Ga naar inhoud

Help.. Ik wil FLV Runner Toolbar - Virus Removal Guide verwijderen.


Aanbevolen berichten

Hallo allemaal...........bij het zoeken is er een programmaatje opgehaald.

Doordat we in Spanje zitten en de taal niet begreep, heb ik op ""ik weet niet wat"" geklikt en nu hebben we er een extra taakbalk bij, die ongewenst is.

We gebruiken Google Chrome.

Ik heb al het een en ander gevonden op internet, maar ik kan het niet de-installeren.

Ik wil het kwijt.............wat zijn de stappen ?

Nieuwsgierig naar het antwoord, groet ik, Betje.

Link naar reactie
Delen op andere sites

  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

Kan je het onderstaande uitvoeren ?...

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

Dag Asus,

Het kladblok is geopend.

Een hele lijst is opgehaald.

Ik kan echter de lijst niet selecteren zoals jij schrijft met Ctrl.A, vanaf hier ben ik het spoor bijster.............

Kun je de stappen duidelijker aangeven ?

Alvast bedankt, Betje.

Link naar reactie
Delen op andere sites

Dag Asus,

Het kladblok is geopend.

Een hele lijst is opgehaald.

Ik kan echter de lijst niet selecteren zoals jij schrijft met Ctrl.A, vanaf hier ben ik het spoor bijster.............

Kun je de stappen duidelijker aangeven ?

Alvast bedankt, Betje.

Link naar reactie
Delen op andere sites

Ik had in HiJack een hele lijst staan, maar een leeg kladblok..............

Ik neem aan, dat je het kladblok met de lijst toegestuurd wilt krijgen ?

En een "logje" wat bedoel je daarmee ? Is dat soms een icoontje ?

Doe het niet graag en liever niet, maar wanneer ik alles recover naar de fabrieksinstellingen, ben ik dan die bende kwijt ?

Groeten, Betje.

Link naar reactie
Delen op andere sites

We gaan even iets anders proberen.

Download RSIT.

Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.

Klik op Continue in het disclaimer venster.

Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

Link naar reactie
Delen op andere sites

info.txt logfile of random's system information tool 1.09 2012-10-27 17:03:44

======Uninstall list======

-->"C:\Program Files\Acer Games\Game Explorer Categories - main\Uninstall.exe"

-->"C:\Program Files\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly

-->"C:\Program Files\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly

Acer Crystal Eye Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall

Acer Crystal Eye Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall

Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x413 -removeonly

Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x413 -removeonly

Acer Games-->"C:\Program Files\Acer Games\Uninstall.exe"

Acer Registration-->C:\Program Files\Acer\Registration\Uninstall.exe

Acer ScreenSaver-->C:\Program Files\Acer\Screensaver\Uninstall.exe

Acer Updater-->"C:\Program Files\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x413 -removeonly

Acer VCM-->"C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -runfromtemp -l0x413 -removeonly

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10u_ActiveX.exe -maintain activex

Adobe Reader X (10.1.4) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}

Agatha Christie - Death on the Nile-->"C:\Program Files\Acer Games\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"

AndroidInstaller-->"C:\Program Files\InstallShield Installation Information\{523281E5-91DD-49F5-9D85-954148F7596A}\setup.exe" -runfromtemp -l0x0409 -removeonly

Anti-phishing Domain Advisor-->C:\ProgramData\Anti-phishing Domain Advisor\uninstall.exe

AVG 2012-->"C:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall

AVG 2012-->MsiExec.exe /I{38580E5E-AF78-4536-AD1E-6A62661372C5}

AVG 2012-->MsiExec.exe /I{B69C390B-826F-473C-86EB-7AD4950818C3}

Bejeweled 2 Deluxe-->"C:\Program Files\Acer Games\Bejeweled 2 Deluxe\uninstall\uninstaller.exe"

Bing Bar-->MsiExec.exe /X{C28D96C0-6A90-459E-A077-A6706F4EC0FC}

BitMeter-->"C:\Program Files\Codebox\BitMeter\uninstall.exe"

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

Chuzzle Deluxe-->"C:\Program Files\Acer Games\Chuzzle Deluxe\uninstall\uninstaller.exe"

D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

eBay Worldwide-->MsiExec.exe /I{D3E5A972-9A15-427D-AE78-8181A5FD943C}

Everio MediaBrowser-->"C:\Program Files\InstallShield Installation Information\{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}\setup.exe" -runfromtemp -l0x0013UNINSTALL -removeonly

FATE-->"C:\Program Files\Acer Games\FATE\uninstall\uninstaller.exe"

Final Drive: Nitro-->"C:\Program Files\Acer Games\Final Drive Nitro\uninstall\uninstaller.exe"

Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}

Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}

Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}

Galeria fotogràfica del Windows Live-->MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1}

Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}

Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}

Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}

High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}

HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

Identity Card-->C:\Program Files\Acer\Identity Card\Uninstall.exe

Insaniquarium Deluxe-->"C:\Program Files\Acer Games\Insaniquarium Deluxe\uninstall\uninstaller.exe"

