Computerforum PC Web Plus

Hoi Maxstar een log van Zoek.exe


Zoek.exe Version 3.0.0.3 Updated 17-09-2012
Tool run by sandra74 on ma 17-09-2012 at 13:36:43,65.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running from: C:\Users\sandra74\AppData\Local\Temp\zoek.exe

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Internet Explorer: 9.0.8112.16421
Memory (RAM): 4026 MB
CPU Info: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
CPU Speed: 2220.9 MHz
Sound Card: Speakers (Realtek High Definiti |

Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR5B93 Wireless Network Adapter | Atheros AR8132 PCI-E Fast Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 1x (D: | ) D: TSSTcorpCDDVDW TS-L633C
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 286.0GB
Hard Disks - Free: C: 176.7GB
USB Controllers: 7 host controllers.
Firewire (1394): Not Detected
Manufacturer *: Acer
Product Make *: Aspire 5732Z
AC Power Status: OnLine
BIOS Info: AT/AT COMPATIBLE | 01/22/10 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Battery Status: High
Motherboard *: Acer Aspire 5732Z
SM BIOS: V3.06

Country: Nederland
Language: NLD

Files recently created/modified:
====== C:\Windows ====
====== C:\Users\sandra74\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2012-09-16 22:59:31 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-09-16 22:59:31 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll
2012-09-16 22:59:31 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-09-16 22:59:30 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll
2012-09-12 12:25:42 54AF46DC37E63E1E85EB619033953309 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2012-09-17 11:33:04 513A7D5E28089216151A98EC4E82C0E9 471936 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT
2012-09-16 23:22:59 C00C15FC6CB3D8E5FE5713C84048CEA8 108008 ----a-w- C:\Windows\Sysnative\WindowsAccessBridge-64.dll
2012-09-16 22:59:31 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\Sysnative\XAPOFX1_5.dll
2012-09-16 22:59:31 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\Sysnative\D3DCompiler_43.dll
2012-09-16 22:59:31 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\Sysnative\XAudio2_7.dll
2012-09-16 22:59:30 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll
2012-09-12 12:25:43 AD976778C4B92F9EC4842295974E9BD9 574464 ----a-w- C:\Windows\Sysnative\d3d10level9.dll
====== C:\Windows\Sysnative\drivers =====
2012-09-16 23:00:17 C2E475625F2C6F7DCDE4E920523A0573 57280 ----a-w- C:\Windows\Sysnative\drivers\fssfltr.sys
2012-09-12 12:25:44 9EBE1CA4BEDBAA510DCAC418B87B3C45 41472 ----a-w- C:\Windows\Sysnative\drivers\rndismpx.sys
2012-09-12 12:25:44 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\Sysnative\drivers\ndis.sys
2012-09-12 12:25:44 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys
2012-09-12 12:25:42 F782CAD3CEDBB3F9FFE3BF2775D92DDC 1913200 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2012-09-12 12:25:41 910DD6694848872FD3B8F42BAF801D0A 288624 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2012-09-12 12:25:41 7942B7AC3FF598F8A1736D51ADAF04E8 376688 ----a-w- C:\Windows\Sysnative\drivers\netio.sys
2012-09-06 17:16:44 74425FFA11C133D045E1C3BE2EAD481D 203104 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys
2012-09-06 17:16:44 105373D52E71D2D1355AD3ACD18259C3 102240 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2012-09-06 20:27:33 -------- d-----w- C:\Program Files\VideoLAN
======= C:\Program Files (x86) =====
2012-09-16 22:58:49 -------- d-----w- C:\Program Files (x86)\Microsoft SkyDrive
2012-09-16 22:24:19 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-09-12 06:30:25 -------- d-----w- C:\Program Files (x86)\Mozilla Firefox
======= C: =====
2012-09-16 11:11:55 2B03CC969DD3A4335297F62F4CC1377B 520 ----a-w- C:\reglook.txt
====== C:\Users\sandra74\AppData\Roaming ======
2012-09-17 11:34:56 5F4EDA2267D54F76D56D5AE986B453BE 123552 ----a-w- C:\users\sandra74\AppData\Local\GDIPFONTCACHEV1.DAT
2012-09-06 20:28:26 -------- d-----w- C:\users\sandra74\AppData\Roaming\vlc
====== C:\Users\sandra74 ======
2012-09-16 22:58:49 -------- d-----r- C:\Users\sandra74\SkyDrive
2012-09-16 22:58:28 -------- d-----w- C:\ProgramData\Microsoft SkyDrive

