed]Hier[/color:9863baa2ed][/b:9863baa2ed] en [b:9863baa2ed]hier[/color:9863baa2ed][/b:9863baa2ed] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:9863baa2ed]Opmerkingen[/b:9863baa2ed]:
    [list:9863baa2ed][*:9863baa2ed] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren!
    Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:9863baa2ed]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:9863baa2ed]
    [b:9863baa2ed]ComboFix opstarten[/b:9863baa2ed]:
    [list:9863baa2ed][*:9863baa2ed][b:9863baa2ed]Windows 2000[/color:9863baa2ed][/b:9863baa2ed] en [b:9863baa2ed]Windows XP[/b:9863baa2ed][/color:9863baa2ed]: dubbelklik op ComboFix.exe.
    [*:9863baa2ed][b:9863baa2ed]Windows Vista[/b:9863baa2ed][/color:9863baa2ed] en [b:9863baa2ed]Windows 7[/b:9863baa2ed][/color:9863baa2ed]: via rechtsklik op ComboFix.exe en kies voor "Als Administrator uitvoeren".[/list:u:9863baa2ed]
    [b:9863baa2ed]ComboFix is opgestart[/b:9863baa2ed]:
    [list:9863baa2ed][*:9863baa2ed]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:9863baa2ed]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:9863baa2ed]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:9863baa2ed]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:9863baa2ed]Post de inhoud van dit logbestand in je volgende bericht.
    [*:9863baa2ed]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:9863baa2ed]
    [b:9863baa2ed]Belangrijke opmerking[/b:9863baa2ed]:
    [list:9863baa2ed][*:9863baa2ed][b:9863baa2ed]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:9863baa2ed][/b:9863baa2ed]
    [*:9863baa2ed][b:9863baa2ed]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:9863baa2ed][/b:9863baa2ed]
    [*:9863baa2ed][b:9863baa2ed]Start dan de computer opnieuw op.[/color:9863baa2ed][/b:9863baa2ed][/list:u:9863baa2ed]
  • ComboFix 13-01-06.01 - Passenier 07-01-2013 10:28:29.1.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.5829 [GMT 1:00]
    Gestart vanuit: c:\users\Passenier\Desktop\ComboFix.exe
    AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\programdata\PCDr\6032\AddOnDownloaded\08c66698-ac37-420c-8ea0-a63d0e691e3a.dll
    c:\programdata\PCDr\6032\AddOnDownloaded\4011a5cd-1208-467b-b149-4c0534295875.dll
    c:\programdata\PCDr\6032\AddOnDownloaded\62089595-46e8-4c4f-9d7b-48be969390bb.dll
    c:\programdata\PCDr\6032\AddOnDownloaded\918ee45c-eb0a-4e61-97ad-c1849c2623ee.dll
    c:\programdata\PCDr\6032\AddOnDownloaded\b0654984-096d-4244-a127-3364577b6279.dll
    c:\users\Passenier\AppData\Local\assembly\tmp
    c:\users\Passenier\GoToAssistDownloadHelper.exe
    c:\windows\SysWow64\URTTemp
    c:\windows\SysWow64\URTTemp\regtlib.exe
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-07 to 2013-01-07 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-07 09:33 . 2013-01-07 09:33 ——– d—–w- c:\users\Default\AppData\Local\temp
    2013-01-07 09:32 . 2013-01-07 09:32 76232 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E1038E4-1E37-45F9-8F30-39BF0CB392C6}\offreg.dll
    2013-01-07 08:00 . 2012-11-08 17:24 9125352 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E1038E4-1E37-45F9-8F30-39BF0CB392C6}\mpengine.dll
    2013-01-04 11:28 . 2012-05-28 09:28 197264 —-a-w- c:\windows\system32\drivers\HipShieldK.sys
    2013-01-03 08:56 . 2013-01-03 08:56 ——– d—–w- c:\program files (x86)\Staplessen
    2012-12-29 13:46 . 2012-12-29 13:46 ——– d—–w- c:\program files (x86)\Yahoo!
    2012-12-21 09:14 . 2012-12-16 17:11 46080 —-a-w- c:\windows\system32\atmlib.dll
    2012-12-21 09:14 . 2012-12-16 14:13 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-21 09:14 . 2012-12-16 14:45 367616 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-21 09:14 . 2012-12-16 14:13 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\program files\iTunes
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\program files (x86)\iTunes
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\program files\iPod
    2012-12-15 08:38 . 2012-12-15 08:38 ——– d—–w- c:\program files (x86)\Microsoft Games for Windows - LIVE
    2012-12-15 08:38 . 2012-12-15 08:38 ——– d—–w- c:\windows\SysWow64\xlive
    2012-12-15 08:37 . 2008-07-12 07:18 467984 —-a-w- c:\windows\SysWow64\d3dx10_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 1493528 —-a-w- c:\windows\SysWow64\D3DCompiler_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 540688 —-a-w- c:\windows\system32\d3dx10_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 1942552 —-a-w- c:\windows\system32\D3DCompiler_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 3851784 —-a-w- c:\windows\SysWow64\D3DX9_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 4992520 —-a-w- c:\windows\system32\D3DX9_39.dll
    2012-12-12 21:31 . 2012-11-09 05:45 2048 —-a-w- c:\windows\system32\tzres.dll
    2012-12-12 21:30 . 2012-11-02 05:59 478208 —-a-w- c:\windows\system32\dpnet.dll
    2012-12-12 21:30 . 2012-11-02 05:11 376832 —-a-w- c:\windows\SysWow64\dpnet.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-12 21:53 . 2011-05-22 12:21 67413224 —-a-w- c:\windows\system32\MRT.exe
    2012-12-12 14:25 . 2012-04-09 08:14 697272 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-12 14:25 . 2011-05-22 12:36 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-11-09 05:40 . 2012-11-09 05:40 69672 —-a-w- c:\windows\system32\drivers\cfwids.sys
    2012-11-09 05:37 . 2012-07-09 12:50 339776 —-a-w- c:\windows\system32\drivers\mfewfpk.sys
    2012-11-09 05:37 . 2011-03-13 15:45 177680 —-a-w- c:\windows\system32\mfevtps.exe
    2012-11-09 05:35 . 2012-07-09 12:50 771096 —-a-w- c:\windows\system32\drivers\mfehidk.sys
    2012-11-09 05:34 . 2012-11-09 05:34 515528 —-a-w- c:\windows\system32\drivers\mfefirek.sys
    2012-11-09 05:34 . 2012-11-09 05:34 309400 —-a-w- c:\windows\system32\drivers\mfeavfk.sys
    2012-11-09 05:33 . 2012-11-09 05:33 178840 —-a-w- c:\windows\system32\drivers\mfeapfk.sys
    2012-11-06 07:57 . 2012-11-06 07:57 466456 —-a-w- c:\windows\system32\wrap_oal.dll
    2012-11-06 07:57 . 2012-11-06 07:57 444952 —-a-w- c:\windows\SysWow64\wrap_oal.dll
    2012-11-06 07:57 . 2012-11-06 07:57 122904 —-a-w- c:\windows\system32\OpenAL32.dll
    2012-11-06 07:57 . 2012-11-06 07:57 109080 —-a-w- c:\windows\SysWow64\OpenAL32.dll
    2012-11-02 10:06 . 2012-11-02 10:06 74703 —-a-w- c:\windows\SysWow64\mfc45.dat
    2012-11-02 00:46 . 2012-11-02 00:46 97208 —-a-w- c:\windows\system32\drivers\mfencrk.sys
    2012-11-02 00:46 . 2012-11-02 00:46 328976 —-a-w- c:\windows\system32\drivers\mfencbdc.sys
    2012-11-02 00:46 . 2012-11-02 00:46 10544 —-a-w- c:\windows\system32\drivers\mfeclnrk.sys
    2012-11-01 12:03 . 2012-11-01 12:03 74703 —-a-w- c:\windows\SysWow64\mfc45.dll
    2012-10-25 02:12 . 2012-10-25 02:12 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2012-10-25 02:12 . 2012-10-25 02:12 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2012-10-19 09:32 . 2012-11-01 12:07 2136064 —-a-w- c:\windows\system32\Incinerator64.dll
    2012-10-19 09:32 . 2012-11-01 12:07 2078208 —-a-w- c:\windows\SysWow64\Incinerator32.dll
    2012-10-19 09:04 . 2012-11-01 12:05 57680 —-a-w- c:\windows\system32\iolobtdfg.exe
    2012-10-19 09:03 . 2012-11-01 12:05 25744 —-a-w- c:\windows\system32\smrgdf.exe
    2012-10-19 08:38 . 2012-11-02 10:06 82160 —-a-w- c:\windows\system32\drivers\PDFsFilter.sys
    2012-10-16 08:38 . 2012-11-29 07:42 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38 . 2012-11-29 07:42 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39 . 2012-11-29 07:42 561664 —-a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-11 12:13 . 2012-07-17 13:57 821736 —-a-w- c:\windows\SysWow64
    pdeployJava1.dll
    2012-10-11 12:13 . 2011-05-13 08:35 746984 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2012-10-09 18:17 . 2012-11-18 12:39 55296 —-a-w- c:\windows\system32\dhcpcsvc6.dll
    2012-10-09 18:17 . 2012-11-18 12:39 226816 —-a-w- c:\windows\system32\dhcpcore6.dll
    2012-10-09 17:40 . 2012-11-18 12:39 44032 —-a-w- c:\windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40 . 2012-11-18 12:39 193536 —-a-w- c:\windows\SysWow64\dhcpcore6.dll
    2011-08-15 18:50 . 2011-07-28 18:34 49412 —-a-w- c:\program files\Scan.dll.new
    2011-07-28 18:34 . 2011-06-06 19:13 48900 —-a-w- c:\program files\Scan.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