Intel® Control Center-->C:\Program Files\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm

Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall

Intel® Rapid Storage Technology-->C:\Program Files\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall

Jewel Match 3-->"C:\Program Files\Acer Games\Jewel Match 3\uninstall\uninstaller.exe"

Jewel Quest Solitaire-->"C:\Program Files\Acer Games\Jewel Quest Solitaire\uninstall\uninstaller.exe"

Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI

Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}

Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft Office Professional Editie 2003-->MsiExec.exe /I{90110413-6000-11D3-8CFE-0150048383C9}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Mobile Partner-->C:\Program Files\Mobile Partner\uninst.exe

MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}

MyWinLocker Suite-->"C:\Program Files\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0413 -removeonly

MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}

Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}

Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}

Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}

Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}

Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}

Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}

Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}

Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}

Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}

Nero DiscCopy Gadget 10-->MsiExec.exe /X{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}

Nero DiscCopyGadget 10 Help (CHM)-->MsiExec.exe /X{5F548A02-80BC-404D-BAE6-F05F9BF6B449}

Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}

Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}

Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}

Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}

Nero InCD-->MsiExec.exe /X{59482AA7-3E30-4B5E-A52F-4101DACC2707}

Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}

Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}

Nero Multimedia Suite 10 Essentials-->MsiExec.exe /I{89590A73-9AC3-48ED-B83E-6489900DED5A}

Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}

Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}

Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

newsXpresso-->"C:\Program Files\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -runfromtemp -l0x0409 -removeonly

newsXpresso-->MsiExec.exe /X{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}

Penguins!-->"C:\Program Files\Acer Games\Penguins!\uninstall\uninstaller.exe"

Plants vs. Zombies - Game of the Year-->"C:\Program Files\Acer Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"

Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}

Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}

PoiEdit-->C:\PROGRA~1\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~1\DNOTES~1\POIEDI~1\INSTALL.LOG

Polar Bowler-->"C:\Program Files\Acer Games\Polar Bowler\uninstall\uninstaller.exe"

Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}

Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D}

Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

Realtek PCIE Card Reader-->"C:\Program Files\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client

Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}

Skip-Bo - Castaway Caper-->"C:\Program Files\Acer Games\Skip-Bo - Castaway Caper\uninstall\uninstaller.exe"

Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}

Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}

Slingo Deluxe-->"C:\Program Files\Acer Games\Slingo Deluxe\uninstall\uninstaller.exe"

Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP

TomTom HOME-->MsiExec.exe /I{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}

Torchlight-->"C:\Program Files\Acer Games\Torchlight\uninstall\uninstaller.exe"

Tradewinds Legends-->"C:\Program Files\Acer Games\Tradewinds Legends\uninstall\uninstaller.exe"

TSST OEM Content-->MsiExec.exe /X{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client

Update Installer for WildTangent Games App-->"C:\Program Files\WildTangent Games\App\Uninstall.exe"

Virtual Villagers 4 - The Tree of Life-->"C:\Program Files\Acer Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"

VoipBuster-->"C:\Program Files\VoipBuster.com\VoipBuster\unins000.exe"

WEB Partner-->C:\Program Files\WEB Partner\uninst.exe

Wedding Dash-->"C:\Program Files\Acer Games\Wedding Dash\uninstall\uninstaller.exe"

Welcome Center-->C:\Program Files\Acer\Welcome Center\Uninstall.exe

WildTangent Games App (Acer Games)-->"C:\Program Files\WildTangent Games\Touchpoints\acer\Uninstall.exe"

Windows Live Argazki Galeria-->MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}

Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F}

Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}

Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}

Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}

Windows Live Essentials-->MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}

Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}

Windows Live Essentials-->MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453}

Windows Live Essentials-->MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419}

Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}

Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}

Windows Live Essentials-->MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3}

Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07}

Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}

Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}

Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}

Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}

Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}

Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}

Windows Live Essentials-->MsiExec.exe /I{F0F9505B-3ACF-4158-9311-D0285136AA00}

Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}

Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}

Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}

Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}

Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}

Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}

Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}

Windows Live Fotogalleri-->MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508}

Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721}

Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}

Windows Live Galeria de Fotos-->MsiExec.exe /X{F7A46527-DF1F-4B0F-9637-98547E189442}

Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}

Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}

Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}

Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07}

Windows Live Mail-->MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}

Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}

Windows Live Mail-->MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD}

Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437}

Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}

Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}

Windows Live Mail-->MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB}

Windows Live Mail-->MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}

Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}

Windows Live Mail-->MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF}

Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}

Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}

Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}

Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}

Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}

Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}

Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}

Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}

Windows Live Mail-->MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD}

Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}

Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}

Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}

Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4}

Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}

Windows Live Mesh-->MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5}

Windows Live Mesh-->MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5}

Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}

Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}

Windows Live Mesh-->MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}

Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}

Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}

Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}

Windows Live Mesh-->MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB}

Windows Live Mesh-->MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B}

Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}

Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}

Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}

Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}

Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}

Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}

Windows Live Mesh-->MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}

Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}

Windows Live Mesh-->MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F}

Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}

Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}

Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}

Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}

Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}

Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}

Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}

Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}

Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}

Windows Live Movie Maker-->MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453}

Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}

Windows Live Movie Maker-->MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60}

Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}

Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}

Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E}

Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}

Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}

Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

Windows Live Movie Maker-->MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}

Windows Live Movie Maker-->MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1}

Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}

Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}

Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}

Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}

Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}

Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}

Windows Live Movie Maker-->MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}

Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}

Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}

Windows Live Movie Maker-->MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F}

Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}

Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}

Windows Live Movie Maker-->MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}

Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}

Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}

Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}

Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245}

Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}

Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}

Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}

Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}

Windows Live Photo Common-->MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48}

Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}

Windows Live Photo Common-->MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74}

Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}

Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}

Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}

Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}

Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}

Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}

Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}

Windows Live Photo Common-->MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}

Windows Live Photo Common-->MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}

Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}

Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}

Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857}

Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}

Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}

Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}

Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}

Windows Live Photo Common-->MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68}

Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}

Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}

Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}

Windows Live Photo Common-->MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E}

Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}

Windows Live Photo Common-->MsiExec.exe /X{F0F5D89A-197C-495B-827E-3E98B811CD2E}

Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}

Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}

Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}

Windows Live Photo Gallery-->MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6}

Windows Live Photo Gallery-->MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5}

Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}

Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947}

Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}

Windows Live Remote Client Resources-->MsiExec.exe /I{02602409-9189-4567-BC07-562605243B69}

Windows Live Remote Client Resources-->MsiExec.exe /I{05E47624-97C4-4B22-83C8-D4E30EC3EF02}

Windows Live Remote Client Resources-->MsiExec.exe /I{143DB9C9-3F0D-4DC7-A57B-A7E4F26FA12E}

Windows Live Remote Client Resources-->MsiExec.exe /I{244C5A67-39DC-4C6C-BF1B-BCC9D342A4C4}

Windows Live Remote Client Resources-->MsiExec.exe /I{2852BC06-B850-4518-97E6-CD136FE75683}

Windows Live Remote Client Resources-->MsiExec.exe /I{2B3EA5DA-D040-48FB-813F-1CF8C0123698}

Windows Live Remote Client Resources-->MsiExec.exe /I{30E82CD5-6E97-4381-86EB-548202A6D5B7}

Windows Live Remote Client Resources-->MsiExec.exe /I{3BC3B1A5-30E3-4DDB-BE08-E7262B838B5F}

Windows Live Remote Client Resources-->MsiExec.exe /I{41B72CAF-036B-4E0A-8D22-F5DF7C970434}

Windows Live Remote Client Resources-->MsiExec.exe /I{454F5782-A4C3-480E-A629-D435795DEFD8}

Windows Live Remote Client Resources-->MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}

Windows Live Remote Client Resources-->MsiExec.exe /I{4B1EDAFC-B0EB-465F-886C-24FAC1BED2AC}

Windows Live Remote Client Resources-->MsiExec.exe /I{5C8BC258-A629-4DF2-97D0-E106C2A9B1BD}

Windows Live Remote Client Resources-->MsiExec.exe /I{6255D9FC-427F-4867-84DB-164DBEA0661F}

Windows Live Remote Client Resources-->MsiExec.exe /I{66B0B400-22AB-47E6-8673-38A5D37F6331}

Windows Live Remote Client Resources-->MsiExec.exe /I{7846B719-862C-468A-9FD0-4769D2590535}

Windows Live Remote Client Resources-->MsiExec.exe /I{7962DFC7-BBD8-4FA1-B510-46A993C2BF94}

Windows Live Remote Client Resources-->MsiExec.exe /I{7A143876-9658-4A58-82E7-B5F02D942957}

Windows Live Remote Client Resources-->MsiExec.exe /I{84D3CB13-C7EE-4A29-817E-D82697320BF5}

Windows Live Remote Client Resources-->MsiExec.exe /I{A4C16B19-10AA-4990-AA87-D14F653E3345}

Windows Live Remote Client Resources-->MsiExec.exe /I{A9ABC0A6-DC01-4102-BEC9-86974A73B214}

Windows Live Remote Client Resources-->MsiExec.exe /I{B512307E-543D-457E-B759-75E0D5B0BCDF}

Windows Live Remote Client Resources-->MsiExec.exe /I{B6F55C3E-30EE-4D25-8BAD-CEE4BF8C78EB}

Windows Live Remote Client Resources-->MsiExec.exe /I{C30628D8-D3A0-4F23-90F0-F145808087B6}

Windows Live Remote Client Resources-->MsiExec.exe /I{CD6CB7F1-1B8E-424A-9B81-F8D2F03958EC}

Windows Live Remote Client Resources-->MsiExec.exe /I{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}

Windows Live Remote Client Resources-->MsiExec.exe /I{E1629C45-9CEF-498E-83CD-D6A09CADA176}

