Spring naar inhoud

Guest's Foto
Welkom,
Guest
Wenst u zich te registreren?


Foto
- - - - -

Help.. Ik wil FLV Runner Toolbar - Virus Removal Guide verwijderen.


  • Log in om te reageren
28 reacties op dit onderwerp

#1 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 26 oktober 2012 - 14:38


Hallo allemaal...........bij het zoeken is er een programmaatje opgehaald.
Doordat we in Spanje zitten en de taal niet begreep, heb ik op ""ik weet niet wat"" geklikt en nu hebben we er een extra taakbalk bij, die ongewenst is.
We gebruiken Google Chrome.
Ik heb al het een en ander gevonden op internet, maar ik kan het niet de-installeren.
Ik wil het kwijt.............wat zijn de stappen ?

Nieuwsgierig naar het antwoord, groet ik, Betje.

#2 Asus

Asus

    Super Moderator

  • Super Moderator
  • 17585 berichten

Geplaatst 26 oktober 2012 - 16:47

Je topic werd verplaatst naar Bestrijding spyware, virussen, zo word je sneller geholpen door een malware-specialist.

Kan je het onderstaande uitvoeren ?...

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.
Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".
Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.
Sla deze op in een nieuwe map op de C schijf (bvb C:\hijackthis) en start hijackthis dan vanaf deze map.
De logjes kan je dan ook in die map terugvinden.

 [/HR]
2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".
Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

 [/HR]
3. Na het plaatsen van je logje wordt dit door een expert (Kape of Kweezie Wabbit) nagekeken en begeleidt hij jou verder door het ganse proces.

Tip!
Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.
Theory is when you know something, but it doesn't work ... practice is when something works, but you don't know why ...

#3 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 26 oktober 2012 - 20:18

Dag Asus,
Het kladblok is geopend.
Een hele lijst is opgehaald.
Ik kan echter de lijst niet selecteren zoals jij schrijft met Ctrl.A, vanaf hier ben ik het spoor bijster.............
Kun je de stappen duidelijker aangeven ?
Alvast bedankt, Betje.

#4 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 26 oktober 2012 - 21:24

Dag Asus,
Het kladblok is geopend.
Een hele lijst is opgehaald.
Ik kan echter de lijst niet selecteren zoals jij schrijft met Ctrl.A, vanaf hier ben ik het spoor bijster.............
Kun je de stappen duidelijker aangeven ?
Alvast bedankt, Betje.

#5 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40891 berichten

Geplaatst 26 oktober 2012 - 22:43

Selecteer alle lijnen van het kladblok, kies dan met rechtsklikken voor "kopiëren" ... open hier een nieuw bericht en kies voor "plakken". Dan zou de inhoud van je kladblok hier moeten verschijnen.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#6 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 10:46

Ik had in HiJack een hele lijst staan, maar een leeg kladblok..............
Ik neem aan, dat je het kladblok met de lijst toegestuurd wilt krijgen ?
En een "logje" wat bedoel je daarmee ? Is dat soms een icoontje ?


Doe het niet graag en liever niet, maar wanneer ik alles recover naar de fabrieksinstellingen, ben ik dan die bende kwijt ?

Groeten, Betje.

#7 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 10:48

Ff nog een keer.............'k zou wel de video willen bekijken, maar ik heb maar 100Mb per dag tot mijn beschikking, hier in Spanje.

Groeten, Betje.

#8 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40891 berichten

Geplaatst 27 oktober 2012 - 13:48

We gaan even iets anders proberen.

Download RSIT.
Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.
Klik op Continue in het disclaimer venster.
Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#9 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 16:26