    2012-01-19 00:09 194848 —-a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
    "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-10-07 454160]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0S??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0?????????????????\0??????\0autocheck smrgdf c:\users\Passenier\AppData\Roaming\iolo\\0\0
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R1 FileDisk;FileDisk; [x]
    R1 RxFilter;RxFilter;c:\windows\system32\DRIVERS\RxFilter.sys [x]
    R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/05/13 10:51;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-26 236016]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336]
    R2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
    R2 MMCSS;Multimedia Class Scheduler;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R2 sppsvc;Software Protection;c:\windows\system32\sppsvc.exe [2010-11-20 3524608]
    R3 1394ohci;1394 OHCI Compliant Host Controller;c:\windows\system32\drivers\1394ohci.sys [2010-11-20 229888]
    R3 AcpiPmi;Stuurprogramma voor ACPI-compatibele energiemeter;c:\windows\system32\drivers\acpipmi.sys [2010-11-20 12800]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 250808]
    R3 adp94xx;adp94xx;c:\windows\system32\DRIVERS\adp94xx.sys [2009-07-14 491088]
    R3 adpahci;adpahci;c:\windows\system32\DRIVERS\adpahci.sys [2009-07-14 339536]
    R3 amdsata;amdsata;c:\windows\system32\drivers\amdsata.sys [2011-03-11 107904]
    R3 amdsbs;amdsbs;c:\windows\system32\DRIVERS\amdsbs.sys [2009-07-14 194128]
    R3 AppID;AppID-stuurprogramma;c:\windows\system32\drivers\appid.sys [2010-11-20 61440]
    R3 AppIDSvc;Application Identity;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 arcsas;arcsas;c:\windows\system32\DRIVERS\arcsas.sys [2009-07-14 97856]
    R3 b06bdrv;Broadcom NetXtreme II VBD;c:\windows\system32\DRIVERS\bxvbda.sys [2009-06-10 468480]
    R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60a.sys [2009-06-10 270848]
    R3 BDESVC;BitLocker Drive Encryption Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver;c:\windows\system32\DRIVERS\BrFiltLo.sys [2009-06-10 18432]
    R3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver;c:\windows\system32\DRIVERS\BrFiltUp.sys [2009-06-10 8704]
    R3 Brserid;Brother MFC Serial Port Interface Driver (WDM);c:\windows\System32\Drivers\Brserid.sys [2009-07-14 286720]
    R3 BrSerWdm;Brother WDM Serial driver;c:\windows\System32\Drivers\BrSerWdm.sys [2009-06-10 47104]
    R3 BrUsbMdm;Brother MFC USB Fax Only Modem;c:\windows\System32\Drivers\BrUsbMdm.sys [2009-06-10 14976]
    R3 BrUsbSer;Brother MFC USB Serial WDM Driver;c:\windows\System32\Drivers\BrUsbSer.sys [2009-06-10 14720]
    R3 BTHPORT;Stuurprogramma voor Bluetooth-poort;c:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
    R3 CertPropSvc;Certificate Propagation;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 circlass;Consumer IR Devices;c:\windows\system32\DRIVERS\circlass.sys [2009-07-14 45568]
    R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-24 79360]
    R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-05-13 79360]
    R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2011-05-24 79360]
    R3 defragsvc;Disk Defragmenter;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 ebdrv;Broadcom NetXtreme II 10 GigE VBD;c:\windows\system32\DRIVERS\evbda.sys [2009-06-10 3286016]
    R3 ehRecvr;Windows Media Center Receiver Service;c:\windows\ehome\ehRecvr.exe [2010-11-20 696832]
    R3 ehSched;Windows Media Center Scheduler Service;c:\windows\ehome\ehsched.exe [2009-07-14 127488]
    R3 elxstor;elxstor;c:\windows\system32\DRIVERS\elxstor.sys [2009-07-14 530496]
    R3 ErrDev;Stuurprogramma voor Microsoft Hardware Error Device;c:\windows\system32\drivers\errdev.sys [2009-07-13 9728]
    R3 Fax;Fax;c:\windows\system32\fxssvc.exe [2010-11-20 689152]
    R3 fdPHost;Function Discovery Provider Host;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 Filetrace;Filetrace;c:\windows\system32\drivers\filetrace.sys [2009-07-13 34304]
    R3 FLEXnet Licensing Service;FLEXnet Licensing Service;c:\program files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-05-13 1045256]
    R3 FsDepends;File System Dependency Minifilter;c:\windows\system32\drivers\FsDepends.sys [2009-07-14 55376]
    R3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;c:\windows\system32\DRIVERS\gagp30kx.sys [2009-07-14 65088]
    R3 hcw85cir;Hauppauge Consumer Infrared Receiver;c:\windows\system32\drivers\hcw85cir.sys [2009-06-10 31232]
    R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service;c:\windows\system32\drivers\HdAudio.sys [2010-11-20 350208]
    R3 HidBth;Microsoft Bluetooth HID Miniport;c:\windows\system32\DRIVERS\hidbth.sys [2009-07-14 100864]
    R3 HidIr;Microsoft Infrared HID Driver;c:\windows\system32\DRIVERS\hidir.sys [2009-07-14 46592]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264]
    R3 HomeGroupListener;HomeGroup Listener;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 HomeGroupProvider;HomeGroup Provider;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 HpSAMD;HpSAMD;c:\windows\system32\drivers\HpSAMD.sys [2010-11-20 78720]
    R3 iaStorV;Intel RAID Controller Windows 7;c:\windows\system32\drivers\iaStorV.sys [2011-03-11 410496]
    R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
    R3 IPBusEnum;PnP-X IP Bus Enumerator;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 IPMIDRV;IPMIDRV;c:\windows\system32\drivers\IPMIDrv.sys [2010-11-20 78848]
    R3 iScsiPrt;iScsiPort-stuurprogramma;c:\windows\system32\drivers\msiscsi.sys [2010-11-20 273792]
    R3 KtmRm;KtmRm for Distributed Transaction Coordinator;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 lltdsvc;Link-Layer Topology Discovery Mapper;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 LSI_FC;LSI_FC;c:\windows\system32\DRIVERS\lsi_fc.sys [2009-07-14 114752]
    R3 LSI_SAS;LSI_SAS;c:\windows\system32\DRIVERS\lsi_sas.sys [2009-07-14 106560]
    R3 LSI_SAS2;LSI_SAS2;c:\windows\system32\DRIVERS\lsi_sas2.sys [2009-07-14 65600]
    R3 LSI_SCSI;LSI_SCSI;c:\windows\system32\DRIVERS\lsi_scsi.sys [2009-07-14 115776]
    R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
    R3 megasas;megasas;c:\windows\system32\DRIVERS\megasas.sys [2009-07-14 35392]
    R3 MegaSR;MegaSR;c:\windows\system32\DRIVERS\MegaSR.sys [2009-07-14 284736]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-03 115168]
    R3 mpio;Stuurprogramma voor Microsoft mulitpad bus;c:\windows\system32\drivers\mpio.sys [2010-11-20 155008]
    R3 msahci;msahci;c:\windows\system32\drivers\msahci.sys [2010-11-20 31104]
    R3 msdsm;Specifieke module voor Microsoft multipadapparaat;c:\windows\system32\drivers\msdsm.sys [2010-11-20 140672]
    R3 mshidkmdf;Pass-through HID to KMDF Filter Driver;c:\windows\System32\drivers\mshidkmdf.sys [2009-07-14 8192]
    R3 MSiSCSI;Microsoft iSCSI Initiator Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 MsRPC;MsRPC; [x]
    R3 MTConfig;Microsoft Input Configuration Driver;c:\windows\system32\DRIVERS\MTConfig.sys [2009-07-14 15360]
    R3 NdisCap;NDIS Capture LightWeight Filter;c:\windows\system32\DRIVERS
    discap.sys [2009-07-14 35328]
    R3 nfrd960;nfrd960;c:\windows\system32\DRIVERS
    frd960.sys [2009-07-14 51264]
    R3 nvstor;nvstor;c:\windows\system32\drivers
    vstor.sys [2011-03-11 166272]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 p2pimsvc;Peer Networking Identity Manager;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 p2psvc;Peer Networking Grouping;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-08-17 25584]
    R3 PerfHost;Performance Counter DLL Host;c:\windows\SysWow64\perfhost.exe [2009-07-14 20992]
    R3 pla;Performance Logs & Alerts;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 PNRPAutoReg;PNRP Machine Name Publication Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 PNRPsvc;Peer Name Resolution Protocol;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 ql2300;ql2300;c:\windows\system32\DRIVERS\ql2300.sys [2009-07-14 1524816]
    R3 ql40xx;ql40xx;c:\windows\system32\DRIVERS\ql40xx.sys [2009-07-14 128592]
    R3 QWAVE;Quality Windows Audio Video Experience;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 QWAVEdrv;QWAVE driver;c:\windows\system32\drivers\qwavedrv.sys [2009-07-14 46592]
