Spring naar inhoud

Guest's Foto
Welkom,
Guest
Wenst u zich te registreren?


Foto
- - - - -

windows security alert


  • Dit onderwerp is gesloten Dit onderwerp is gesloten
11 reacties op dit onderwerp

#1 MissyL

MissyL

    Nieuweling

  • Lid
  • Pip
  • 5 berichten

Geplaatst 24 april 2011 - 15:13


Hallo allemaal!

Ik heb een probleem met mijn laptop.
Twee weken geleden was er een virus op mijn laptop en toen heb ik die in een computerzaak laten herstellen. Goed, alles was weer in orde.

Gisteren was ik op een website (geen gevaarlijke ofzo) waar ik ineens, via firefox een melding krijg dat ik virussen op mijn computer heb.
Die site die ineens tevoorschijn kwam was deze:
http://zastonj-antiv...e.ms/fast-scan/
Daarop stond dat ik een windows security alert had.

De site zag eruit als een venster waarin je "mijn documenten" zou zien.
Er stond dat ik 6 virussen in mijn shared documents had, 7 in mijn documenten en 11 op zijn hard drive (C:).
Daaronder was een kadertje waarin de namen van de virussen stonden (Trojan Fake alert, ...).
Ik kreeg ook een kleiner venster waarin deze namen opnieuw stonden, met 2 keuzes eronder. "Remove all" en "annuleren".

Ik koos "remove all", dan kreeg ik een download van "Bestantivirus 2011". Maar aan deze download had ik niet veel, want als ik die opende gebeurde er niets.

Heel gerust van deze site was ik niet, maar als ik op annuleren klikte kwam er te staan dat mijn systeem "on the risk of a crash" was dus ik probeerde het anders op te lossen.

Bij mijn vorige herstelling hadden de medewerkers een versie van AVG op m'n laptop gezet. Die heb ik dan laten scannen en die heeft 1 bestand in quarantaine gezet en verwijderd. Maar die site zei dat ik meer had. Dus downloadde ik een gratis virusscan van de site van microsoft. (gevonden via de "help" van m'n computer zelf) Die vond geen virussen meer.

Uiteindelijk heb ik een backup gemaakt en die site dichtgedaan, en mijn laptop is niet gecrasht. Dat deed hij vorige keer wel en daarom liet ik hem ook maken.
Maar mijn laptop loopt nog, dus zou ik het probleem zelf willen oplossen.

Heeft er al iemand ervaring met die website, is die wel te vertrouwen?
Zijn AVG en Microsoft Security Essentials goede virusscans?

Grts, Lore

#2 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 24 april 2011 - 17:25

Download HijackThis
[FONT="]
[/FONT]Klik bij "HijackThis Downloads" op "Installer".
Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".
Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Klik op de snelkoppeling om HijackThis te starten
Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".
Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.[FONT="]
[/FONT]

Bewerkt door kape, 24 april 2011 - 17:28.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#3 kweezie wabbit

kweezie wabbit

    Supervisor

  • Supervisor
  • 25726 berichten

Geplaatst 25 april 2011 - 05:59

Die site waarschuwing (http://zastonj-antiv...e.ms/fast-scan/) geeft aan dat er vanop die site aanvallen kunnen gebeuren op jou pc als je de site toch bezoekt. Je blijft er dus beter weg.
Verder moet je enkel reageren op meldingen van je eigen virusscanner.
Nooit ingaan op meldingen die je via popups krijgt als je een site bezoekt en waarin wordt gezegd dat er zoveel virussen of besmette bestanden op je pc staan. Als je daar toch op reageert, moet je een bestand downloaden om de besmettingen - tegen betaling - te verwijderen. Het is dan dat je eigenlijk de besmetting binnenhaalt, met alle gevolgen vandien.

Als je tevreden bent over ons, vertel het dan aan gans de wereld.
Als je niet tevreden bent, vertel het dan alleen aan ons.


Bezoek onze VIDEOZONE: info in woord en beeld !


#4 MissyL

MissyL

    Nieuweling

  • Lid
  • Pip
  • 5 berichten

Geplaatst 25 april 2011 - 10:12

Beste Kape en Kweezie Wabbit :)

Bedankt om me zo snel verder te helpen!
Ik heb Hijackthis gedownload maar om een of andere reden lukt het kopiëren van mijn log niet.
In de plaats daarvan heb ik dan maar een printscreen genomen, is dat ook goed?