Windows Live Remote Client Resources-->MsiExec.exe /I{E7FB0043-24A5-4B30-AED6-01B47B44CB67}

Windows Live Remote Client Resources-->MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}

Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}

Windows Live Remote Service Resources-->MsiExec.exe /I{065241D0-A178-4F24-8A09-691761A8957B}

Windows Live Remote Service Resources-->MsiExec.exe /I{0891B708-EF3F-4D7E-9724-265245F46276}

Windows Live Remote Service Resources-->MsiExec.exe /I{0A1651F1-7E0F-4613-93FE-967F5BC3C1B7}

Windows Live Remote Service Resources-->MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}

Windows Live Remote Service Resources-->MsiExec.exe /I{201B5096-AF6E-423E-B987-023E040D9B42}

Windows Live Remote Service Resources-->MsiExec.exe /I{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}

Windows Live Remote Service Resources-->MsiExec.exe /I{3BFB2388-64EE-4AAA-9235-5FE725FED6DE}

Windows Live Remote Service Resources-->MsiExec.exe /I{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}

Windows Live Remote Service Resources-->MsiExec.exe /I{448702D4-83DD-4EFC-B09B-94AD6CA0D978}

Windows Live Remote Service Resources-->MsiExec.exe /I{5008BC55-FD3D-4A32-A1B7-610E18F4D220}

Windows Live Remote Service Resources-->MsiExec.exe /I{61A5DE19-BE38-45AF-A9BC-73E49703315E}

Windows Live Remote Service Resources-->MsiExec.exe /I{7612E28A-C4DB-4259-AA91-CB02B1BCF623}

Windows Live Remote Service Resources-->MsiExec.exe /I{82EE333F-45A9-4585-A5D9-31FE16B7FB25}

Windows Live Remote Service Resources-->MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}

Windows Live Remote Service Resources-->MsiExec.exe /I{93C6647F-AFE0-4CC2-8809-28A0B320D11B}

Windows Live Remote Service Resources-->MsiExec.exe /I{97124033-1253-4474-8B25-1AB314A920E6}

Windows Live Remote Service Resources-->MsiExec.exe /I{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}

Windows Live Remote Service Resources-->MsiExec.exe /I{AC0628FF-532F-4800-91EC-40903B04682F}

Windows Live Remote Service Resources-->MsiExec.exe /I{AC259A12-6CD9-486D-A97A-B619EB46225A}

Windows Live Remote Service Resources-->MsiExec.exe /I{BA8D4CEF-D23D-44AB-8A89-66E602253791}

Windows Live Remote Service Resources-->MsiExec.exe /I{C1015024-0BF1-4B51-8A06-C28953687DA7}

Windows Live Remote Service Resources-->MsiExec.exe /I{C411942C-C26B-4450-8B9A-173DCC22AEC6}

Windows Live Remote Service Resources-->MsiExec.exe /I{C4E7704D-5AFB-44CA-B8BA-F16C8FA46D5F}

Windows Live Remote Service Resources-->MsiExec.exe /I{CB240A71-3AFC-4429-B4D4-F965B8C4267E}

Windows Live Remote Service Resources-->MsiExec.exe /I{D378BEA1-912E-4827-B9DB-D3B2C3D0BD4A}

Windows Live Remote Service Resources-->MsiExec.exe /I{D3CAE2CA-BE71-4CA4-9EB9-46E1C82E778B}

Windows Live Remote Service Resources-->MsiExec.exe /I{DEDF8BAB-98D7-4CFA-9C42-27431EC4BD1F}

Windows Live Remote Service Resources-->MsiExec.exe /I{E6617B44-D556-49AC-B2A3-01451E115043}

Windows Live Remote Service Resources-->MsiExec.exe /I{F81DB83D-A016-45A6-A6A0-135B1E6939EF}

Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}

Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{DF71ABBB-B834-41C0-BB58-80B0545D754C}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}

Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}

Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}

Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}

Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}

Windows Live Writer Resources-->MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}

Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8}

Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}

Windows Live Writer Resources-->MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}

Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}

Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}

Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}

Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}

Windows Live Writer Resources-->MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}

Windows Live Writer Resources-->MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229}

Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}

Windows Live Writer Resources-->MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}

Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}

Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}

Windows Live Writer Resources-->MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656}

Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}

Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}

Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}

Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}

Windows Live Writer Resources-->MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}

Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}

Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}

Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}

Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}

Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8}

Windows Live Writer-->MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}

Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}

Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}

Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}

Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}

Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}

Windows Live Writer-->MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}

Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}

Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}

Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}

Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}

Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}

Windows Live Writer-->MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13}

Windows Live Writer-->MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}

Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}

Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F}

Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}

Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}

Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}

Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}

Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}

Windows Live Writer-->MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812}

Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}

Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}

Windows Live Writer-->MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999}

Windows Live Writer-->MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}

Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}

Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}

Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483}

Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350}

Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92}

Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}

Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

Windows Liven asennustyökalu-->MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08}

Windows Liven sähköposti-->MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}

Windows Liven valokuvavalikoima-->MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866}

Zuma Deluxe-->"C:\Program Files\Acer Games\Zuma Deluxe\uninstall\uninstaller.exe"

Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}

Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}

Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}

Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}

Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}

גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}

بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}

معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}

======System event log======

Computer Name: WIN-VHFH9EBO6FI

Event Code: 7036

Message: De Windows Search-service heeft nu de status stopped.