info.txt logfile of random's system information tool 1.09 2012-10-27 17:03:44

======Uninstall list======


-->"C:\Program Files\Acer Games\Game Explorer Categories - main\Uninstall.exe"
-->"C:\Program Files\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe" -runfromtemp -l0x0409 -removeonly
-->"C:\Program Files\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Acer Crystal Eye Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer Crystal Eye Webcam-->"C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{3DB0448D-AD82-4923-B305-D001E521A964}\setup.exe" -runfromtemp -l0x413 -removeonly
Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x413 -removeonly
Acer Games-->"C:\Program Files\Acer Games\Uninstall.exe"
Acer Registration-->C:\Program Files\Acer\Registration\Uninstall.exe
Acer ScreenSaver-->C:\Program Files\Acer\Screensaver\Uninstall.exe
Acer Updater-->"C:\Program Files\InstallShield Installation Information\{EE171732-BEB4-4576-887D-CB62727F01CA}\setup.exe" -runfromtemp -l0x413 -removeonly
Acer VCM-->"C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -runfromtemp -l0x413 -removeonly
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10u_ActiveX.exe -maintain activex
Adobe Reader X (10.1.4) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Agatha Christie - Death on the Nile-->"C:\Program Files\Acer Games\Agatha Christie - Death on the Nile\uninstall\uninstaller.exe"
AndroidInstaller-->"C:\Program Files\InstallShield Installation Information\{523281E5-91DD-49F5-9D85-954148F7596A}\setup.exe" -runfromtemp -l0x0409 -removeonly
Anti-phishing Domain Advisor-->C:\ProgramData\Anti-phishing Domain Advisor\uninstall.exe
AVG 2012-->"C:\Program Files\AVG\AVG2012\avgmfapx.exe" /AppMode=SETUP /Uninstall
AVG 2012-->MsiExec.exe /I{38580E5E-AF78-4536-AD1E-6A62661372C5}
AVG 2012-->MsiExec.exe /I{B69C390B-826F-473C-86EB-7AD4950818C3}
Bejeweled 2 Deluxe-->"C:\Program Files\Acer Games\Bejeweled 2 Deluxe\uninstall\uninstaller.exe"
Bing Bar-->MsiExec.exe /X{C28D96C0-6A90-459E-A077-A6706F4EC0FC}
BitMeter-->"C:\Program Files\Codebox\BitMeter\uninstall.exe"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Chuzzle Deluxe-->"C:\Program Files\Acer Games\Chuzzle Deluxe\uninstall\uninstaller.exe"
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
eBay Worldwide-->MsiExec.exe /I{D3E5A972-9A15-427D-AE78-8181A5FD943C}
Everio MediaBrowser-->"C:\Program Files\InstallShield Installation Information\{5CA03ECF-B4A6-464B-9F5D-64D8B61B083F}\setup.exe" -runfromtemp -l0x0013UNINSTALL -removeonly
FATE-->"C:\Program Files\Acer Games\FATE\uninstall\uninstaller.exe"
Final Drive: Nitro-->"C:\Program Files\Acer Games\Final Drive Nitro\uninstall\uninstaller.exe"
Fotogalerija Windows Live-->MsiExec.exe /X{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}
Galeria de Fotografias do Windows Live-->MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galería fotográfica de Windows Live-->MsiExec.exe /X{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}
Galeria fotogràfica del Windows Live-->MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1}
Galeria fotografii usługi Windows Live-->MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie de photos Windows Live-->MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Galerie foto Windows Live-->MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
High-Definition Video Playback-->MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Identity Card-->C:\Program Files\Acer\Identity Card\Uninstall.exe
Insaniquarium Deluxe-->"C:\Program Files\Acer Games\Insaniquarium Deluxe\uninstall\uninstaller.exe"
Intel® Control Center-->C:\Program Files\Intel\Intel Control Center\uninstaller\SetupICC.exe -uninstall -force -confirm
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel® Rapid Storage Technology-->C:\Program Files\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall
Jewel Match 3-->"C:\Program Files\Acer Games\Jewel Match 3\uninstall\uninstaller.exe"
Jewel Quest Solitaire-->"C:\Program Files\Acer Games\Jewel Quest Solitaire\uninstall\uninstaller.exe"
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Launch Manager-->C:\Windows\UNINSTLMv4.EXE LMv4.UNI
Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office Professional Editie 2003-->MsiExec.exe /I{90110413-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Mobile Partner-->C:\Program Files\Mobile Partner\uninst.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyWinLocker 4-->MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
MyWinLocker Suite-->"C:\Program Files\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe" -runfromtemp -l0x0413 -removeonly
MyWinLocker Suite-->MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
Nero BackItUp 10 Help (CHM)-->MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
Nero BackItUp 10-->MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
Nero BurnRights 10 Help (CHM)-->MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
Nero BurnRights 10-->MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
Nero Control Center 10-->MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)-->MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10-->MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero CoverDesigner 10 Help (CHM)-->MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
Nero CoverDesigner 10-->MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
Nero DiscCopy Gadget 10-->MsiExec.exe /X{92EC1A84-7FFC-42DF-A8F6-79C21C4765A5}
Nero DiscCopyGadget 10 Help (CHM)-->MsiExec.exe /X{5F548A02-80BC-404D-BAE6-F05F9BF6B449}
Nero DiscSpeed 10 Help (CHM)-->MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10-->MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Express 10 Help (CHM)-->MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10-->MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero InCD-->MsiExec.exe /X{59482AA7-3E30-4B5E-A52F-4101DACC2707}
Nero InfoTool 10 Help (CHM)-->MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
Nero InfoTool 10-->MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
Nero Multimedia Suite 10 Essentials-->MsiExec.exe /I{89590A73-9AC3-48ED-B83E-6489900DED5A}
Nero StartSmart 10 Help (CHM)-->MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
Nero StartSmart 10-->MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
Nero Update-->MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
newsXpresso-->"C:\Program Files\InstallShield Installation Information\{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}\setup.exe" -runfromtemp -l0x0409 -removeonly
newsXpresso-->MsiExec.exe /X{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}
Penguins!-->"C:\Program Files\Acer Games\Penguins!\uninstall\uninstaller.exe"
Plants vs. Zombies - Game of the Year-->"C:\Program Files\Acer Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
Poczta usługi Windows Live-->MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live-->MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
PoiEdit-->C:\PROGRA~1\DNOTES~1\POIEDI~1\UNWISE.EXE C:\PROGRA~1\DNOTES~1\POIEDI~1\INSTALL.LOG
Polar Bowler-->"C:\Program Files\Acer Games\Polar Bowler\uninstall\uninstaller.exe"
Pošta Windows Live-->MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
Raccolta foto di Windows Live-->MsiExec.exe /X{ED16B700-D91F-44B0-867C-7EB5253CA38D}