Nu merk ik wel dat mijn computer wat trager is, misschien omdat ik nu AVG (trialversie), die antivirus van microsoft en Hijack heb?
Ik heb ook al van mensen gehoord dat je best 1 antivirus op je computer hebt staan, anders zouden die elkaar tegen werken.
Welke antivirus kan ik het best behouden op mijn computer? En hoe verwijder ik de andere?

Groetjes, en nogmaals bedankt!

Hier de printscreens van m'n Hijack Log:
Hijackthis log 2.jpg

Bijgevoegde Thumbnails

  • Hijackthis log 1.jpg


#5 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 25 april 2011 - 15:02

De printscreens zijn niet echt handig om verder mee te werken. Indien het kopiëren en plakken van het log van HijackThis niet wil lukken, doe dan even het volgende :

Download RSIT.
Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.
Klik op Continue in het disclaimer venster.
Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

Het klopt dat meerdere antivirusscanners geen goed idee is, omdat deze elkaar wel eens willen tegenwerken. AVG moet alvast volstaan om je PC te beschermen. Maar dat bekijken we dan wel even na het plaatsen van het log van RSIT.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#6 MissyL

MissyL

    Nieuweling

  • Lid
  • Pip
  • 5 berichten

Geplaatst 25 april 2011 - 15:28

De inhoud van log.txt:
Logfile of random's system information tool 1.08 (written by random/random)
Run by Labo at 2011-04-25 16:19:33
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 104 GB (45%) free of 228 GB
Total RAM: 3069 MB (51% free)

HijackThis download failed

======Scheduled tasks folder======

C:\Windows\tasks\PB Auto Backup Labo.job
C:\Windows\tasks\User_Feed_Synchronization-{81A8221C-58B9-42F2-85C1-45E8BF8BA0CD}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-08 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0626A63-410B-45E2-99A1-3F2475B2D695}]
Search Assistant - C:\Program Files\SGPSA\BHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG_TRAY"=C:\Program Files\AVG\AVG10\avgtray.exe [2011-01-07 2747744]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-03-09 336384]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2011-01-30 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2010-11-30 997408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
"Packard Bell Software Suite"=C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe [2009-04-10 2901024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe [2011-04-08 234656]