====== C: exe-files ==
2012-09-17 10:45:05 8BC996FEC7F78C302D10EF6FBA88B225 23552 ----a-w- C:\Users\sandra74\Desktop\test.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\yfjo4yz8\4m0nkcs2.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\x7fvgtag\4rcgkuwr.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\wep3oqp3\wa0fervk.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\v2o3lpnp\3ybm3yjm.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\tvaxgsjn\y8eqabcb.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\sxqrsz6e\nqzkt2pu.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\sibpwgde\7wy9bjhv.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\sbrxblet\scstzvrm.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\r62l9zlw\moe21e32.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\p4cgdd2z\7ssrwm3k.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\owid6oaq\85gdmk3o.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\oc7uj926\bxtvxah6.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\n8mnv4nv\n6s3xfwo.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\mgvi4uyo\w698nbgl.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\m99isevr\8vsnv1g0.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\lftzkx7g\rw3cqpih.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\l51saij8\3nn2fs99.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\jenqcbyy\miefowe8.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\iy9e6i40\qyv7e1mk.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ip8j0rxx\oxrtsbvq.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ifhq4we8\8e5xiji3.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\i977y2qj\f06dytzn.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\i1cr9bnx\5x0s9cqe.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\h62a9lww\0tef81lo.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gy8r1yc5\qd5bmqze.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\gofogp1c\a67ztwsf.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\g0ijv5dp\l5vic5ro.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\f2pfha0z\i4sq05ew.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\e4m0db1g\qfk64ilo.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\ctu5co1g\ksa94u4t.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\c4fj1p2b\jfhgt0bn.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\bxlbpxp7\39kgk383.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\b64msd2s\i9ws9fxb.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\8v4fxbzr\7hbg3k5h.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\8rq9995x\7sousvwo.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\8h8va0i6\xhw87g4g.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\77hbrlyc\wjjrfo0j.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\6o2l0iqc\e9gypo2b.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\5fp95mq4\h6cxqh83.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\36u9j1w9\0qlx8r45.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\2r7a2a7s\18bo6c1z.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\1rqzsa49\4xkr773o.exe
2012-09-16 22:59:45 B3695953F17EB4EF1C67422007304546 65896 ----a-w- C:\Users\sandra74\AppData\LocalLow\Microsoft\Windows Live\Setup\tmp\0ewpwllc\y08773d5.exe
2012-09-16 22:58:49 732FDC044713EB9E6C320B655FC49658 5563840 ----a-w- C:\Program Files (x86)\Microsoft SkyDrive\SkyDriveSetup.exe
2012-09-16 22:58:49 732FDC044713EB9E6C320B655FC49658 5563840 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b1b2b9eb1cd945e03\skydrivesetup.exe
2012-09-16 22:58:48 732FDC044713EB9E6C320B655FC49658 5563840 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveSetup.exe
2012-09-16 22:58:48 23AE50BB7267E8739487B52B14479E84 238528 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
2012-09-16 22:58:33 8401044538B17C4AF1A114FC9898B67C 74688 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveConfig.exe
2012-09-16 22:57:53 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b31566f41cd945e04\DXSETUP.exe
2012-09-16 22:57:48 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\afff1e191cd945e02\DXSETUP.exe
2012-09-16 22:57:46 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aef6e55b1cd945e01\DXSETUP.exe
2012-09-16 22:24:19 CB8AF049AC9BE419A77ADAE288673359 114144 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2012-09-16 22:24:19 191C36497A1DE5D26B9D82B2AEA3F826 105692 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2012-09-16 22:24:17 CB8AF049AC9BE419A77ADAE288673359 114144 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
2012-09-16 22:24:17 A710C9F33324B969F22E31773AD4DB84 192600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
2012-09-16 22:24:17 9C376F42BDE37F18D0A39AF7415D9BE6 917984 ----a-w- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
2012-09-16 22:24:17 7F6EC840E0954055D58CD57B6ACA9D92 16864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
2012-09-16 22:24:17 6A207DA39931D4C8A90AE12677BAD739 118240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
2012-09-16 22:24:17 6110277F47E1DCC979392F6116EA8F15 885600 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
2012-09-16 22:24:17 1CC228D0B7BC6CC5652A9C5D282E4072 270304 ----a-w- C:\Program Files (x86)\Mozilla Firefox\updater.exe
2012-09-16 19:25:15 EE59F89E1ACBB5C9F9AD7378E63E5055 54477072 ----a-w- C:\Users\sandra74\Downloads\JonDoSetup.paf.exe
=== C: other files ==
2012-09-16 23:22:59 C00C15FC6CB3D8E5FE5713C84048CEA8 108008 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2012-09-16 23:00:17 C2E475625F2C6F7DCDE4E920523A0573 57280 -c--a-w- C:\Windows\System32\DRVSTORE\fssfltr_53B1A1E03F7FFD1D0FE056B8522FE410DEDAC734\fssfltr.sys
2012-09-16 23:00:17 C2E475625F2C6F7DCDE4E920523A0573 57280 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2012-09-16 22:59:31 E9739AE8B2FA28DCD6F2EF5525DA8827 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2012-09-16 22:59:31 ADA0C39D4EACDC81FD84163A95D62079 2526056 ----a-w- C:\Windows\System32\D3DCompiler_43.dll
2012-09-16 22:59:31 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\Windows\SysWOW64\XAPOFX1_5.dll
2012-09-16 22:59:31 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\Windows\SysWOW64\XAudio2_7.dll