    R3 rdpbus;Remote Desktop Device Redirector Bus Driver;c:\windows\system32\DRIVERS\rdpbus.sys [2009-07-14 24064]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 sbp2port;SBP-2 Transport/Protocol-busstuurprogramma;c:\windows\system32\drivers\sbp2port.sys [2010-11-20 103808]
    R3 SCPolicySvc;Smart Card Removal Policy;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 SensrSvc;Adaptive Brightness;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 sermouse;Serial Mouse Driver;c:\windows\system32\DRIVERS\sermouse.sys [2009-07-14 26624]
    R3 SessionEnv;Remote Desktop Configuration;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 sffdisk;SFF Storage Class-stuurprogramma;c:\windows\system32\drivers\sffdisk.sys [2009-07-14 14336]
    R3 sffp_mmc;Stuurprogramma volgens SFF-opslagprotocol voor MMC;c:\windows\system32\drivers\sffp_mmc.sys [2009-07-14 13824]
    R3 sffp_sd;Stuurprogramma volgens SFF-opslagprotocol voor SDBus;c:\windows\system32\drivers\sffp_sd.sys [2010-11-20 14336]
    R3 SiSRaid2;SiSRaid2;c:\windows\system32\DRIVERS\SiSRaid2.sys [2009-07-14 43584]
    R3 SiSRaid4;SiSRaid4;c:\windows\system32\DRIVERS\sisraid4.sys [2009-07-14 80464]
    R3 Smb;Bericht-georiënteerd TCP/IP- en TCP/IPv6-protocol (SMB-sessie);c:\windows\system32\DRIVERS\smb.sys [2009-07-14 93184]
    R3 SNMPTRAP;SNMP Trap;c:\windows\System32\snmptrap.exe [2009-07-14 14336]
    R3 sppuinotify;SPP Notification Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 Steam Client Service;Steam Client Service;c:\program files (x86)\Common Files\Steam\SteamService.exe [2012-12-21 541760]
    R3 stexstor;stexstor;c:\windows\system32\DRIVERS\stexstor.sys [2009-07-14 24656]
    R3 stllssvr;stllssvr;c:\program files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392]
    R3 TabletInputService;Tablet PC Input Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 TBS;TPM Base Services;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 TCPIP6;Microsoft IPv6 Protocol Driver;c:\windows\system32\DRIVERS\tcpip.sys [2012-10-03 1914248]
    R3 THREADORDER;Thread Ordering Server;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 TrustedInstaller;Windows Modules Installer;c:\windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
    R3 tssecsrv;Remote Desktop Services Security Filter Driver;c:\windows\system32\DRIVERS\tssecsrv.sys [2010-11-20 39424]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 uagp35;Microsoft AGPv3.5 Filter;c:\windows\system32\DRIVERS\uagp35.sys [2009-07-14 64080]
    R3 UI0Detect;Interactive Services Detection;c:\windows\system32\UI0Detect.exe [2009-07-14 40960]
    R3 uliagpkx;Uli AGP Bus Filter;c:\windows\system32\drivers\uliagpkx.sys [2009-07-14 64592]
    R3 UmPass;Microsoft UMPass Driver;c:\windows\system32\DRIVERS\umpass.sys [2009-07-14 9728]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
    R3 usbcir;eHome-infraroodontvanger (USBCIR);c:\windows\system32\drivers\usbcir.sys [2009-07-14 100352]
    R3 VaultSvc;Credential Manager;c:\windows\system32\lsass.exe [2011-11-17 31232]
    R3 vhdmp;vhdmp;c:\windows\system32\drivers\vhdmp.sys [2010-11-20 215936]
    R3 vsmraid;vsmraid;c:\windows\system32\DRIVERS\vsmraid.sys [2009-07-14 161872]
    R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\DRIVERS\wacompen.sys [2009-07-14 27776]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-22 1255736]
    R3 wbengine;Block Level Backup Engine Service;c:\windows\system32\wbengine.exe [2010-11-20 1504256]
    R3 WbioSrvc;Windows Biometric Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 wcncsvc;Windows Connect Now - Config Registrar;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 WcsPlugInService;Windows Color System;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 Wd;Wd;c:\windows\system32\DRIVERS\wd.sys [2009-07-14 21056]
    R3 Wecsvc;Windows Event Collector;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 wercplsupport;Problem Reports and Solutions Control Panel Support;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 WerSvc;Windows Error Reporting Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 WimFltr;WimFltr;c:\windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
    R3 WIMMount;WIMMount;c:\windows\system32\drivers\wimmount.sys [2009-07-14 22096]
    R3 WinRM;Windows Remote Management (WS-Management);c:\windows\System32\svchost.exe [2009-07-14 27136]
    R3 WinUsb;WinUsb;c:\windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI;c:\windows\system32\drivers\wmiacpi.sys [2009-07-13 14336]
    R3 WPCSvc;Parental Controls;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
    R3 WwanSvc;WWAN AutoConfig;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
    R4 Mcx2Svc;Media Center Extender Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2008-06-20 313840]
    R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2008-06-20 362992]
    R4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-06-20 309744]
    R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-06-20 1120752]
    R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
    R4 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-06-20 166384]
    R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
    R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2735528]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 amdxata;amdxata;c:\windows\system32\drivers\amdxata.sys [2011-03-11 27008]
    S0 CLFS;Common Log (CLFS);c:\windows\System32\CLFS.sys [2009-07-14 367696]
    S0 CNG;CNG;c:\windows\System32\Drivers\cng.sys [2012-08-24 458712]
    S0 FileInfo;File Information FS MiniFilter;c:\windows\system32\drivers\fileinfo.sys [2009-07-14 70224]
    S0 fvevol;Filterstuurprogramma Bitlocker-stationsvergrendeling;c:\windows\System32\DRIVERS\fvevol.sys [2010-11-20 223248]
    S0 hwpolicy;Hardware Policy Driver;c:\windows\System32\drivers\hwpolicy.sys [2010-11-20 14720]
    S0 KSecPkg;KSecPkg;c:\windows\System32\Drivers\ksecpkg.sys [2012-08-24 154480]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776]
    S0 msisadrv;msisadrv;c:\windows\system32\drivers\msisadrv.sys [2009-07-14 15424]
    S0 pcw;Performance Counters for Windows Driver;c:\windows\System32\drivers\pcw.sys [2009-07-14 50768]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
    S0 rdyboost;ReadyBoost;c:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
    S0 spldr;Security Processor Loader Driver; [x]
    S0 vdrvroot;Microsoft Virtual Drive Enumerator-stuurprogramma;c:\windows\system32\drivers\vdrvroot.sys [2009-07-14 36432]
    S0 volmgr;Stuurprogramma voor Volumebeheer;c:\windows\system32\drivers\volmgr.sys [2010-11-20 71552]
    S0 volmgrx;Dynamisch Volumebeheer;c:\windows\System32\drivers\volmgrx.sys [2010-11-20 363392]
    S0 Wdf01000;Kernel Mode Driver Frameworks service;c:\windows\system32\drivers\Wdf01000.sys [2012-07-26 785512]
    S1 blbdrive;blbdrive;c:\windows\system32\DRIVERS\blbdrive.sys [2009-07-13 45056]
    S1 DfsC;DFS Namespace Client Driver;c:\windows\system32\Drivers\dfsc.sys [2010-11-20 102400]
    S1 discache;System Attribute Cache;c:\windows\system32\drivers\discache.sys [2009-07-13 40448]
    S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2009-09-08 23464]
    S1 nsiproxy;NSI proxy service driver.;c:\windows\system32\drivers
    siproxy.sys [2009-07-13 24576]
    S1 RDPENCDD;RDP Encoder Mirror Driver;c:\windows\system32\drivers\rdpencdd.sys [2009-07-14 7680]
    S1 RDPREFMP;Reflector Display Driver used to gain access to graphics data;c:\windows\system32\drivers\rdprefmp.sys [2009-07-14 8192]
    S1 tdx;Stuurprogramma voor ondersteuning van NetIO Legacy TDI;c:\windows\system32\DRIVERS\tdx.sys [2010-11-20 119296]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
    S1 Wanarpv6;IPv6 ARP-stuurprogramma voor externe toegang;c:\windows\system32\DRIVERS\wanarp.sys [2010-11-20 88576]
    S1 WfpLwf;WFP Lightweight Filter;c:\windows\system32\DRIVERS\wfplwf.sys [2009-07-14 12800]
    S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
    S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63960]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-12-09 203776]
    S2 Apple Mobile Device;Apple Mobile Device;c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