C:\Users\Labo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Labo\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2011-04-25 16:19:33 ----D---- C:\rsit
2011-04-25 10:39:43 ----D---- C:\Program Files\Trend Micro
2011-04-23 20:13:32 ----D---- C:\Program Files\Microsoft Security Client
2011-04-23 20:12:35 ----A---- C:\Windows\system32\drivers\netio.sys
2011-04-23 15:20:48 ----D---- C:\ProgramData\hLe24500pDiEa24500
2011-04-16 14:02:12 ----D---- C:\Users\Labo\AppData\Roaming\Dropbox
2011-04-15 15:41:29 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 15:41:29 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 15:41:26 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 15:41:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 15:41:26 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 15:41:26 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-15 15:41:23 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 15:41:23 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 15:41:21 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 15:41:21 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 15:41:21 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 15:41:19 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 15:41:19 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 15:41:19 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 15:41:17 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 15:41:14 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\wininet.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\urlmon.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2011-04-08 14:23:40 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2011-04-08 14:23:40 ----A---- C:\Windows\system32\msrating.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\msls31.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\mshtmler.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\jsproxy.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\ieui.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\iesysprep.dll
2011-04-08 14:23:40 ----A---- C:\Windows\system32\iertutil.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\wextract.exe
2011-04-08 14:23:39 ----A---- C:\Windows\system32\webcheck.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\url.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\licmgr10.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\inseng.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\iexpress.exe
2011-04-08 14:23:39 ----A---- C:\Windows\system32\iesetup.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\iernonce.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\ieframe.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\iedkcs32.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\ieapfltr.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\ie4uinit.exe
2011-04-08 14:23:39 ----A---- C:\Windows\system32\icardie.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\dxtrans.dll
2011-04-08 14:23:39 ----A---- C:\Windows\system32\dxtmsft.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\vbscript.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\pngfilt.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\occache.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\mshtml.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\mshta.exe
2011-04-08 14:23:38 ----A---- C:\Windows\system32\msfeedssync.exe
2011-04-08 14:23:38 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\jscript9.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\jscript.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\imgutil.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\ieUnatt.exe
2011-04-08 14:23:38 ----A---- C:\Windows\system32\iepeers.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\ieakui.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\ieaksie.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\ieakeng.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\IEAdvpack.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\advpack.dll
2011-04-08 14:23:38 ----A---- C:\Windows\system32\admparse.dll
2011-04-08 12:51:57 ----D---- C:\ProgramData\Sun
2011-04-08 12:51:55 ----D---- C:\Program Files\Common Files\Java
2011-04-08 12:51:43 ----A---- C:\Windows\system32\javaws.exe
2011-04-08 12:51:43 ----A---- C:\Windows\system32\javaw.exe
2011-04-08 12:51:43 ----A---- C:\Windows\system32\java.exe
2011-04-08 12:51:43 ----A---- C:\Windows\system32\deployJava1.dll
2011-04-08 12:48:12 ----D---- C:\ProgramData\ATI
2011-04-08 12:48:10 ----D---- C:\Program Files\AMD APP
2011-04-07 13:46:28 ----HD---- C:\$AVG
2011-04-07 13:22:45 ----D---- C:\Users\Labo\AppData\Roaming\AVG10
2011-04-07 13:21:48 ----HD---- C:\ProgramData\Common Files
2011-04-07 13:19:56 ----D---- C:\Windows\system32\drivers\AVG
2011-04-07 13:19:56 ----D---- C:\ProgramData\AVG10
2011-04-07 13:17:57 ----D---- C:\Program Files\AVG
2011-04-07 13:16:27 ----D---- C:\ProgramData\MFAData
2011-04-07 13:13:34 ----D---- C:\LBCS
2011-04-07 10:20:03 ----A---- C:\Windows\is-A936Q.exe
2011-04-07 10:15:11 ----D---- C:\Program Files\PC Tools Security
2011-04-07 08:53:58 ----ASH---- C:\hiberfil.sys
2011-04-06 16:35:24 ----A---- C:\mbam-error.txt
2011-04-06 16:30:44 ----D---- C:\Users\Labo\AppData\Roaming\Malwarebytes
2011-04-06 16:30:42 ----D---- C:\ProgramData\Malwarebytes
2011-04-06 16:30:26 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2011-04-05 21:57:40 ----D---- C:\ProgramData\fJm24512eOdDp24512
2011-04-05 17:33:41 ----A---- C:\Windows\system32\Oemdspif.dll
2011-04-05 17:33:41 ----A---- C:\Windows\system32\Difxapi.dll
2011-04-05 17:33:41 ----A---- C:\Windows\system32\coinst.dll
2011-04-05 17:33:41 ----A---- C:\Windows\system32\atiuxpag.dll
2011-04-05 17:33:41 ----A---- C:\Windows\system32\atiumdmv.dll
2011-04-05 17:33:41 ----A---- C:\Windows\system32\atiu9pag.dll
2011-04-05 17:33:41 ----A---- C:\Windows\system32\atitmpxx.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\drivers\atikmpag.sys
2011-04-05 17:33:40 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2011-04-05 17:33:40 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atioglxx.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\ATIODE.exe
2011-04-05 17:33:40 ----A---- C:\Windows\system32\ATIODCLI.exe
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atimuixx.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atimpc32.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atiglpxx.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atigktxx.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atiesrxx.exe
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atieclxx.exe
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atidxx32.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\aticfx32.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\aticalrt.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\aticaldd.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\aticalcl.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atibtmon.exe
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atiapfxx.exe
2011-04-05 17:33:40 ----A---- C:\Windows\system32\atiadlxx.dll
2011-04-05 17:33:40 ----A---- C:\Windows\system32\amdpcom32.dll