Record Number: 1724

Source Name: Service Control Manager

Time Written: 20111028232704.214631-000

Event Type: Informatie

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 7040

Message: Het opstarttype van de service Windows Search is gewijzigd van auto start in disabled.

Record Number: 1723

Source Name: Service Control Manager

Time Written: 20111028232702.623428-000

Event Type: Informatie

User: LausenElze-PC\Administrator

Computer Name: WIN-VHFH9EBO6FI

Event Code: 104

Message: Logboekbestand Setup is gewist.

Record Number: 1722

Source Name: Microsoft-Windows-Eventlog

Time Written: 20111028232648.365003-000

Event Type: Informatie

User: LausenElze-PC\Administrator

Computer Name: WIN-VHFH9EBO6FI

Event Code: 104

Message: Logboekbestand Application is gewist.

Record Number: 1721

Source Name: Microsoft-Windows-Eventlog

Time Written: 20111028232648.318203-000

Event Type: Informatie

User: LausenElze-PC\Administrator

Computer Name: WIN-VHFH9EBO6FI

Event Code: 104

Message: Logboekbestand System is gewist.

Record Number: 1720

Source Name: Microsoft-Windows-Eventlog

Time Written: 20111028232648.302603-000

Event Type: Informatie

User: LausenElze-PC\Administrator

=====Application event log=====

Computer Name: LausenElze-PC

Event Code: 1532

Message: De User Profile-service is gestopt.

Record Number: 2756

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20111028232927.929284-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEM

Computer Name: WIN-VHFH9EBO6FI

Event Code: 258

Message: De schijfdefragmentatie heeft defragmentation op SYSTEM RESERVED voltooid

Record Number: 2755

Source Name: Microsoft-Windows-Defrag

Time Written: 20111028232716.000000-000

Event Type: Informatie

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 1003

Message: De Windows Search-service is gestart.

Record Number: 2754

Source Name: Microsoft-Windows-Search

Time Written: 20111028232704.000000-000

Event Type: Informatie

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 1013

Message: De Windows Search-service is normaal gestopt.

Record Number: 2753

Source Name: Microsoft-Windows-Search

Time Written: 20111028232704.000000-000

Event Type: Informatie

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 103

Message: Windows (3788) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.

Record Number: 2752

Source Name: ESENT

Time Written: 20111028232703.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: WIN-VHFH9EBO6FI

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: WIN-VHFH9EBO6FI$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x254

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 616

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20111028232706.741835-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 615

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20111028232704.791832-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: WIN-VHFH9EBO6FI$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x254

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 614

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20111028232704.791832-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 4738

Message: Er is een gebruikersaccount gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-21-863504456-2856911146-1323721928-500

Accountnaam: Administrator

Accountdomein: WIN-VHFH9EBO6FI

Aanmeldings-id: 0x21a95

Doelaccount:

Beveiligings-id: S-1-5-21-863504456-2856911146-1323721928-500

Accountnaam: Administrator

Accountdomein: WIN-VHFH9EBO6FI

Gewijzigde kenmerken:

SAM-accountnaam: -

Weergavenaam: -

Principal-naam van gebruiker: -

Basismap: -

Basisstation: -

Pad naar script: -

Pad naar profiel: -

Gebruikerswerkstations: -

Wachtwoord voor het laatst ingesteld: -

Account verloopt op: -

Primaire groeps-id: -

Mag overdragen aan: -

Oude UAC-waarde: 0x211

Nieuwe UAC-waarde: 0x211

Gebruikersaccountbeheer: -

Gebruikersparameters: -

SID-geschiedenis: -

Aantal uren aangemeld: -

Aanvullende gegevens:

Bevoegdheden: -

Record Number: 613

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20111028232648.489803-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-VHFH9EBO6FI

Event Code: 1102

Message: Het controlelogboek is gewist.

Onderwerp:

Beveiligings-id: S-1-5-21-863504456-2856911146-1323721928-500

Accountnaam: Administrator

Domeinnaam: WIN-VHFH9EBO6FI

Aanmeldings-id: 0x21a95

Record Number: 612

Source Name: Microsoft-Windows-Eventlog

Time Written: 20111028232648.333803-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\EgisTec MyWinLocker\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=4

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=1c0a

"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log

"windows_tracing_flags"=3

-----------------EOF-----------------

Logfile of random's system information tool 1.09 (written by random/random)

Run by Laus en Elze at 2012-10-27 17:01:52

Microsoft Windows 7 Starter Service Pack 1

System drive C: has 253 GB (88%) free of 288 GB

Total RAM: 1012 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:03:27, on 27-10-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files\EgisTec IPS\PmmUpdate.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Program Files\Acer\Android Manager\iSync.exe