    S2 AudioEndpointBuilder;Windows Audio Endpoint Builder;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 BFE;Base Filtering Engine;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 CTAudSvcService;Creative Audio Service;c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe [2009-02-23 307200]
    S2 DPS;Diagnostic Policy Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 EFS;Encrypting File System (EFS);c:\windows\System32\lsass.exe [2011-11-17 31232]
    S2 FDResPub;Function Discovery Resource Publication;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 gpsvc;Group Policy Client;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
    S2 IKEEXT;IKE and AuthIP IPsec Keying Modules;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-10-19 1028464]
    S2 iphlpsvc;IP Helper;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver;c:\windows\system32\DRIVERS\lltdio.sys [2009-07-14 60928]
    S2 luafv;Virtualisatie van UAC-bestanden;c:\windows\system32\drivers\luafv.sys [2009-07-13 113152]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680]
    S2 MpsSvc;Windows Firewall;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 NlaSvc;Network Location Awareness;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 nsi;Network Store Interface Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 PcaSvc;Program Compatibility Assistant Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-10-19 82160]
    S2 PEAUTH;PEAUTH;c:\windows\system32\drivers\peauth.sys [2009-07-14 651264]
    S2 Power;Power;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 ProfSvc;User Profile Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 RpcEptMapper;RPC Endpoint Mapper;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 rspndr;Link-Layer Topology Discovery Responder;c:\windows\system32\DRIVERS\rspndr.sys [2009-07-14 76800]
    S2 SysMain;Superfetch;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 tcpipreg;TCP/IP Registry Compatibility;c:\windows\system32\drivers\tcpipreg.sys [2012-10-03 45568]
    S2 UxSms;Desktop Window Manager Session Manager;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 WinDefend;Windows Defender;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S2 Wlansvc;WLAN AutoConfig;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
    S2 WSearch;Windows Search;c:\windows\system32\SearchIndexer.exe [2011-05-04 591872]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-12-09 8281088]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-12-09 292352]
    S3 Appinfo;Application Information;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
    S3 BCM43XX;Stuurprogramma voor DW WLAN-kaart;c:\windows\system32\DRIVERS\bcmwl664.sys [2010-05-20 3058168]
    S3 bowser;Stuurprogramma voor browserondersteuning;c:\windows\system32\DRIVERS\bowser.sys [2011-02-23 90624]
    S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok;c:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
    S3 BthPan;Bluetooth-apparaat (Personal Area Network);c:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
    S3 bthserv;Bluetooth Support Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio;c:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
    S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-13 344616]
    S3 btwaudio;Bluetooth-audioapparaat;c:\windows\system32\drivers\btwaudio.sys [2010-07-20 102952]
    S3 btwavdt;Bluetooth AVDT Service;c:\windows\system32\DRIVERS\btwavdt.sys [2010-07-20 135720]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
    S3 btwrchid;btwrchid;c:\windows\system32\DRIVERS\btwrchid.sys [2010-07-20 21544]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672]
    S3 CompositeBus;Stuurprogramma voor Composite Bus Enumerator;c:\windows\system32\drivers\CompositeBus.sys [2010-11-20 38912]
    S3 DXGKrnl;LDDM Graphics Subsystem;c:\windows\System32\drivers\dxgkrnl.sys [2010-11-20 982912]
    S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
    S3 KeyIso;CNG Key Isolation;c:\windows\system32\lsass.exe [2011-11-17 31232]
    S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
    S3 mfeapfk;McAfee Inc. mfeapfk;c:\windows\system32\drivers\mfeapfk.sys [2012-11-09 178840]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]
    S3 monitor;Microsoft Monitor Class Function Driver-service;c:\windows\system32\DRIVERS\monitor.sys [2009-07-13 30208]
    S3 mpsdrv;Autorisatiestuurprogramma van Windows Firewall;c:\windows\system32\drivers\mpsdrv.sys [2009-07-14 77312]
    S3 mrxsmb10;SMB 1.x mini-redirector;c:\windows\system32\DRIVERS\mrxsmb10.sys [2011-07-09 288768]
    S3 mrxsmb20;SMB 2.0 mini-redirector;c:\windows\system32\DRIVERS\mrxsmb20.sys [2011-04-27 128000]
    S3 NativeWifiP;NativeWiFi Filter;c:\windows\system32\DRIVERS
    wifi.sys [2009-07-14 318976]
    S3 netprofm;Network List Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S3 RasAgileVpn;WAN Miniport (IKEv2);c:\windows\system32\DRIVERS\AgileVpn.sys [2009-07-14 60416]
    S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI);c:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
    S3 scfilter;Klassefilterstuurprogramma voor smartcard-PnP;c:\windows\system32\DRIVERS\scfilter.sys [2010-11-20 29696]
    S3 SDRSVC;Windows Backup;c:\windows\system32\svchost.exe [2009-07-14 27136]
    S3 srv2;Stuurprogramma Server SMB 2.xxx;c:\windows\system32\DRIVERS\srv2.sys [2011-04-29 410112]
    S3 srvnet;srvnet;c:\windows\system32\DRIVERS\srvnet.sys [2011-04-29 168448]
    S3 StillCam;Stuurprogramma voor seriële digitale fotocamera;c:\windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
    S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-07-27 639512]
    S3 tunnel;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter;c:\windows\system32\DRIVERS\tunnel.sys [2010-11-20 125440]
    S3 umbus;UMBus Enumerator-stuurprogramma;c:\windows\system32\DRIVERS\umbus.sys [2010-11-20 48640]
    S3 vwifibus;Stuurprogramma voor Virtual WiFi-bus;c:\windows\system32\DRIVERS\vwifibus.sys [2009-07-14 24576]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
    S3 WdiServiceHost;Diagnostic Service Host;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S3 WdiSystemHost;Diagnostic System Host;c:\windows\System32\svchost.exe [2009-07-14 27136]
    S3 WPDBusEnum;Portable Device Enumerator Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *Deregistered* - CLKMDRV10_9EC60124
    *Deregistered* - ioloSGuardDriver
    *Deregistered* - mfeavfk01
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 14:25]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    ——- Bijkomende Scan ——-
    .
    uDefault_Search_URL = hxxp://www.google.com/ie
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    FF - ProfilePath - c:\users\Passenier\AppData\Roaming\Mozilla\Firefox\Profiles\parv4eb0.default\
    FF - prefs.js: browser.startup.homepage - www.google.nl
    FF - user.js: extentions.y2layers.installId - 5d0ddc16-bb55-49d9-91ac-cf783bb63154
    FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,
    FF - user.js: extensions.autoDisableScopes - 14
    FF - user.js: security.csp.enable - false
    .
    .
    ——- Bestandsassociaties ——-
    .
    JSEFile=NOTEPAD.EXE %1
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
    Toolbar-Locked - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020200}_0]
    "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Microsoft-Windows-WinMan-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2753842~31bf3856ad364e35~amd64~~6.1.1.2]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2758857~31bf3856ad364e35~amd64~~6.1.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2761465~31bf3856ad364e35~amd64~~10.2.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000000
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2761465~31bf3856ad364e35~amd64~~9.4.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2770660~31bf3856ad364e35~amd64~~6.1.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2779030~31bf3856ad364e35~amd64~~6.1.1.2]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2779562~31bf3856ad364e35~amd64~~6.1.1.1]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-01-07 10:35:01
    ComboFix-quarantined-files.txt 2013-01-07 09:35
    .
    Pre-Run: 1.252.209.664.000 bytes beschikbaar
    Post-Run: 1.251.969.482.752 bytes beschikbaar
    .
    - - End Of File - - 002017BC496EC287454634CB3257D753
  • Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\[b:abdb4e3338]Kladblok (of Notepad)[/b:abdb4e3338]".