======List of files/folders modified in the last 1 months======

2011-04-25 16:19:28 ----D---- C:\Windows\Temp
2011-04-25 10:39:48 ----SHD---- C:\Windows\Installer
2011-04-25 10:39:43 ----RD---- C:\Program Files
2011-04-25 10:39:15 ----SHD---- C:\System Volume Information
2011-04-25 08:44:38 ----D---- C:\Windows\System32
2011-04-25 08:44:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-25 08:44:37 ----D---- C:\Windows\inf
2011-04-23 20:19:03 ----D---- C:\Program Files\Common Files\Akamai
2011-04-23 20:15:36 ----D---- C:\Windows\system32\drivers
2011-04-23 20:15:26 ----D---- C:\Windows
2011-04-23 20:14:25 ----D---- C:\Windows\system32\catroot
2011-04-23 20:14:21 ----SD---- C:\ProgramData\Microsoft
2011-04-23 20:13:12 ----D---- C:\Windows\winsxs
2011-04-23 15:20:48 ----HD---- C:\ProgramData
2011-04-23 14:32:34 ----D---- C:\Users\Labo\AppData\Roaming\Adobe
2011-04-23 14:32:34 ----D---- C:\ProgramData\Adobe
2011-04-18 03:39:13 ----D---- C:\Windows\Microsoft.NET
2011-04-18 03:38:43 ----RSD---- C:\Windows\assembly
2011-04-18 03:30:41 ----A---- C:\Windows\ricdb.ini
2011-04-18 03:26:20 ----D---- C:\Program Files\Windows Mail
2011-04-18 03:10:35 ----D---- C:\ProgramData\Microsoft Help
2011-04-18 03:04:53 ----D---- C:\Windows\system32\catroot2
2011-04-18 03:02:39 ----D---- C:\Windows\Debug
2011-04-18 03:02:38 ----A---- C:\Windows\system32\mrt.exe
2011-04-10 12:03:35 ----SD---- C:\Users\Labo\AppData\Roaming\Microsoft
2011-04-08 14:46:35 ----D---- C:\Windows\rescache
2011-04-08 14:28:09 ----D---- C:\Windows\system32\nl-NL
2011-04-08 14:28:09 ----D---- C:\Program Files\Internet Explorer
2011-04-08 14:28:08 ----RD---- C:\Windows\Offline Web Pages
2011-04-08 14:28:08 ----D---- C:\Windows\system32\wbem
2011-04-08 14:28:08 ----D---- C:\Windows\system32\migration
2011-04-08 14:28:08 ----D---- C:\Windows\system32\en-US
2011-04-08 14:28:08 ----D---- C:\Windows\PolicyDefinitions
2011-04-08 14:28:07 ----SD---- C:\Windows\Downloaded Program Files
2011-04-08 14:23:54 ----D---- C:\Windows\Logs
2011-04-08 13:36:40 ----D---- C:\Program Files\Windows Live
2011-04-08 13:28:32 ----DC---- C:\Windows\system32\DRVSTORE
2011-04-08 13:23:24 ----D---- C:\Program Files\Common Files
2011-04-08 13:23:21 ----D---- C:\Windows\Tasks
2011-04-08 13:23:21 ----D---- C:\ProgramData\DriverCure
2011-04-08 13:02:48 ----D---- C:\Program Files\Microsoft
2011-04-08 12:49:16 ----D---- C:\Program Files\Common Files\Adobe
2011-04-08 12:49:11 ----D---- C:\Program Files\Adobe
2011-04-08 12:47:52 ----D---- C:\Program Files\ATI Technologies
2011-04-08 11:15:26 ----D---- C:\Windows\Prefetch
2011-04-08 11:02:03 ----AD---- C:\ProgramData\TEMP
2011-04-07 08:51:41 ----D---- C:\Program Files\Vectorworks 2010 NL
2011-04-07 08:51:41 ----D---- C:\Program Files\Vectorworks 2009 NL
2011-04-06 16:34:31 ----D---- C:\Windows\Minidump

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2010-09-13 25680]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2010-09-07 26064]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2010-12-08 251728]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2010-09-07 34384]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2010-11-12 299984]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2010-10-24 165264]
R1 MpKsl3fecb45c;MpKsl3fecb45c; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0799B30-8AA8-415B-8012-672C143B6BC3}\MpKsl3fecb45c.sys [2011-04-25 28752]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-06-25 48128]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2009-06-25 44544]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2009-06-25 38400]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 7723008]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-03-09 239616]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdLH3.sys [2010-11-17 97296]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2010-08-03 123472]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2010-08-03 30288]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\AVGIDSShim.Sys [2010-08-03 27216]
R3 BCM43XX;Stuurprogramma voor de Dell draadloze WLAN-kaart; C:\Windows\system32\DRIVERS\bcmwl6.sys [2008-08-05 1207288]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2009-03-31 36608]
R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2008-11-12 54784]
R3 k57nd60x;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2011-03-14 350248]
R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2010-10-24 43392]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2010-10-24 54144]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2009-03-06 133632]
R3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2009-03-08 280096]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-03-09 7723008]
S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Akamai;Akamai NetSession Interface; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-03-09 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-01-06 6128720]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2009-03-31 233472]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2010-11-11 11736]
R2 PowerSave;PowerSave Service; C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe [2009-04-06 1002016]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2010-11-11 206360]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