C:\Program Files\Launch Manager\LMworker.exe

C:\Program Files\Acer\Updater\iUpdate.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\EgisTec IPS\EgisUpdate.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Windows\system32\igfxext.exe

C:\Program Files\Nero\Tools\InCD\NBHGui.exe

C:\Program Files\Nero\Tools\InCD\InCD.exe

C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe

C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe

C:\Program Files\Acer\Acer VCM\AcerVCM.exe

C:\Program Files\Codebox\BitMeter\BitMeter2.exe

C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\Downloads\RSIT.exe

C:\Program Files\trend micro\Laus en Elze.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe

O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe

O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe

O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Tools\InCD\InCD.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized

O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\WEB Partner\WEB Partner

O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Global Startup: Acer VCM.lnk = ?

O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe

O4 - Global Startup: Camera Monitor SD.lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

--

End of file - 12336 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]

AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773}]

TNS NIPO Clicks - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll [2012-01-16 151904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-11 10025576]

"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]

"EgisTecPMMUpdate"=C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]

"EgisUpdate"=C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-11 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-11 173592]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-11 150552]

"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]

"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368]

"iSyncData"=C:\Program Files\Acer\Android Manager\iSync.exe [2011-05-10 408128]

"AndroidManager"=C:\Program Files\Acer\Android Manager\AML.exe [2011-05-10 508992]

"iPatchData"=C:\Program Files\Acer\Updater\iUpdate.exe [2011-05-10 492096]

"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]

"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]

"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-07-31 1147488]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-03-22 1406248]

"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]

"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18 116648]

"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-07-26 247768]

"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2012-09-13 23069600]

"Mobile Partner"=C:\Program Files\WEB Partner\WEB Partner []

"TNS NIPO Clicks"=C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe [2012-01-16 909664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe

Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe

Camera Monitor SD.lnk - C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-10-24 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-27 17:01:54 ----D---- C:\Program Files\trend micro

2012-10-27 17:01:52 ----D---- C:\rsit

2012-10-26 20:52:06 ----D---- C:\Program Files\HiJack

2012-10-23 16:41:47 ----D---- C:\ProgramData\MSScanAppDataDir

2012-10-23 16:35:09 ----A---- C:\Windows\ODBC.INI

2012-10-23 16:34:49 ----A---- C:\Windows\system32\mdimon.dll

2012-10-18 19:01:21 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Wakoopa

2012-10-18 18:05:53 ----D---- C:\ProgramData\MyPoiWorld

2012-10-18 18:00:07 ----D---- C:\Program Files\Dnote Software

2012-10-11 10:29:04 ----A---- C:\Windows\system32\wintrust.dll

2012-10-11 10:28:58 ----A---- C:\Windows\system32\tzres.dll

2012-10-11 10:28:38 ----A---- C:\Windows\system32\kernel32.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-10-11 10:28:34 ----A---- C:\Windows\system32\winsrv.dll