2012-09-16 22:59:31 4F7513FF4DE6303088DB28DCBCEF372C 518488 ----a-w- C:\Windows\System32\XAudio2_7.dll
2012-09-16 22:59:31 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Windows\SysWOW64\D3DCompiler_43.dll
2012-09-16 22:59:30 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2012-09-16 22:59:30 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll
2012-09-16 22:58:38 C72ABC6B7B90A61364B6DD889B5435F3 828872 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\msvcr110.dll
2012-09-16 22:58:38 857FC005CC6E8F7CF827B39BB8BFC348 244672 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
2012-09-16 22:58:37 A1D8AA199F98E805BE121BE648EAB8E5 254400 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\FileSyncApi64.dll
2012-09-16 22:58:37 349B1D5D8D1B5A7B10BCD01470BD5F64 661448 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\msvcp110.dll
2012-09-16 22:58:36 D899432BC39324BE93D0A93A637C2C98 510912 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\WnsClientApi.dll
2012-09-16 22:58:35 D6CBF8882525A7DC0C08A4D00E45180A 426432 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\wlmfds.dll
2012-09-16 22:58:35 76BB6FC11E519DE1FE339EB2CB45D32A 416192 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\VideoStreamingPlugin.dll
2012-09-16 22:58:35 3B5BB864F72B9F76610756908421E0D0 537536 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\Telemetry.dll
2012-09-16 22:58:34 DC0F745DECEC135F3C3A7518A783A8FA 2378688 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SyncEngine.dll
2012-09-16 22:58:34 D475BBD6FEF8DB2DDE0DA7CCFD2C9042 196416 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\sqmapi.dll
2012-09-16 22:58:34 A4EDB00AA8F2E65607DBDE336C857DFD 220608 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
2012-09-16 22:58:34 732EC1348D92AC9F4D614E1880E96E4C 49088 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SqmWrapper.dll
2012-09-16 22:58:33 FACFE58D176AF30F9C40CCD29A138510 1956800 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveSessions.dll
2012-09-16 22:58:32 A0424D931882448BC8AA92152971F76E 48064 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDrive.LocalizedResources.dll
2012-09-16 22:58:32 7E5A507FFEDB930251B53C2B47E254E5 1012160 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveClient.dll
2012-09-16 22:58:32 4C00EBCE718D70B75AAC65A95834F116 2404800 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDrive.Resources.dll
2012-09-16 22:58:30 2D44A4E98BF81F1855AFDE874DB8180F 914880 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\RemoteAccess.dll
2012-09-16 22:58:29 AB09CE954C647F3C2B4328B57D519996 534480 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\msvcp110.dll
2012-09-16 22:58:29 80E987DBE08677E2EC09615CD4358607 862664 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\msvcr110.dll
2012-09-16 22:58:29 40A379C64F2A1B473D8A5F8B760FC7C8 5843 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\CollectSkyDriveLogs.bat
2012-09-16 22:58:29 2AA4CE40A47CAF250073CD466F2DF546 213952 ----a-w- C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\FileSyncApi.dll
2012-09-16 22:57:53 9E0711BED229B60A853BCC5D10DEAAFC 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b31566f41cd945e04\DSETUP.dll
2012-09-16 22:57:53 0F58CCD58A29827B5D406874360E4C08 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\b31566f41cd945e04\dsetup32.dll
2012-09-16 22:57:48 EF0ECDE0DF6DC9CE1AC6D6907C261CEA 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\afff1e191cd945e02\dsetup32.dll
2012-09-16 22:57:48 56ECE9BD3C4A321166F1BD1EFCABF585 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\afff1e191cd945e02\DSETUP.dll
2012-09-16 22:57:45 9E0711BED229B60A853BCC5D10DEAAFC 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aef6e55b1cd945e01\DSETUP.dll
2012-09-16 22:57:45 0F58CCD58A29827B5D406874360E4C08 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\aef6e55b1cd945e01\dsetup32.dll
2012-09-16 22:24:18 FCFCADA2B35D0599DC485F06DED21788 266720 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2012-09-16 22:24:17 F18042C3223D6AAAF30346506463516E 15632352 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xul.dll
2012-09-16 22:24:17 E013596DCCEC82B05B166523B91265AD 813536 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2012-09-16 22:24:17 DD31BE71EBBF9BB9342AA8811956C2F0 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
2012-09-16 22:24:17 D5E323543C0A1A9FEBC324519EFE2EC8 91104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\smime3.dll
2012-09-16 22:24:17 CD4B4E5652377E441688377D300E62A8 19424 ----a-w- C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
2012-09-16 22:24:17 AF68099C841EE4BE1C19458D41664A77 258528 ----a-w- C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
2012-09-16 22:24:17 A586CAB4FB1DE3872C2D6E153E961D3B 145376 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
2012-09-16 22:24:17 8B0FAFC68CB2674CFAF7B9E70464FDBB 92640 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
2012-09-16 22:24:17 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2012-09-16 22:24:17 84EAABD444291C9E6A845AF2A1CE1523 155104 ----a-w- C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
2012-09-16 22:24:17 730D87DF83F82967DA6EA893263E0D16 68576 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
2012-09-16 22:24:17 6B77AC593EEFE2D7E855CA691F4A5C84 370656 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
2012-09-16 22:24:17 67EC459E42D3081DD8FD34356F7CAFC1 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-09-16 22:24:17 5C94FF7FABE1A23C9EF651D89C1FBDED 171488 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
2012-09-16 22:24:17 5424E53507BE5CC16F2126357CD69D89 18912 ----a-w- C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2012-09-16 22:24:17 4EE96E9788C2C74353315DB612253D03 20960 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plds4.dll
2012-09-16 22:24:17 4B70B15F477972E0189BE25F4573DB80 2244064 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-09-16 22:24:17 4AB72BB5D7FE5163D3AF85050351EDCB 2288608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
2012-09-16 22:24:17 49AD92A2247654C4A2A95081ACE07B93 638432 ----a-w- C:\Program Files (x86)\Mozilla Firefox\nss3.dll