De inhoud van info.txt:
info.txt logfile of random's system information tool 1.08 2011-04-25 16:19:47

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x13
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x13
32 Bit HP CIO Components Installer-->MsiExec.exe /I{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Community Help-->msiexec /qb /x {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Community Help-->MsiExec.exe /I{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}
Adobe Flash Player 10 ActiveX-->MsiExec.exe /X{E5D03B2E-B2D4-477F-A60D-8E1969D821FA}
Adobe Flash Player 10 Plugin-->MsiExec.exe /X{E6725026-A650-449C-897B-D6B7A5EEA058}
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Photoshop CS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}\setup.exe" -l0x13
Adobe Photoshop CS5-->C:\Program Files\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{15FEDA5F-141C-4127-8D7E-B962D1742728}"
Adobe Reader X (10.0.1) - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AA0000000001}
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x13 /remove
Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x13 /remove
Akamai NetSession Interface-->C:\Program Files\Common Files\Akamai\uninstall.exe
AMD APP SDK Runtime-->MsiExec.exe /I{A25FF1C0-80B6-4B8B-A551-DC525697A408}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ares 2.1.2-->"C:\Program Files\Ares\uninstall.exe"
ATI Catalyst Install Manager-->msiexec /q/x{BC1E438B-1292-C544-D333-6D9E7D9D8726} REBOOT=ReallySuppress
AVG 2011-->"C:\Program Files\AVG\AVG10\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2011-->MsiExec.exe /I{B3AEF776-7FFF-4C50-A402-9119E3849EE0}
AVG 2011-->MsiExec.exe /I{D4E53304-1F6C-4111-9872-1BCD2CF5B642}
CANON iMAGE GATEWAY MyCamera Download Plugin-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\MyCamera Download Plugin\MyCameraPluginUninstall.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon Internet Library for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\CIGUnInstall.ini"
Canon MOV Decoder-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Decoder170\CanonMOVDecoderUnInstall.ini"
Canon MOV Encoder-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon Utilities CameraWindow DC 8-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowDC8\Uninst.ini"
Canon Utilities CameraWindow Launcher-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\CameraWindowLauncher\Uninst.ini"
Canon Utilities Digital Photo Professional 3.9-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\Digital Photo Professional\Uninst.ini"
Canon Utilities Movie Uploader for YouTube-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\Movie Uploader for YouTube\Uninst.ini"
Canon Utilities MyCamera-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\CameraWindow\MyCamera\Uninst.ini"
Canon Utilities PhotoStitch-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\PhotoStitch\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files\Common Files\Canon\UIW\1.8.0.0\Uninst.exe" "C:\Program Files\Canon\ZoomBrowser EX MCU\Uninst.ini"
Catalyst Control Center - Branding-->MsiExec.exe /I{0E33EC53-22CE-426C-A88B-2AAC231BAC85}
CINEMA 4D 12.016-->"C:\Program Files\MAXON\CINEMA 4D R12\CINEMA 4D.exe" "C:\Program Files\MAXON\CINEMA 4D R12\resource\install20110304_112615.log" -uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Webcam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x13 /remove
Dell Webcam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x13 /remove
EDT 13-->C:\Program Files\InstallShield Installation Information\{7B039851-3C32-4064-89F2-95802DF23521}\setup.exe -runfromtemp -l0x0013 -uninst -removeonly
Express Zip File Compression Software-->C:\Program Files\NCH Software\ExpressZip\uninst.exe
Garmin City Navigator Europe NT 2009-->MsiExec.exe /X{2ABF6278-10AC-4EC0-97DE-36F9FF166CA0}
Garmin City Navigator Europe NT 2010 Update-->MsiExec.exe /X{C07B86C3-1816-4C59-927E-0287925DFB96}
Garmin Communicator Plugin-->MsiExec.exe /X{84CC9583-C2D6-42E6-A373-6FDDDA6A8BA6}
Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD}
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98736A65-3C79-49EC-B7E9-A3C77774B0E6}\setup.exe" -l0x13 -removeonly
Google SketchUp 6-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}\setup.exe" -l0x13 -removeonly
Google SketchUp Pro 7-->MsiExec.exe /X{C309F22B-19ED-4667-950C-2188A4B26E34}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Customer Participation Program 13.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat -forcereboot
HP Imaging Device Functions 13.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Officejet All-In-One Series-->C:\Program Files\HP\Digital Imaging\{3C43EAE7-22C0-4b33-ABFB-3757ECA5FD7B}\setup\hpzscr01.exe -datfile hpwscr10.dat
HP Photosmart Premium C309g-m All-in-One Driver Software 13.0 Rel. 6-->C:\Program Files\HP\Digital Imaging\{D850BEF5-67AF-4071-9538-FA9AC725D62C}\setup\hpzscr01.exe -datfile hposcr41.dat -onestop -forcereboot
HP Print Projects 1.0-->C:\Program Files\HP\Digital Imaging\HPPrintProjects\hpzscr01.exe -datfile hpqbud19.dat