2012-10-11 10:28:34 ----A---- C:\Windows\system32\KernelBase.dll

2012-10-11 10:28:34 ----A---- C:\Windows\system32\conhost.exe

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptsvc.dll

2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptnet.dll

2012-10-11 10:28:15 ----A---- C:\Windows\system32\crypt32.dll

2012-10-11 10:27:44 ----A---- C:\Windows\system32\drivers\ntfs.sys

2012-10-11 10:21:30 ----A---- C:\Windows\system32\kerberos.dll

2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntoskrnl.exe

2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntkrnlpa.exe

2012-09-29 12:04:48 ----A---- C:\Windows\system32\OxpsConverter.exe

======List of files/folders modified in the last 1 month======

2012-10-27 17:03:16 ----D---- C:\Windows\Temp

2012-10-27 17:02:52 ----D---- C:\ProgramData\Bitmeter2

2012-10-27 17:01:54 ----RD---- C:\Program Files

2012-10-27 16:53:44 ----D---- C:\Windows\system32\drivers\AVG

2012-10-27 12:00:51 ----D---- C:\Windows\system32\config

2012-10-27 11:53:41 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Skype

2012-10-27 11:47:58 ----D---- C:\ProgramData\MFAData

2012-10-26 23:33:47 ----D---- C:\Windows\Microsoft.NET

2012-10-26 20:52:09 ----SHD---- C:\Windows\Installer

2012-10-26 20:52:07 ----SD---- C:\Users\Laus en Elze\AppData\Roaming\Microsoft

2012-10-26 20:51:35 ----SHD---- C:\System Volume Information

2012-10-26 19:06:44 ----D---- C:\Windows\system32\catroot2

2012-10-25 23:09:42 ----A---- C:\Windows\win.ini

2012-10-25 23:09:28 ----D---- C:\Program Files\Common Files\System

2012-10-25 15:19:06 ----D---- C:\Windows\system32\NDF

2012-10-23 18:03:03 ----D---- C:\Windows\system32\Tasks

2012-10-23 17:07:55 ----D---- C:\Windows\SHELLNEW

2012-10-23 17:03:43 ----D---- C:\Windows

2012-10-23 17:00:07 ----D---- C:\ProgramData\Microsoft Help

2012-10-23 17:00:06 ----RSD---- C:\Windows\assembly

2012-10-23 16:57:47 ----SD---- C:\ProgramData\Microsoft

2012-10-23 16:57:47 ----D---- C:\Program Files\Microsoft Office

2012-10-23 16:57:46 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2012-10-23 16:57:46 ----D---- C:\Program Files\Common Files\microsoft shared

2012-10-23 16:56:50 ----D---- C:\Program Files\MSBuild

2012-10-23 16:41:47 ----HD---- C:\ProgramData

2012-10-23 16:34:49 ----D---- C:\Windows\System32

2012-10-23 16:30:38 ----D---- C:\Windows\inf

2012-10-23 16:22:51 ----D---- C:\Windows\system

2012-10-23 16:21:37 ----A---- C:\Windows\system32\PerfStringBackup.INI

2012-10-19 14:44:09 ----D---- C:\Program Files\Common Files

2012-10-11 14:08:05 ----D---- C:\Windows\winsxs

2012-10-11 14:06:20 ----D---- C:\Windows\system32\nl-NL

2012-10-11 14:06:20 ----D---- C:\Windows\system32\fr-FR

2012-10-11 14:06:20 ----D---- C:\Windows\system32\en-US

2012-10-11 14:06:16 ----D---- C:\Windows\system32\drivers

2012-10-11 10:46:50 ----D---- C:\Windows\debug

2012-10-11 10:46:37 ----A---- C:\Windows\system32\MRT.exe

2012-10-11 10:27:41 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-07-31 27496]

R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-26 21600]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-26 16936]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-26 62240]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-24 4807168]

R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-11 3396136]

R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-07 252520]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]

S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-03-24 204288]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]

S3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944]

R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2011-05-26 29696]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]

R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]

R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]

R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]

R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]

R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632]

R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-07-31 830048]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]

S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]

S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Laus en Elze at 2012-10-27 17:01:52

Microsoft Windows 7 Starter Service Pack 1

System drive C: has 253 GB (88%) free of 288 GB

Total RAM: 1012 MB (14% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:03:27, on 27-10-2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

C:\Program Files\EgisTec IPS\PmmUpdate.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

C:\Program Files\Acer\Android Manager\iSync.exe

C:\Program Files\Launch Manager\LMworker.exe

C:\Program Files\Acer\Updater\iUpdate.exe

C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\EgisTec IPS\EgisUpdate.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Windows\system32\igfxext.exe

C:\Program Files\Nero\Tools\InCD\NBHGui.exe

C:\Program Files\Nero\Tools\InCD\InCD.exe

C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe

C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe

C:\Program Files\Acer\Acer VCM\AcerVCM.exe

C:\Program Files\Codebox\BitMeter\BitMeter2.exe

C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Laus en Elze\Downloads\RSIT.exe

C:\Program Files\trend micro\Laus en Elze.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"

O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe

O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe

O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe

O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe

O4 - HKLM\..\Run: [inCD] C:\Program Files\Nero\Tools\InCD\InCD.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"

O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized

O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\WEB Partner\WEB Partner

O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Global Startup: Acer VCM.lnk = ?

O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe

O4 - Global Startup: Camera Monitor SD.lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe

--

End of file - 12336 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]

AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773}]

TNS NIPO Clicks - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll [2012-01-16 151904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-11 10025576]

"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]

"EgisTecPMMUpdate"=C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]

"EgisUpdate"=C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-11 141848]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-11 173592]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-11 150552]

"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]

"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368]

"iSyncData"=C:\Program Files\Acer\Android Manager\iSync.exe [2011-05-10 408128]

"AndroidManager"=C:\Program Files\Acer\Android Manager\AML.exe [2011-05-10 508992]

"iPatchData"=C:\Program Files\Acer\Updater\iUpdate.exe [2011-05-10 492096]

"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]

"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]

"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-07-31 1147488]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-03-22 1406248]

"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]

"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18 116648]

"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-07-26 247768]

"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2012-09-13 23069600]

"Mobile Partner"=C:\Program Files\WEB Partner\WEB Partner []

"TNS NIPO Clicks"=C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe [2012-01-16 909664]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe

Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe

Camera Monitor SD.lnk - C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2010-10-24 218112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2012-10-27 17:01:54 ----D---- C:\Program Files\trend micro