2012-09-16 22:24:17 3A843971D5797CA5D06BFBC054BB6ABA 425952 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2012-09-16 22:24:17 36673291647DA77D43D01CA5ECC7FE93 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-16 22:24:17 32510F1FA8D3327BE3B29DBC4B01B3CB 15840 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2012-09-16 22:24:17 21FA8728B0E6D2D00063987BBC7C33E9 21472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plc4.dll
2012-09-16 22:24:17 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2012-09-16 22:24:17 1A5CE04A8410B0020661C217B3009916 82400 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2012-09-16 22:24:17 03E9314004F504A14A61C3D364B62F66 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-09-15 23:51:23 E7D91D008FE76423962B91C43C88E4EB 655872 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presenter-screen.oxt\msvcr90.dll
2012-09-15 23:51:23 6DE5C66E434A9C1729575763D891C6C2 568832 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presenter-screen.oxt\msvcp90.dll
2012-09-15 23:51:23 4A8BC195ABDC93F0DB5DAB7F5093C52F 224768 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presenter-screen.oxt\msvcm90.dll
2012-09-15 23:51:23 355616FFA136F6D44FD0D7305ABAE87E 709632 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presenter-screen.oxt\PresenterScreen.uno.dll
2012-09-15 23:51:19 E7D91D008FE76423962B91C43C88E4EB 655872 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presentation-minimizer.oxt\msvcr90.dll
2012-09-15 23:51:19 94A29C303E2DB7DEDCCB4319A1CE69CF 245248 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presentation-minimizer.oxt\SunPresentationMinimizer.uno.dll
2012-09-15 23:51:19 6DE5C66E434A9C1729575763D891C6C2 568832 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presentation-minimizer.oxt\msvcp90.dll
2012-09-15 23:51:19 4A8BC195ABDC93F0DB5DAB7F5093C52F 224768 ----a-w- C:\Users\sandra74\AppData\Roaming\OpenOffice.org\3\user\extensions\bundled\presentation-minimizer.oxt\msvcm90.dll
2012-09-15 12:23:31 40A5ABD3767349B01DBE010F917D6241 44774908 ----a-w- C:\Users\sandra74\Downloads\42pfl8404h_12_fus_nld.zip
2012-09-12 12:25:44 9EBE1CA4BEDBAA510DCAC418B87B3C45 41472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_amd64_neutral_0b46e86f0f566f5a\rndismpx.sys
2012-09-12 12:25:44 9EBE1CA4BEDBAA510DCAC418B87B3C45 41472 ----a-w- C:\Windows\System32\drivers\rndismpx.sys
2012-09-12 12:25:44 760E38053BF56E501D562B70AD796B88 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-09-12 12:25:44 48925ECA70E83F0A087985AB75A17471 35840 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_amd64_neutral_0b46e86f0f566f5a\rndismp6.sys
2012-09-12 12:25:44 0E01641D96889BDEB22DE12D30575B08 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
2012-09-12 12:25:43 AD976778C4B92F9EC4842295974E9BD9 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-09-12 12:25:42 F782CAD3CEDBB3F9FFE3BF2775D92DDC 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-09-12 12:25:42 54AF46DC37E63E1E85EB619033953309 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll
2012-09-12 12:25:41 910DD6694848872FD3B8F42BAF801D0A 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 12:25:41 7942B7AC3FF598F8A1736D51ADAF04E8 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-09-12 06:30:27 99F97C9FE748C37528C338A423577FCB 163256 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
2012-09-12 06:30:27 0A7B01235B1CBFA387B04A91E2F2B7D0 184248 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
==================
"Silent Runners.vbs", revision 64, http://www.silentrunners.org/" onclick="window.open(this.href);return false;
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
KiesPreload = C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload [null data]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
IAAnotif = C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [Intel Corporation]
RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [Realtek Semiconductor]
Acer ePower Management = C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [Acer Incorporated]
Apoint = C:\Program Files\Apoint2K\Apoint.exe [Alps Electric Co., Ltd.]
PLFSetI = C:\Windows\PLFSetI.exe [empty string]
Windows Mobile Device Center = C:\Windows\WindowsMobile\wmdc.exe
IgfxTray = C:\Windows\system32\igfxtray.exe [Intel Corporation]
HotKeysCmds = C:\Windows\system32\hkcmd.exe [Intel Corporation]
Persistence = C:\Windows\system32\igfxpers.exe [Intel Corporation]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ {++}
LManager = C:\Program Files (x86)\Launch Manager\LManager.exe [Dritek System Inc.]
ArcadeDeluxeAgent = "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [CyberLink Corp.]
PlayMovie = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [Acer Corp.]
SSBkgdUpdate = "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot [Nuance Communications, Inc.]
PaperPort PTD = "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe" [Nuance Communications, Inc.]
IndexSearch = "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe" [Nuance Communications, Inc.]
PPort11reminder = "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" [Nuance Communications, Inc.]
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]
BrMfcWnd = C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN [Brother Industries, Ltd.]
ControlCenter3 = C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun [Brother Industries, Ltd.]
avgnt = "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [Avira Operations GmbH & Co. KG]
Standby = "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START [Corel]
APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [Apple Inc.]
KiesTrayAgent = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [Samsung Electronics Co., Ltd.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM.CLSID} = Windows Live ID Sign-in Helper
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub
-> {HKLM.Wow.CLSID} = Adobe PDF Link Helper
\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)
-> {HKLM.Wow.CLSID} = Aanmeldhulp voor Microsoft-account
\InProcServer32\(Default) = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A}
-> {HKCU.CLSID} = UpToDateOverlayHandler Class
\InProcServer32\(Default) = C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll [MS]

SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}
-> {HKCU.CLSID} = SyncingOverlayHandler Class
\InProcServer32\(Default) = C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll [MS]

SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524}
-> {HKCU.CLSID} = ErrorOverlayHandler Class
\InProcServer32\(Default) = C:\Users\sandra74\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll [MS]

egisPSDP\(Default) = {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}
-> {HKLM.CLSID} = DragDropProtect Class

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

egisPSDP\(Default) = {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}
-> {HKLM.Wow.CLSID} = DragDropProtect Class

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{B41DB860-64E4-11D2-9906-E49FADC173CA} = WinRAR shell extension
-> {HKLM.CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} = eDS psd drag drop protection
-> {HKLM.Wow.CLSID} = DragDropProtect Class

{DBD8E168-244D-448C-9922-25508950D1DC} = Ulead UDF Driver
-> {HKLM.Wow.CLSID} = USIShellExt Class
\InProcServer32\(Default) = c:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [Ulead Systems, Inc.]

{DE902992-61FC-4A01-8091-53E1895C9775} = CDR Icon Handler
-> {HKLM.Wow.CLSID} = CDR Icon Handler
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll [Corel Corporation]

{DE902993-61FC-4A01-8091-53E1895C9775} = CPT Icon Handler
-> {HKLM.Wow.CLSID} = CPT Icon Handler
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll [Corel Corporation]

{DE902994-61FC-4A01-8091-53E1895C9775} = CMX Icon Handler
-> {HKLM.Wow.CLSID} = CMX Icon Handler
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll [Corel Corporation]

{1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} = CDR Thumbnail Provider
-> {HKLM.Wow.CLSID} = CDR Thumbnail provider
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll [Corel Corporation]

{1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} = CPT Thumbnail Provider
-> {HKLM.Wow.CLSID} = CPT Thumbnail provider
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll [Corel Corporation]

{1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} = CMX Thumbnail Provider
-> {HKLM.Wow.CLSID} = CMX Thumbnail provider
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellXP.dll [Corel Corporation]

{7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} = CDR Property Handler
-> {HKLM.Wow.CLSID} = CDR Property Handler
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll [Corel Corporation]

{7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} = CPT Property Handler
-> {HKLM.Wow.CLSID} = CPT Property Handler
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll [Corel Corporation]

{7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} = Corel Draw Cdr Preview Handler
-> {HKLM.Wow.CLSID} = CDR preview provider
\InProcServer32\(Default) = c:\Program Files\Common Files\Corel\Shared\Shell Extension\x86\ShellVista.dll [Corel Corporation]

{AE424E85-F6DF-4910-A6A9-438797986431} = OpenOffice.org Property Handler
-> {HKLM.Wow.CLSID} = OpenOffice.org Property Handler
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll [Apache Software Foundation]

{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} = OpenOffice.org Column Handler
-> {HKLM.Wow.CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{087B3AE3-E237-4467-B8DB-5A38AB959AC9} = OpenOffice.org Infotip Handler
-> {HKLM.Wow.CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{63542C48-9552-494A-84F7-73AA6A7C99C1} = OpenOffice.org Property Sheet Handler
-> {HKLM.Wow.CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{3B092F0C-7696-40E3-A80F-68D74DA84210} = OpenOffice.org Thumbnail Viewer
-> {HKLM.Wow.CLSID} = (no title provided)
\InProcServer32\(Default) = C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll [Apache Software Foundation]

{00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided)
-> {HKLM.Wow.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim
-> {HKLM.Wow.CLSID} = Windows Live Photo Gallery Viewer Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim
-> {HKLM.Wow.CLSID} = Windows Live Photo Gallery Editor Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim
-> {HKLM.Wow.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\

{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}\(Default) = WLIDCredentialProvider
-> {HKLM.CLSID} = WLIDCredentialProvider
\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

Corel.Paint.Shop.Pro.Photo\(Default) = {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7}
-> {HKLM.CLSID} = PSPContextMenu Class
\InProcServer32\(Default) = c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [null data]

EDSshellExt\(Default) = {29FF7AB0-BE34-4992-A30B-53A9D86EE239}
-> {HKLM.CLSID} = eDSshlExt Class

Shell Extension for Malware scanning\(Default) = {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
-> {HKLM.CLSID} = Shell Extension for Malware scanning
\InProcServer32\(Default) = C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [Avira Operations GmbH & Co. KG]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
-> {HKLM.CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

Corel.Paint.Shop.Pro.Photo\(Default) = {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7}
-> {HKLM.CLSID} = PSPContextMenu Class
\InProcServer32\(Default) = c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [null data]