    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster


    [b:abdb4e3338]ClearJavaCache::

    Folder::
    c:\program files (x86)\Yontoo

    Registry::
    [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
    2012-01-19 00:09 194848 —-a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll


    [/color:abdb4e3338][/b:abdb4e3338]

    Sla dit kladblokbestand op je bureaublad op als [b:abdb4e3338]CFScript.txt[/b:abdb4e3338].

    [b:abdb4e3338]Nu eerst de antivirus en eventuele spywarescanners deaktiveren![/color:abdb4e3338][/b:abdb4e3338]
    [b:abdb4e3338]Zorg ook ervoor dat alle andere openstaande vensters gesloten zijn, ook de webbrowser.[/b:abdb4e3338][/color:abdb4e3338]


    Sleep CFScript.txt in ComboFix.exe


    [img:abdb4e3338]http://crew.nucia.eu/smeenk/CFScript.gif[/img:abdb4e3338]

    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.


    Post het Combofix-log dat na het opnieuw starten wordt getoond.
    Ingeval Combofix je computer opnieuw heeft opgestart (of jij dat hebt gedaan), vindt je het log ook in [b:abdb4e3338]C:\Combofix.txt[/b:abdb4e3338]

    [b:abdb4e3338]Belangrijke opmerking[/b:abdb4e3338]:
    [list:abdb4e3338][*:abdb4e3338][b:abdb4e3338]Indien na de scan bij het opstarten van programma's er een error wordt getoond met de melding:[/color:abdb4e3338][/b:abdb4e3338]
    [*:abdb4e3338][b:abdb4e3338]Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.[/color:abdb4e3338][/b:abdb4e3338]
    [*:abdb4e3338][b:abdb4e3338]Start dan de computer opnieuw op.[/color:abdb4e3338][/b:abdb4e3338][/list:u:abdb4e3338]
  • ComboFix 13-01-06.01 - Passenier 07-01-2013 16:30:56.2.8 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.8174.6142 [GMT 1:00]
    Gestart vanuit: c:\users\Passenier\Desktop\ComboFix.exe
    gebruikte Opdracht switches :: c:\users\Passenier\Desktop\CFScript.txt
    AV: McAfee Antivirus en antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
    FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
    SP: McAfee Antivirus en antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Yontoo
    c:\program files (x86)\Yontoo\YontooIEClient.dll
    c:\users\Passenier\AppData\Local\assembly\tmp
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-07 to 2013-01-07 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-07 15:35 . 2013-01-07 15:35 ——– d—–w- c:\users\Default\AppData\Local\temp
    2013-01-07 09:32 . 2013-01-07 09:32 76232 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E1038E4-1E37-45F9-8F30-39BF0CB392C6}\offreg.dll
    2013-01-07 08:00 . 2012-11-08 17:24 9125352 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E1038E4-1E37-45F9-8F30-39BF0CB392C6}\mpengine.dll
    2013-01-04 11:28 . 2012-05-28 09:28 197264 —-a-w- c:\windows\system32\drivers\HipShieldK.sys
    2013-01-03 08:56 . 2013-01-03 08:56 ——– d—–w- c:\program files (x86)\Staplessen
    2012-12-29 13:46 . 2012-12-29 13:46 ——– d—–w- c:\program files (x86)\Yahoo!
    2012-12-21 09:14 . 2012-12-16 17:11 46080 —-a-w- c:\windows\system32\atmlib.dll
    2012-12-21 09:14 . 2012-12-16 14:13 34304 —-a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-21 09:14 . 2012-12-16 14:45 367616 —-a-w- c:\windows\system32\atmfd.dll
    2012-12-21 09:14 . 2012-12-16 14:13 295424 —-a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\program files\iTunes
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\program files (x86)\iTunes
    2012-12-17 10:09 . 2012-12-17 10:09 ——– d—–w- c:\program files\iPod
    2012-12-15 08:38 . 2012-12-15 08:38 ——– d—–w- c:\program files (x86)\Microsoft Games for Windows - LIVE
    2012-12-15 08:38 . 2012-12-15 08:38 ——– d—–w- c:\windows\SysWow64\xlive
    2012-12-15 08:37 . 2008-07-12 07:18 467984 —-a-w- c:\windows\SysWow64\d3dx10_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 1493528 —-a-w- c:\windows\SysWow64\D3DCompiler_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 540688 —-a-w- c:\windows\system32\d3dx10_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 1942552 —-a-w- c:\windows\system32\D3DCompiler_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 3851784 —-a-w- c:\windows\SysWow64\D3DX9_39.dll
    2012-12-15 08:37 . 2008-07-12 07:18 4992520 —-a-w- c:\windows\system32\D3DX9_39.dll
    2012-12-12 21:31 . 2012-11-09 05:45 2048 —-a-w- c:\windows\system32\tzres.dll
    2012-12-12 21:30 . 2012-11-02 05:59 478208 —-a-w- c:\windows\system32\dpnet.dll
    2012-12-12 21:30 . 2012-11-02 05:11 376832 —-a-w- c:\windows\SysWow64\dpnet.dll
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-12 21:53 . 2011-05-22 12:21 67413224 —-a-w- c:\windows\system32\MRT.exe
    2012-12-12 14:25 . 2012-04-09 08:14 697272 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-12 14:25 . 2011-05-22 12:36 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-11-09 05:40 . 2012-11-09 05:40 69672 —-a-w- c:\windows\system32\drivers\cfwids.sys
    2012-11-09 05:37 . 2012-07-09 12:50 339776 —-a-w- c:\windows\system32\drivers\mfewfpk.sys
    2012-11-09 05:37 . 2011-03-13 15:45 177680 —-a-w- c:\windows\system32\mfevtps.exe
    2012-11-09 05:35 . 2012-07-09 12:50 771096 —-a-w- c:\windows\system32\drivers\mfehidk.sys
    2012-11-09 05:34 . 2012-11-09 05:34 515528 —-a-w- c:\windows\system32\drivers\mfefirek.sys
    2012-11-09 05:34 . 2012-11-09 05:34 309400 —-a-w- c:\windows\system32\drivers\mfeavfk.sys
    2012-11-09 05:33 . 2012-11-09 05:33 178840 —-a-w- c:\windows\system32\drivers\mfeapfk.sys
    2012-11-06 07:57 . 2012-11-06 07:57 466456 —-a-w- c:\windows\system32\wrap_oal.dll
    2012-11-06 07:57 . 2012-11-06 07:57 444952 —-a-w- c:\windows\SysWow64\wrap_oal.dll
    2012-11-06 07:57 . 2012-11-06 07:57 122904 —-a-w- c:\windows\system32\OpenAL32.dll
    2012-11-06 07:57 . 2012-11-06 07:57 109080 —-a-w- c:\windows\SysWow64\OpenAL32.dll
    2012-11-02 10:06 . 2012-11-02 10:06 74703 —-a-w- c:\windows\SysWow64\mfc45.dat
    2012-11-02 00:46 . 2012-11-02 00:46 97208 —-a-w- c:\windows\system32\drivers\mfencrk.sys
    2012-11-02 00:46 . 2012-11-02 00:46 328976 —-a-w- c:\windows\system32\drivers\mfencbdc.sys
    2012-11-02 00:46 . 2012-11-02 00:46 10544 —-a-w- c:\windows\system32\drivers\mfeclnrk.sys
    2012-11-01 12:03 . 2012-11-01 12:03 74703 —-a-w- c:\windows\SysWow64\mfc45.dll
    2012-10-25 02:12 . 2012-10-25 02:12 94208 —-a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2012-10-25 02:12 . 2012-10-25 02:12 69632 —-a-w- c:\windows\SysWow64\QuickTime.qts
    2012-10-19 09:32 . 2012-11-01 12:07 2136064 —-a-w- c:\windows\system32\Incinerator64.dll
    2012-10-19 09:32 . 2012-11-01 12:07 2078208 —-a-w- c:\windows\SysWow64\Incinerator32.dll
    2012-10-19 09:04 . 2012-11-01 12:05 57680 —-a-w- c:\windows\system32\iolobtdfg.exe
    2012-10-19 09:03 . 2012-11-01 12:05 25744 —-a-w- c:\windows\system32\smrgdf.exe
    2012-10-19 08:38 . 2012-11-02 10:06 82160 —-a-w- c:\windows\system32\drivers\PDFsFilter.sys
    2012-10-16 08:38 . 2012-11-29 07:42 135168 —-a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38 . 2012-11-29 07:42 350208 —-a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39 . 2012-11-29 07:42 561664 —-a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-11 12:13 . 2012-07-17 13:57 821736 —-a-w- c:\windows\SysWow64
    pdeployJava1.dll
    2012-10-11 12:13 . 2011-05-13 08:35 746984 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2012-10-09 18:17 . 2012-11-18 12:39 55296 —-a-w- c:\windows\system32\dhcpcsvc6.dll
    2012-10-09 18:17 . 2012-11-18 12:39 226816 —-a-w- c:\windows\system32\dhcpcore6.dll
    2012-10-09 17:40 . 2012-11-18 12:39 44032 —-a-w- c:\windows\SysWow64\dhcpcsvc6.dll
    2012-10-09 17:40 . 2012-11-18 12:39 193536 —-a-w- c:\windows\SysWow64\dhcpcore6.dll
    2011-08-15 18:50 . 2011-07-28 18:34 49412 —-a-w- c:\program files\Scan.dll.new