2012-10-27 17:01:52 ----D---- C:\rsit

2012-10-26 20:52:06 ----D---- C:\Program Files\HiJack

2012-10-23 16:41:47 ----D---- C:\ProgramData\MSScanAppDataDir

2012-10-23 16:35:09 ----A---- C:\Windows\ODBC.INI

2012-10-23 16:34:49 ----A---- C:\Windows\system32\mdimon.dll

2012-10-18 19:01:21 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Wakoopa

2012-10-18 18:05:53 ----D---- C:\ProgramData\MyPoiWorld

2012-10-18 18:00:07 ----D---- C:\Program Files\Dnote Software

2012-10-11 10:29:04 ----A---- C:\Windows\system32\wintrust.dll

2012-10-11 10:28:58 ----A---- C:\Windows\system32\tzres.dll

2012-10-11 10:28:38 ----A---- C:\Windows\system32\kernel32.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2012-10-11 10:28:34 ----A---- C:\Windows\system32\winsrv.dll

2012-10-11 10:28:34 ----A---- C:\Windows\system32\KernelBase.dll

2012-10-11 10:28:34 ----A---- C:\Windows\system32\conhost.exe

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptsvc.dll

2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptnet.dll

2012-10-11 10:28:15 ----A---- C:\Windows\system32\crypt32.dll

2012-10-11 10:27:44 ----A---- C:\Windows\system32\drivers\ntfs.sys

2012-10-11 10:21:30 ----A---- C:\Windows\system32\kerberos.dll

2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntoskrnl.exe

2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntkrnlpa.exe

2012-09-29 12:04:48 ----A---- C:\Windows\system32\OxpsConverter.exe

======List of files/folders modified in the last 1 month======

2012-10-27 17:03:16 ----D---- C:\Windows\Temp

2012-10-27 17:02:52 ----D---- C:\ProgramData\Bitmeter2

2012-10-27 17:01:54 ----RD---- C:\Program Files

2012-10-27 16:53:44 ----D---- C:\Windows\system32\drivers\AVG

2012-10-27 12:00:51 ----D---- C:\Windows\system32\config

2012-10-27 11:53:41 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Skype

2012-10-27 11:47:58 ----D---- C:\ProgramData\MFAData

2012-10-26 23:33:47 ----D---- C:\Windows\Microsoft.NET

2012-10-26 20:52:09 ----SHD---- C:\Windows\Installer

2012-10-26 20:52:07 ----SD---- C:\Users\Laus en Elze\AppData\Roaming\Microsoft

2012-10-26 20:51:35 ----SHD---- C:\System Volume Information

2012-10-26 19:06:44 ----D---- C:\Windows\system32\catroot2

2012-10-25 23:09:42 ----A---- C:\Windows\win.ini

2012-10-25 23:09:28 ----D---- C:\Program Files\Common Files\System

2012-10-25 15:19:06 ----D---- C:\Windows\system32\NDF

2012-10-23 18:03:03 ----D---- C:\Windows\system32\Tasks

2012-10-23 17:07:55 ----D---- C:\Windows\SHELLNEW

2012-10-23 17:03:43 ----D---- C:\Windows

2012-10-23 17:00:07 ----D---- C:\ProgramData\Microsoft Help

2012-10-23 17:00:06 ----RSD---- C:\Windows\assembly

2012-10-23 16:57:47 ----SD---- C:\ProgramData\Microsoft

2012-10-23 16:57:47 ----D---- C:\Program Files\Microsoft Office

2012-10-23 16:57:46 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2012-10-23 16:57:46 ----D---- C:\Program Files\Common Files\microsoft shared

2012-10-23 16:56:50 ----D---- C:\Program Files\MSBuild

2012-10-23 16:41:47 ----HD---- C:\ProgramData

2012-10-23 16:34:49 ----D---- C:\Windows\System32

2012-10-23 16:30:38 ----D---- C:\Windows\inf

2012-10-23 16:22:51 ----D---- C:\Windows\system

2012-10-23 16:21:37 ----A---- C:\Windows\system32\PerfStringBackup.INI

2012-10-19 14:44:09 ----D---- C:\Program Files\Common Files

2012-10-11 14:08:05 ----D---- C:\Windows\winsxs

2012-10-11 14:06:20 ----D---- C:\Windows\system32\nl-NL

2012-10-11 14:06:20 ----D---- C:\Windows\system32\fr-FR

2012-10-11 14:06:20 ----D---- C:\Windows\system32\en-US

2012-10-11 14:06:16 ----D---- C:\Windows\system32\drivers

2012-10-11 10:46:50 ----D---- C:\Windows\debug

2012-10-11 10:46:37 ----A---- C:\Windows\system32\MRT.exe

2012-10-11 10:27:41 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]

R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-07-31 27496]

R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-26 21600]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-26 16936]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-26 62240]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-24 4807168]

R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-11 3396136]

R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]

R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-07 252520]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]

S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-03-24 204288]

S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]

S3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]

R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]

R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944]

R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2011-05-26 29696]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]

R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]

R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]

R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]

R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]

R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]

R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632]

R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-07-31 830048]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]

S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]

S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]

S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.