EDSshellExt\(Default) = {29FF7AB0-BE34-4992-A30B-53A9D86EE239}
-> {HKLM.CLSID} = eDSshlExt Class

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
-> {HKLM.CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Directory\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
-> {HKLM.CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

igfxcui\(Default) = {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
-> {HKLM.CLSID} = GraphicsShellExt Class
\InProcServer32\(Default) = C:\Windows\system32\igfxpph.dll [Intel Corporation]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

Shell Extension for Malware scanning\(Default) = {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
-> {HKLM.CLSID} = Shell Extension for Malware scanning
\InProcServer32\(Default) = C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [Avira Operations GmbH & Co. KG]

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
-> {HKLM.CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]

HKLM\SOFTWARE\Classes\Folder\shellex\DragDropHandlers\

WinRAR\(Default) = {B41DB860-64E4-11D2-9906-E49FADC173CA}
-> {HKLM.CLSID} = WinRAR
\InProcServer32\(Default) = C:\Program Files\WinRAR\rarext.dll [Alexander Roshal]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
Wallpaper = C:\Users\sandra74\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
SCRNSAVE.EXE = C:\Windows\system32\scrnsave.scr [MS]


Windows Portable Device AutoPlay Handlers
-----------------------------------------

De rest staat in volgende bericht

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

Corel PaintShop Photo Pro X3ShowPicturesOnArrivalHandler\
Provider = Corel PaintShop Photo Pro X3
InvokeProgID = PaintShopPhotoProX3.Image
InvokeVerb = Overzicht
HKLM\SOFTWARE\Classes\PaintShopPhotoProX3.Image\shell\Overzicht\command\(Default) = "c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe" /Review "%1" [Corel, Inc.]

MSLivePhotoAcquireDropHandler\
Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10
InvokeProgID = Microsoft.LivePhotoAcqDTShim.1
InvokeVerb = open
HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625}
-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS]

MSLiveShowPicturesOnArrival\
Provider = @%ProgramFiles(x86)%\Windows Live\Photo Gallery\regres.dll,-10
InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1
InvokeVerb = open
HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7}
-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShimx64.dll [MS]

MSPlayCDAudioOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.AudioCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.AudioCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /device:AudioCD "%L" [MS]

MSPlayDVDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.DVD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.DVD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:DVD "%L" [MS]

MSPlaySuperVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSPlayVideoCDMovieOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.VCD
InvokeVerb = play
HKLM\SOFTWARE\Classes\WMP.VCD\shell\play\command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:4 /device:VCD "%L" [MS]

MSWMEncVCArrival\
Provider = Windows Media Encoder 9 Series
ProgID = Shell.HWEventHandlerShellExecute
InitCmdLine = C:\Program Files (x86)\Windows Media Components\Encoder\WMEnc.exe
HKLM\SOFTWARE\Classes\Shell.HWEventHandlerShellExecute\CLSID\(Default) = {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}
-> {HKLM.CLSID} = Shell Execute Hardware Event Handler
\LocalServer32\(Default) = C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} [MS]

MSWMPBurnCDOnArrival\
Provider = @wmploc.dll,-6502
InvokeProgID = WMP.BurnCD
InvokeVerb = Burn
HKLM\SOFTWARE\Classes\WMP.BurnCD\shell\Burn\Command\(Default) = "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:3 /Task:CDWrite /Device:"%L" [MS]

NTIBurner\
Provider = NTI Media Maker
InvokeProgID = NTIBurnerOpen
InvokeVerb = open
HKLM\SOFTWARE\Classes\NTIBurnerOpen\shell\open\command\(Default) = "C:\Program Files (x86)\NewTech Infosystems\NTI Media Maker 8\DiscLaunchPad.exe" [NewTech Infosystems, Inc.]

PaperPort11AutoPlay\
Provider = PaperPort 11
InvokeProgID = PaperPort.AutoplayHandler
InvokeVerb = open
HKLM\SOFTWARE\Classes\PaperPort.AutoplayHandler\shell\open\command\(Default) = C:\Program Files (x86)\ScanSoft\PaperPort\PaprPort.exe /folder %L [Nuance Communications, Inc.]

PCinemaPlayCDAudioOnArrival\
Provider = Acer Arcade Deluxe
InvokeProgID = AudioCD
InvokeVerb = PlayWithPowerCinema
HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPowerCinema\Command\(Default) = "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe" AUTOPLAY CD "%L" [Acer Incorporated]

PlayMoviePlayDVDMovieOnArrival\
Provider = Acer Arcade Deluxe
InvokeProgID = DVD
InvokeVerb = PlayWithPlayMovie
HKLM\SOFTWARE\Classes\DVD\shell\PlayWithPlayMovie\Command\(Default) = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\discautorun.exe" AUTOPLAY MOVIE "%L" [CyberLink Corp.]

PlayMoviePlayVideoCDMovieOnArrival\
Provider = Acer Arcade Deluxe
InvokeProgID = VCD
InvokeVerb = PlayWithPlayMovie
HKLM\SOFTWARE\Classes\VCD\shell\PlayWithPlayMovie\Command\(Default) = "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\discautorun.exe" AUTOPLAY MOVIE "%L" [CyberLink Corp.]

VLCPlayCDAudioOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.CDAudio
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.CDAudio\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file cdda:///%1 [VideoLAN]

VLCPlayDVDAudioOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN]

VLCPlayDVDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.DVDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.DVDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file dvd:///%1 [VideoLAN]

VLCPlayMusicFilesOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN]

VLCPlaySVCDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.SVCDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.SVCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN]

VLCPlayVCDMovieOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.VCDMovie
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.VCDMovie\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file vcd:///%1 [VideoLAN]

VLCPlayVideoFilesOnArrival\
Provider = VideoLAN VLC media player
InvokeProgID = VLC.OPENFolder
InvokeVerb = Open
HKLM\SOFTWARE\Classes\VLC.OPENFolder\shell\Open\command\(Default) = "C:\Program Files\VideoLAN\VLC\vlc.exe" %1 [VideoLAN]

WIA_{0839677C-0B2D-479A-9A09-5F48A3622EFC}\
Provider = Corel PaintShop Photo Pro X3
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe -wialaunch /StiDevice:%1 /StiEvent:%2;
-> {HKLM.CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]

WIA_{2E15E684-5E4A-4FB9-8C82-E1A2945B8D4E}\
Provider = Corel PaintShop Photo Pro X3
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\Corel Paint Shop Pro Photo.exe -wialaunch;
-> {HKLM.CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]

WIA_{6104AF49-5939-422D-91FD-E4B25AF01F57}\
Provider = PaperPort
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;C:\Program Files (x86)\ScanSoft\PaperPort\PaprPort.exe /StillImage /StiDevice:%1 /StiEvent:%2;
-> {HKLM.CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]

WIA_{61EC0B9B-4B4C-4473-ACE4-7C6288BA22DC}\
Provider = ControlCenter3
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /StiDevice:%1 /StiEvent:%2;
-> {HKLM.CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]

WIA_{E0D842B5-AF68-46FC-BCC9-659BD2962A6A}\
Provider = WinZip
CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}
InitCmdLine = /WiaCmd;C:\Program Files (x86)\WinZip\WINZIP32.EXE /wia;
-> {HKLM.CLSID} = WPDShextAutoplay
\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]


Startup items in "sandra74" & "All Users" startup folders:
----------------------------------------------------------

C:\Users\sandra74\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.4.1 -> shortcut to: C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe [null data]


Non-disabled Scheduled Tasks:
-----------------------------

C:\Users\sandra74\AppData\Local\Microsoft\Windows Sidebar\Settings.ini

C:\Windows\System32\Tasks
Ad-Aware Update (Weekly) -> launches: C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe update all silent repair [file not found]
CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS]
{0CF1A513-8FC1-4DA1-86A8-330CA36A6491} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\sandra74\Downloads\iview432_setup.exe -d C:\Users\sandra74\Downloads [MS]
{6FB892B2-C22B-42D2-B047-78BE9F6DBA34} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\sandra74\Downloads\iview433_setup.exe -d C:\Users\sandra74\Downloads [MS]
{7C6EE54D-F7D7-4F02-BC12-87227140B5A0} -> launches: C:\Program Files (x86)\PopCap Games\Bejeweled Blitz\BejBlitz.exe [file not found]
{AACDCABD-6DF4-4D70-B897-E688E178004C} -> launches: C:\Windows\system32\pcalua.exe -a D:\Drivers\TG123g.exe -d D:\Drivers [MS]
{B6587EEA-80DA-4F4E-8C06-925375CDAC3D} -> launches: C:\Windows\system32\pcalua.exe -a C:\Users\sandra74\Downloads\irfanview_lang_nederlands.exe -d C:\Users\sandra74\Downloads [MS]