    2011-07-28 18:34 . 2011-06-06 19:13 48900 —-a-w- c:\program files\Scan.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 94208 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    "iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-08-29 59280]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
    "mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-10-07 454160]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk *\0S??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0??,\0autocheck autochk *\0?????????????????\0??????\0autocheck smrgdf c:\users\Passenier\AppData\Roaming\iolo\\0\0
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService]
    @="Service"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
    @=""
    .
    R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/05/13 10:51;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-26 236016]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 DymoPnpService;DYMO PnP Service;c:\program files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [2011-01-28 32336]
    R2 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
    R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-05-24 79360]
    R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-05-13 79360]
    R3 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2011-05-24 79360]
    R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 197264]
    R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
    R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-01-28 225216]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-09-05 234776]
    R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2012-11-02 97208]
    R3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-08-17 25584]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-22 1255736]
    R4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2008-06-20 313840]
    R4 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2008-06-20 362992]
    R4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2008-06-20 309744]
    R4 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2008-06-20 1120752]
    R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
    R4 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2008-06-20 166384]
    R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
    R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
    R4 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2735528]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-11-09 339776]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
    S1 ElRawDisk;ElRawDisk;c:\windows\system32\drivers\ElRawDsk.sys [2009-09-08 23464]
    S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-12-09 203776]
    S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
    S2 ioloSystemService;iolo System Service;c:\program files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-10-19 1028464]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2012-10-07 220856]
    S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2012-10-06 1007288]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-11-09 218320]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-11-09 177680]
    S2 PDFsFilter;PDFsFilter;c:\windows\system32\DRIVERS\PDFsFilter.sys [2012-10-19 82160]
    S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
    S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-07-13 344616]
    S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-02 39464]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-11-09 69672]
    S3 e.dentifier2;SmartCard Reader ABN AMRO e.dentifier2;c:\windows\system32\DRIVERS\aabed2.sys [2008-03-20 28672]
    S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-06-08 406056]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-11-09 515528]
    S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2012-11-02 328976]
    S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys [2009-07-27 639512]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *Deregistered* - CLKMDRV10_9EC60124
    *Deregistered* - ioloSGuardDriver
    *Deregistered* - mfeavfk01
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-07 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-09 14:25]
    .
    .
    ——— X64 Entries ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
    @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
    @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
    @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
    @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
    [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
    2012-02-15 00:32 97792 —-a-w- c:\users\Passenier\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
    .
    ——- Bijkomende Scan ——-
    .
    uDefault_Search_URL = hxxp://www.google.com/ie
    uStart Page = hxxp://www.google.com/
    uInternet Settings,ProxyOverride = *.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: &Verzenden naar OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: Converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
    IE: Doel van koppeling converteren naar Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    IE: Doel van koppeling toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    IE: Toevoegen aan bestaande PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
    TCP: DhcpNameServer = 192.168.1.254 195.241.77.55 195.241.77.58
    DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
    FF - ProfilePath - c:\users\Passenier\AppData\Roaming\Mozilla\Firefox\Profiles\parv4eb0.default\
    FF - prefs.js: browser.startup.homepage - www.google.nl
    FF - user.js: extentions.y2layers.installId - 5d0ddc16-bb55-49d9-91ac-cf783bb63154
    FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,BestVideoDownloader,EzLooker,TwitTube,TopRelatedTopics,Buzzdock,
    FF - user.js: extensions.autoDisableScopes - 14
    FF - user.js: security.csp.enable - false
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files (x86)\Yontoo\YontooIEClient.dll
    Toolbar-Locked - (no file)
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Wow6432Node-HKLM-RunOnce-c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe - c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
    .
    .
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020200}_0]
    "ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker5"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Microsoft-Windows-WinMan-WinIP-Package-TopLevel~31bf3856ad364e35~amd64~~7.1.7601.16398]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2753842~31bf3856ad364e35~amd64~~6.1.1.2]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2758857~31bf3856ad364e35~amd64~~6.1.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2761465~31bf3856ad364e35~amd64~~10.2.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000000
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2761465~31bf3856ad364e35~amd64~~9.4.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2770660~31bf3856ad364e35~amd64~~6.1.1.0]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2779030~31bf3856ad364e35~amd64~~6.1.1.2]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\ApplicabilityEvaluationCache\Package_for_KB2779562~31bf3856ad364e35~amd64~~6.1.1.1]
    @DACL=(02 0000)
    "ApplicabilityState"=dword:00000070
    "CurrentState"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-01-07 16:36:39
    ComboFix-quarantined-files.txt 2013-01-07 15:36
    ComboFix2.txt 2013-01-07 09:35
    .
    Pre-Run: 1.251.706.249.216 bytes beschikbaar
    Post-Run: 1.251.641.012.224 bytes beschikbaar
    .
    - - End Of File - - 83DB7C8756B6B90445D6DF875204B440
  • Laat nu eerst weten hoe jouw Windows nu draait.
  • Als ik de verkenner gebruik zie ik netjes alle namen staan… echter als ik vanuit een programma werk en ik bv. een bestand wil openen, dan zie ik geen namen staan… ik moet dus elke keer gokken waar het bestand ongeveer zou moeten staan.
  • Doe het volgende:

    [b:5ce394ad5c]Welk programma[/b:5ce394ad5c]: [b:5ce394ad5c]HitmanPro 3.7[/b:5ce394ad5c][/color:5ce394ad5c]
    [b:5ce394ad5c]Waarvoor/waarom[/b:5ce394ad5c]: Specialistische ondemandscanner om Windows diepgaand te onderzoeken en op te schonen.
    [b:5ce394ad5c]Moeilijkheidsgraad[/b:5ce394ad5c]: Geen, maar lees alles eerst goed.
    [b:5ce394ad5c]Downloadlokatie[/b:5ce394ad5c]: Dit programma absoluut naar het bureaublad downloaden!
    [b:5ce394ad5c]Download HitmanPro 3.7[/color:5ce394ad5c] als 32- of als 64-bit versie[/b:5ce394ad5c]:
    [list:5ce394ad5c][*:5ce394ad5c][b:5ce394ad5c]HimanPro 3,7 32-bit-versie[/b:5ce394ad5c][/color:5ce394ad5c]
    [*:5ce394ad5c][b:5ce394ad5c]HimanPro 3,7 64-bit-versie[/b:5ce394ad5c][/color:5ce394ad5c][/list:u:5ce394ad5c]
    [b:5ce394ad5c]HitmanPro 3.7 opstarten[/b:5ce394ad5c]
    [list:5ce394ad5c][*:5ce394ad5c] [b:5ce394ad5c]Sluit nu eerst alle nog openstaande programmavensters![/color:5ce394ad5c][/b:5ce394ad5c]
    [*:5ce394ad5c][b:5ce394ad5c]Windows 2000[/color:5ce394ad5c][/b:5ce394ad5c] en [b:5ce394ad5c]Windows XP[/b:5ce394ad5c][/color:5ce394ad5c]: dubbelklik op HitmanPro 3.7.
    [*:5ce394ad5c][b:5ce394ad5c]Windows Vista[/b:5ce394ad5c][/color:5ce394ad5c] en [b:5ce394ad5c]Windows 7[/b:5ce394ad5c][/color:5ce394ad5c]: rechtsklik op HitmanPro 3.7 en kies voor "Als Administrator uitvoeren".[/list:u:5ce394ad5c]
    [b:5ce394ad5c]HitmanPro 3.7 is opgestart[/b:5ce394ad5c]:
    [list:5ce394ad5c][*:5ce394ad5c] Vink de optie "[b:5ce394ad5c]Ik accepteer de voorwaarden van de gebruikersovereenkomst aan[/b:5ce394ad5c]" en klik op "[b:5ce394ad5c]Volgende[/b:5ce394ad5c]"
    [*:5ce394ad5c] Selecteer de optie "[b:5ce394ad5c]Nee, ik wil deze computer slechts eenmalig controleren[/b:5ce394ad5c]" en klik op "[b:5ce394ad5c]Volgende[/b:5ce394ad5c]"
    [*:5ce394ad5c] De scan zal nu gestart worden, doe verder niets op de computer totdat de scan gereed is.
    [*:5ce394ad5c] Als de scan gereed is klik dan op "[b:5ce394ad5c]Activeer gratis licentie[/b:5ce394ad5c]" nu komt de melding "[b:5ce394ad5c]Het product is succesvol geactiveerd[/b:5ce394ad5c]"
    [*:5ce394ad5c] klik nu op "[b:5ce394ad5c]Ok[/b:5ce394ad5c]" en daarna op "[b:5ce394ad5c]Volgende[/b:5ce394ad5c]"
    [*:5ce394ad5c] Klik onderin het scherm op "[b:5ce394ad5c]Save log[/b:5ce394ad5c]" en sla deze op bijvoorbeeld het bureaublad op.