HP Smart Web Printing 4.5-->C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpzscr01.exe -datfile hpqbud15.dat
HP Solution Center 13.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat -forcereboot
HP Update-->MsiExec.exe /X{7059BDA7-E1DB-442C-B7A1-6144596720A4}
IDX Renditioner Express Free-->MsiExec.exe /I{D9432306-513A-4695-977E-FC6AD9C3ED98}
Integrated Webcam Driver (1.06.03.0309) -->C:\Windows\CtDrvIns.exe -uninstall -script OA001.uns -plugin OA001Pin.dll -pluginres OA001Pin.crl -nodisconprompt -langid 0x0813
Java™ 6 Update 24-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216024FF}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Live! Cam Avatar Creator-->C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0013 -removeonly /remove
Live! Cam Avatar v1.0-->C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x0013 -removeonly /remove
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion-->MsiExec.exe /I{8142D25E-028A-4563-86ED-5755783C8029}
Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware Service NL-NL Language Pack-->MsiExec.exe /X{7C4C5B40-43E1-4890-AD50-E1E8F8446D5F}
Microsoft Antimalware-->MsiExec.exe /X{774088D4-0777-4D78-904D-E435B318F5D2}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Security Client NL-NL Language Pack-->MsiExec.exe /I{859B9BCA-5376-4566-9F88-C6C9DAA7A925}
Microsoft Security Client-->MsiExec.exe /I{77A776C4-D10F-416D-88F0-53F2D9DCD9B3}
Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Mozilla Firefox (3.6.16)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}
Packard Bell Software Suite-->C:\Program Files\Packard Bell\Software Suite\Uninstall.exe
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392}
Podium-->"C:\Program Files\Google\Google SketchUp 6\Plugins\Podium\unins000.exe"
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
SAMSUNG Mobile Composite Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe
Samsung Mobile Modem Device Software-->C:\Windows\system32\Samsung_USB_Drivers\7\SSECUninstall.exe
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0413 -removeonly
Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}
SAMSUNG USB Mobile Device Software-->C:\Windows\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe
SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}
Security Update for 2007 Microsoft Office System (KB2288621)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5C497F0B-2061-4CC9-A61C-6B45B867354D}
Security Update for 2007 Microsoft Office System (KB2288931)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {CD769337-C8AC-46DB-A7DC-643E50089263}
Security Update for 2007 Microsoft Office System (KB2345043)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {536FB502-775F-4494-BACE-C02CC90B7A5B}
Security Update for 2007 Microsoft Office System (KB2466156)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {CEF209AB-F96D-404F-B5CC-44057C057CA3}
Security Update for 2007 Microsoft Office System (KB2509488)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {AD0DE453-0804-4495-9C91-33D0F9AA5463}
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}
Security Update for Microsoft Office Excel 2007 (KB2464583)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {151E2FEA-C3A6-4CB6-BE6B-16651FDF04BE}
Security Update for Microsoft Office Groove 2007 (KB2494047)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}
Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
Security Update for Microsoft Office PowerPoint 2007 (KB2464594)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {E6B7C11E-21E9-4BA0-9677-29AD603B953C}
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
Security Update for Microsoft Office Publisher 2007 (KB2284697)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {3A4CDE54-2403-483D-8D9A-15E3264410DF}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Security Update for Microsoft Office Word 2007 (KB2344993)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
Shop for HP Supplies-->C:\Program Files\HP\Digital Imaging\HPSSupply\hpzscr01.exe -datfile hpqbud16.dat
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}
Update for Microsoft Office Outlook 2007 (KB2412171)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {752A0B7C-BD24-4362-AC86-AB63FEE6F46F}
Update for Outlook 2007 Junk Email Filter (KB2522999)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {CC8A81F7-5A36-4DE9-ABB3-5499132062C5}
Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
Vectorworks 2010 NL-->C:\Program Files\Vectorworks 2010 NL\Deinstalleer.exe
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\Windows\System32\DriverStore\FileRepository\grmnusb.inf_6b094708\grmnusb.inf
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync-->MsiExec.exe /X{B10914FD-8812-47A4-85A1-50FCDE7F1F33}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
Windows-stuurprogrammapakket - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC_van_Labo
Event Code: 4372
Message: De status van pakket KB981852(Security Update) wordt ingesteld op Installatie aangevraagd(Install Requested)
Record Number: 168197
Source Name: Microsoft-Windows-Servicing
Time Written: 20100910203818.000000-000
Event Type: Informatie
User: PC_van_Labo\Labo