C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client
AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}
-> {HKLM.CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]
-> {HKLM.Wow.CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler
\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience
AitAgent -> launches: aitagent [MS]
ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk
Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth
UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient
SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
-> {HKLM.CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
-> {HKLM.Wow.CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}
-> {HKLM.CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]
-> {HKLM.Wow.CLSID} = Certificate Services Client Task Handler
\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program
Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS]
KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c}
-> {HKLM.CLSID} = KernelCeipCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS]
UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8}
-> {HKLM.CLSID} = UsbCeip
\InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]
-> {HKLM.Wow.CLSID} = UsbCeip
\InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag
ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis
Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3}
-> {HKLM.CLSID} = ScheduledDiagnosticCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location
Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance
WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D}
-> {HKLM.CLSID} = WinSAT Task Manger Task
\InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]
-> {HKLM.Wow.CLSID} = WinSAT Task Manger Task
\InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center
ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS]
ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS]
DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS]
ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]
InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS]
mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS]
mcupdate_scheduled -> launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS]
MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS]
ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS]
OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]
OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS]
PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS]
PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS]
PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS]
PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS]
PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS]
RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS]
ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS]
SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS]
StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS]
UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic
CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
-> {HKLM.CLSID} = MemoryDiagnosticCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]
DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}
-> {HKLM.CLSID} = MemoryDiagnosticCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC
HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
-> {HKLM.CLSID} = HotStart User Agent
\InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI
Lpksetup -> launches: C:\Windows\System32\lpksetup.exe -v [MS]
Mcbuilder -> launches: C:\Windows\System32\mcbuilder.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia
SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}
-> {HKLM.CLSID} = Microsoft PlaySoundService Class
\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]
-> {HKLM.Wow.CLSID} = Microsoft PlaySoundService Class
\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace
GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics
AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC
RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6}
-> {HKLM.CLSID} = ReliabilityAnalysisCustomHandler
\InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]
-> {HKLM.Wow.CLSID} = ReliabilityAnalysisCustomHandler
\InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras
MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa}
-> {HKLM.CLSID} = RasMobilityManager
\InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry
RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2}
-> {HKLM.CLSID} = RegistryIdleBackupHandler
\InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance
RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow
GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}
-> {HKLM.CLSID} = GadgetsManager Class
\InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager
Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4}
-> {HKLM.CLSID} = RunTask
\InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]
-> {HKLM.Wow.CLSID} = RunTask
\InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip
IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]
IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}
-> {HKLM.CLSID} = MsCtfMonitor task handler
\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]
-> {HKLM.Wow.CLSID} = MsCtfMonitor task handler
\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization
SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP
UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI
ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}
-> {HKLM.CLSID} = DiagnosticInfrastructureCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]
-> {HKLM.Wow.CLSID} = DiagnosticInfrastructureCustomHandler
\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting
QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform
BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing
UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup
AutomaticBackup -> launches: %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup [MS]
Windows Backup Monitor -> launches: %systemroot%\system32\sdclt.exe /CHECKSKIPPED [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem
Calibration Loader -> launches: {B210D694-C8DF-490d-9576-9E20CDBC20BD}
-> {HKLM.CLSID} = Color Calibration Loader
\InProcServer32\(Default) = C:\Windows\System32\mscms.dll [MS]
-> {HKLM.Wow.CLSID} = Color Calibration Loader
\InProcServer32\(Default) = C:\Windows\System32\mscms.dll [MS]


C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE
Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1}
-> {HKLM.Wow.CLSID} = Windows Live Social Object Extractor Engine Definition Updater
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll [MS]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]
000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]
000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]
000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]
000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]
000000000007\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]
000000000008\LibraryPath = C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]

Transport Service Providers

C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [Avira Operations GmbH & Co. KG], 01 - 04, 15
%SystemRoot%\system32\mswsock.dll [MS], 05 - 14


Toolbars, Explorer Bars, Extensions:
------------------------------------

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{0000036B-C524-4050-81A0-243669A86B9F}\

{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\

{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\
{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\
ButtonText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004
MenuText = @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003
CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC}
\InProcServer32\(Default) = C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll [MS]

{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}\
ButtonText = @C:\Windows\WindowsMobile\INetRepl.dll,-222
CLSIDExtension = {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}
-> {HKLM.Wow.CLSID} = Create Mobile Favorite
\InProcServer32\(Default) = C:\Windows\WindowsMobile\INetRepl.dll [MS]

{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}\
MenuText = @C:\Windows\WindowsMobile\INetRepl.dll,-223
CLSIDExtension = {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F}
-> {HKLM.Wow.CLSID} = Create Mobile Favorite
\InProcServer32\(Default) = C:\Windows\WindowsMobile\INetRepl.dll [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Acer ePower Service, ePowerSvc, C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [Acer Incorporated]
Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated]
Avira Mail Protection, AntiVirMailService, "C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe" [Avira Operations GmbH & Co. KG]
Avira Realtime Protection, AntiVirService, "C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe" [Avira Operations GmbH & Co. KG]
Avira Scheduler, AntiVirSchedulerService, "C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe" [Avira Operations GmbH & Co. KG]
Avira Web Protection, AntiVirWebService, "C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE" [Avira Operations GmbH & Co. KG]
Connectiviteit voor Windows Mobile-2003-apparaten, WcesComm, C:\Windows\system32\svchost.exe -k WindowsMobile {C:\Windows\WindowsMobile\wcescomm.dll [MS]}
Connectiviteit voor Windows Mobile-apparaten, RapiMgr, C:\Windows\system32\svchost.exe -k WindowsMobile {C:\Windows\WindowsMobile\rapimgr.dll [MS]}
GRegService, Greg_Service, C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [Acer Incorporated]
Intel(R) Matrix Storage Event Monitor, IAANTMON, C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [Intel Corporation]
NTI Backup Now 5 Scheduler Service, NTISchedulerSvc, C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [NewTech Infosystems, Inc.]
Protexis Licensing V2, PSI_SVC_2, "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" [Protexis Inc.]
Protexis Licensing V2 x64, PSI_SVC_2_x64, "c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe" [arvato digital services llc]
Updater Service, Updater Service, C:\Program Files\Acer\Acer Updater\UpdaterService.exe [Acer]
Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS]


Safe Mode Drivers & Services (subkey name, subkey default value):
-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> MCODS, Service

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> MpfService, Service

Hoi,

Mooi dat dit gelukt is, alleen kan ik er nog steeds mijn vinger niet op leggen bij het probleem met cscript.exe

Ik ook niet..
Maar goed dat zegt niet zo veel hihi

Vertel me maar ,wat ik moet doen.

Hoi,

Momenteel is de "hoge hoed" met ideeën behoorlijk leeg, als me weer iets te binnen schiet of iets kan vinden wat dit probleem kan veroorzaken laat ik het weer weten.

Oke.