    [img:5ce394ad5c]http://www.imgdumper.nl/uploads5/500bf1a109315/500bf1a10837f-hmp.png[/img:5ce394ad5c][/list:u:5ce394ad5c]
    [b:5ce394ad5c]HitmanPro 3.7 scanlog postent[/b:5ce394ad5c]:
    [list:5ce394ad5c][*:5ce394ad5c] Plaats aansluitend de inhoud van het scan-log in het volgende bericht.[/list:u:5ce394ad5c]
  • [code:1:770e3c0adb]
    HitmanPro 3.7.0.185
    www.hitmanpro.com

    Computer name . . . . : PASSENIER_001
    Windows . . . . . . . : 6.1.1.7601.X64/8
    User name . . . . . . : Passenier_001\Passenier
    UAC . . . . . . . . . : Enabled
    License . . . . . . . : Free

    Scan date . . . . . . : 2013-01-07 21:51:51
    Scan mode . . . . . . : Normal
    Scan duration . . . . : 2m 17s
    Disk access mode . . : Direct disk access (SRB)
    Cloud . . . . . . . . : Internet
    Reboot . . . . . . . : No

    Threats . . . . . . . : 0
    Traces . . . . . . . : 30

    Objects scanned . . . : 2.204.867
    Files scanned . . . . : 114.083
    Remnants scanned . . : 677.985 files / 1.412.799 keys

    Potential Unwanted Programs _________________________________________________

    HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL\ (Yontoo)
    HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
    HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}\ (Yontoo)
    HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
    HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\AppID\YontooIEClient.DLL\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}\ (Babylon)
    HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{99066096-8989-4612-841F-621A01D54AD7}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo)
    HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo)
    HKLM\SOFTWARE\Classes\YontooIEClient.Api.1\ (Yontoo)
    HKLM\SOFTWARE\Classes\YontooIEClient.Api\ (Yontoo)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo)
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions
    iapdbllcanepiiimjjndipklodoedlc\ (Yontoo)
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ (Yontoo)
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo)

    Cookies _____________________________________________________________________

    C:\Users\Passenier\AppData\Roaming\Microsoft\Windows\Cookies\8A953WJJ.txt
    C:\Users\Passenier\AppData\Roaming\Microsoft\Windows\Cookies\LS2NFYQH.txt
    C:\Users\Passenier\AppData\Roaming\Microsoft\Windows\Cookies\NKBA3BU0.txt
    C:\Users\Passenier\AppData\Roaming\Microsoft\Windows\Cookies\SMLAPMSF.txt
    C:\Users\Passenier\AppData\Roaming\Microsoft\Windows\Cookies\WQBFYD4O.txt


    [/code:1:770e3c0adb]
  • Probeer dit ook:

    Download [b:008f901ea2]Unhide.exe[/color:008f901ea2][/b:008f901ea2] naar het bureaublad, als u een melding krijgt dat het bestand mogelijk onveilig is kunt u dit negeren.
    [list:008f901ea2]
    [*:008f901ea2] Dubbelklik op "[b:008f901ea2]Unhide.exe[/b:008f901ea2]" om de tool te starten.
    [*:008f901ea2] [b:008f901ea2]Let op!!![/color:008f901ea2][/b:008f901ea2] [i:008f901ea2]Windows Vista & 7 gebruikers dienen "[b:008f901ea2]Unhide.exe[/b:008f901ea2]" als administrator uit te voeren "[u:008f901ea2]Rechtermuisknop uitvoeren als administrator[/u:008f901ea2]",[/i:008f901ea2]
    [*:008f901ea2] Wacht rustig af totdat de tool gereed is en doe in de tussentijd verder niets op de computer.
    [*:008f901ea2] Als de tool gereed is krijgt u het onderstaande scherm te zien, met de melding "[b:008f901ea2]Your files should now be visible[/b:008f901ea2]"
    [list:008f901ea2]
    [*:008f901ea2][img:008f901ea2]http://www.imgdumper.nl/uploads4/4d9d78e7013bd/4d9d78e700801-unhide..jpg[/img:008f901ea2][/list:u:008f901ea2]
    [*:008f901ea2] Vermeld in uw volgende bericht of u deze melding heeft gekregen.[/list:u:008f901ea2]
  • Ik heb wel een pop-up gekregen, maar deze zag er anders uit. Het volgende logbestand kreeg ik erbij:

    [quote:e962ad259e]
    Unhide by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2013 BleepingComputer.com
    More Information about Unhide.exe can be found at this link:
    http://www.bleepingcomputer.com/forums/topic405109.html

    Program started at: 01/08/2013 08:52:53 AM
    Windows Version: Windows 7

    Please be patient while your files are made visible again.

    Processing the C:\ drive
    Finished processing the C:\ drive. 383245 files processed.

    Processing the F:\ drive
    Finished processing the F:\ drive. 2946 files processed.

    Processing the G:\ drive
    Finished processing the G:\ drive. 0 files processed.

    Processing the H:\ drive
    Finished processing the H:\ drive. 0 files processed.

    Processing the I:\ drive
    Finished processing the I:\ drive. 0 files processed.

    Processing the J:\ drive
    Finished processing the J:\ drive. 0 files processed.

    The C:\Users\PASSEN~1\AppData\Local\Temp\smtmp\ folder does not exist!!
    Unhide cannot restore your missing shortcuts!!
    Please see this topic in order to learn how to restore default
    Start Menu shortcuts: http://www.bleepingcomputer.com/forums/topic405109.html

    Searching for Windows Registry changes made by FakeHDD rogues.
    - Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
    - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
    - Checking HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop
    - Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
    No registry changes detected.

    Program finished at: 01/08/2013 10:00:49 AM
    Execution time: 1 hours(s), 7 minute(s), and 55 seconds(s)
    [/quote:e962ad259e]
  • De namen van de mappen en bestanden zijn nog steeds niet zichtbaar.
    Ik heb werkelijk geen idee wat dit kan veroorzaken… maar zo langzamerhand zit ik al te denken aan het opnieuw installeren van mijn besturingssysteem met alle ellende die daar dan weer bij komt.
  • Die mappen die niet zichtbaar zijn, staan die op de systeempartitie of op een andere partitie?
  • Werkelijk waar geen idee… maar ik kan geen enkele map of bestand zien waar een naam bij staat als ik deze probeer te openen vanuit een programma.
  • Doe de ComboFix scan nogmaals.
    Het kan na opstarten van ComboFix gebeuren dat er een melding komt:

    - of ComboFix wil geupdated worden;
    - of ComboFix wil opnieuw gedownload worden.

    Post wederom de inhoud van het ComboFix-log.
  • Combofix alleen, of met het speciale script?
  • Enkel ComboFix.
    Als dit met script moet, staat het erbij!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.