Computer Name: PC_van_Labo
Event Code: 4371
Message: De status van pakket KB981852(Security Update) wordt gewijzigd van Installatie aangevraagd(Install Requested) naar Geïnstalleerd(Installed)
Record Number: 168196
Source Name: Microsoft-Windows-Servicing
Time Written: 20100910203818.000000-000
Event Type: Informatie
User: PC_van_Labo\Labo

Computer Name: PC_van_Labo
Event Code: 4372
Message: De status van pakket KB980436(Security Update) wordt ingesteld op Installatie aangevraagd(Install Requested)
Record Number: 168195
Source Name: Microsoft-Windows-Servicing
Time Written: 20100910203818.000000-000
Event Type: Informatie
User: PC_van_Labo\Labo

Computer Name: PC_van_Labo
Event Code: 4371
Message: De status van pakket KB980436(Security Update) wordt gewijzigd van Installatie aangevraagd(Install Requested) naar Geïnstalleerd(Installed)
Record Number: 168194
Source Name: Microsoft-Windows-Servicing
Time Written: 20100910203818.000000-000
Event Type: Informatie
User: PC_van_Labo\Labo

Computer Name: PC_van_Labo
Event Code: 4372
Message: De status van pakket KB2079403(Security Update) wordt ingesteld op Installatie aangevraagd(Install Requested)
Record Number: 168193
Source Name: Microsoft-Windows-Servicing
Time Written: 20100910203818.000000-000
Event Type: Informatie
User: PC_van_Labo\Labo

=====Application event log=====

Computer Name: 26L2233B1-13
Event Code: 5615
Message: De Windows Management Instrumentation-service is gestart
Record Number: 5
Source Name: Microsoft-Windows-WMI
Time Written: 20090416182224.000000-000
Event Type: Informatie
User:

Computer Name: 26L2233B1-13
Event Code: 4625
Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 4
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090416182222.000000-000
Event Type: Informatie
User:

Computer Name: 26L2233B1-13
Event Code: 900
Message: De Software Licensing-service wordt gestart.

Record Number: 3
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20090416182221.000000-000
Event Type: Informatie
User:

Computer Name: WIN-AHJHWQX7DXW
Event Code: 1531
Message: De User Profile-service is gestart.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090416182221.000000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

Computer Name: 26L2233B1-13
Event Code: 2
Message: Client van Certificate Services is gestopt.
Record Number: 1
Source Name: Microsoft-Windows-CertificateServicesClient
Time Written: 20080121025830.046400-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM

=====Security event log=====

Computer Name: PC_van_Labo
Event Code: 4648
Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_LABO$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:
Accountnaam: Labo
Accountdomein: PC_van_Labo
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:
Naam van doelserver: localhost
Aanvullende gegevens: localhost

Procesgegevens:
Proces-id: 0x30c
Procesnaam: C:\Windows\System32\winlogon.exe

Netwerkgegevens:
Netwerkadres: 127.0.0.1
Poort: 0

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.
Record Number: 52043
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100508073411.288558-000
Event Type: Controle geslaagd
User:

Computer Name: PC_van_Labo
Event Code: 5056
Message: Er is een cryptografische zelftest uitgevoerd.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_LABO$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7

Module: ncrypt.dll

Retourcode: 0x0
Record Number: 52042
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100508073411.132557-000
Event Type: Controle geslaagd
User:

Computer Name: PC_van_Labo
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 52041
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100508073407.700535-000
Event Type: Controle geslaagd
User:

Computer Name: PC_van_Labo
Event Code: 4624
Message: Er is een account aangemeld.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_LABO$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:
Proces-id: 0x284
Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -

Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 52040
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100508073407.700535-000
Event Type: Controle geslaagd
User:

Computer Name: PC_van_Labo
Event Code: 4648
Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_LABO$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:
Naam van doelserver: localhost
Aanvullende gegevens: localhost

Procesgegevens:
Proces-id: 0x284
Procesnaam: C:\Windows\System32\services.exe

Netwerkgegevens:
Netwerkadres: -
Poort: -

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.
Record Number: 52039
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100508073407.700535-000
Event Type: Controle geslaagd
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\AMD APP\bin\x86;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Windows Live\Shared;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"AMDAPPSDKROOT"=C:\Program Files\AMD APP\

-----------------EOF-----------------

---------- Post toegevoegd om 16:28 ---------- Vorige post was om 16:26 ----------

Zo, nu is het wel gelukt. :)

#7 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 25 april 2011 - 17:13



Verwijder nu de bestaande versie van Hijackthis, download een nieuwe versie en laat die scannen. Probeer dan of je het log via kopiëren en plakken wél in een volgende bericht kan zetten ?

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#8 MissyL

MissyL

    Nieuweling

  • Lid
  • Pip
  • 5 berichten

Geplaatst 25 april 2011 - 17:57

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:55:15, on 25/04/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe
C:\Users\Labo\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Packard Bell\Software Suite\pbDevDetect.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\sdclt.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (file missing)
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Packard Bell Software Suite] "C:\Program Files\Packard Bell\Software Suite\PBSoftSuite.exe" /run
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10m_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Labo\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://my.garmin.co...inAxControl.CAB
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka...vex-2.2.4.8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: PowerSave Service (PowerSave) - Packard Bell Services - C:\Program Files\Packard Bell\Software Suite\PowerSave\PSPBSSS.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7392 bytes

---------- Post toegevoegd om 18:57 ---------- Vorige post was om 18:55 ----------

Dit is wat we zochten :) denk ik toch

#9 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 25 april 2011 - 18:33



Dat zochten we inderdaad :-)

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: Search Assistant - {F0626A63-410B-45E2-99A1-3F2475B2D695} - C:\Program Files\SGPSA\BHO.dll (file missing)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.aka....ex-2.2.4.8.cab

Klik op 'Fix checked' om de items te verwijderen.

En dan is alles verder OK. Voor je antivirus kan je met AVG gewoon verder. Eén antivirusprogramma volstaat.

RSIT en HijackThis mag je nu verwijderen.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#10 MissyL

MissyL

    Nieuweling

  • Lid
  • Pip
  • 5 berichten

Geplaatst 25 april 2011 - 20:11

Beste Kape,

Alles is terug in orde, heel erg bedankt!

Groetjes Lore

#11 kweezie wabbit

kweezie wabbit

    Supervisor

  • Supervisor
  • 25726 berichten

Geplaatst 26 april 2011 - 06:06

Mooi zo. Dan gaan we nu de laatste opruiming doen.

Download CCleaner. (Als je het nog niet hebt)
Installeer het en start CCleaner op.
Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Bevestigen met JA of OK
Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.
Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.
Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, lees dan deze handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar kunnen besmette herstelpunten tussen zitten die je zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Configuratiescherm -> Systeem en Onderhoud -> Systeem -> tabblad "Systeembeveiliging" -> vinkje weghalen bij de schijf waarvan je de herstelpunten wil verwijderen -> klikken op "toepassen".
Dan krijg je de schermmelding “Weet u zeker dat u systeemherstel wil uitschakelen”. Klik hier op “Systeemherstel uitschakelen”. Dan zijn alle herstelpunten verwijderd op de aangeduide schijf.

Zet daarna opnieuw een vinkje bij de harde schijf. Maak meteen ook een nieuw herstelpunt, zodat je niet hoeft te wachten op een automatisch herstelpunt van het systeem.

Als je tevreden bent over ons, vertel het dan aan gans de wereld.
Als je niet tevreden bent, vertel het dan alleen aan ons.


Bezoek onze VIDEOZONE: info in woord en beeld !


#12 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40936 berichten

Geplaatst 26 april 2011 - 08:45

Uitstekend ... dan kunnen we dit onderwerp netjes op "opgelost" zetten :-)

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​





0 gebruiker(s) lezen dit onderwerp

0 leden, 0 gasten, 0 anonieme gebruikers

Over ons

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!