Realtek Ethernet Controller Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek PCIE Card Reader-->"C:\Program Files\InstallShield Installation Information\{C1594429-8296-4652-BF54-9DBE4932A44C}\setup.exe" -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Shredder-->MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Skip-Bo - Castaway Caper-->"C:\Program Files\Acer Games\Skip-Bo - Castaway Caper\uninstall\uninstaller.exe"
Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120}
Skype™ 5.10-->MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
Slingo Deluxe-->"C:\Program Files\Acer Games\Slingo Deluxe\uninstall\uninstaller.exe"
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP
TomTom HOME-->MsiExec.exe /I{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}
Torchlight-->"C:\Program Files\Acer Games\Torchlight\uninstall\uninstaller.exe"
Tradewinds Legends-->"C:\Program Files\Acer Games\Tradewinds Legends\uninstall\uninstaller.exe"
TSST OEM Content-->MsiExec.exe /X{885AFEC2-0809-47CE-8B3F-00AEC19DDD5F}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update Installer for WildTangent Games App-->"C:\Program Files\WildTangent Games\App\Uninstall.exe"
Virtual Villagers 4 - The Tree of Life-->"C:\Program Files\Acer Games\Virtual Villagers 4 - The Tree of Life\uninstall\uninstaller.exe"
VoipBuster-->"C:\Program Files\VoipBuster.com\VoipBuster\unins000.exe"
WEB Partner-->C:\Program Files\WEB Partner\uninst.exe
Wedding Dash-->"C:\Program Files\Acer Games\Wedding Dash\uninstall\uninstaller.exe"
Welcome Center-->C:\Program Files\Acer\Welcome Center\Uninstall.exe
WildTangent Games App (Acer Games)-->"C:\Program Files\WildTangent Games\Touchpoints\acer\Uninstall.exe"
Windows Live Argazki Galeria-->MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F}
Windows Live Essentials-->MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials-->MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials-->MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}
Windows Live Essentials-->MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials-->MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453}
Windows Live Essentials-->MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419}
Windows Live Essentials-->MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials-->MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials-->MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3}
Windows Live Essentials-->MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07}
Windows Live Essentials-->MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}
Windows Live Essentials-->MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}
Windows Live Essentials-->MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials-->MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials-->MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Essentials-->MsiExec.exe /I{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}
Windows Live Essentials-->MsiExec.exe /I{F0F9505B-3ACF-4158-9311-D0285136AA00}
Windows Live Essentials-->MsiExec.exe /I{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}
Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}
Windows Live Essentials-->MsiExec.exe /I{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}
Windows Live Essentials-->MsiExec.exe /I{FEEF7F78-5876-438B-B554-C4CC426A4302}
Windows Live Fotogaléria-->MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie-->MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live Fotogalerie-->MsiExec.exe /X{FB79FDB7-4DE1-453D-99FE-9A880F57380E}
Windows Live Fotogalleri-->MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508}
Windows Live Fotoğraf Galerisi-->MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721}
Windows Live Fotótár-->MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Galeria de Fotos-->MsiExec.exe /X{F7A46527-DF1F-4B0F-9637-98547E189442}
Windows Live Galerija fotografija-->MsiExec.exe /X{E5377D46-83C5-445A-A1F1-830336B42A10}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail-->MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07}
Windows Live Mail-->MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}
Windows Live Mail-->MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail-->MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD}
Windows Live Mail-->MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437}
Windows Live Mail-->MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}
Windows Live Mail-->MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail-->MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB}
Windows Live Mail-->MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF}
Windows Live Mail-->MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail-->MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}
Windows Live Mail-->MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail-->MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}
Windows Live Mail-->MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail-->MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail-->MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail-->MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail-->MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mail-->MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}
Windows Live Mail-->MsiExec.exe /I{FA6CF94F-DACF-4FE7-959D-55C421B91B17}
Windows Live Mesh-->MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4}
Windows Live Mesh-->MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh-->MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5}
Windows Live Mesh-->MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5}
Windows Live Mesh-->MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}
Windows Live Mesh-->MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh-->MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}
Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh-->MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}
Windows Live Mesh-->MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh-->MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB}
Windows Live Mesh-->MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B}
Windows Live Mesh-->MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh-->MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}
Windows Live Mesh-->MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}
Windows Live Mesh-->MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh-->MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh-->MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh-->MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh-->MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}
Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh-->MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F}
Windows Live Mesh-->MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh-->MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh-->MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}
Windows Live Mesh-->MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh-->MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Mesh-->MsiExec.exe /I{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}
Windows Live Mesh-->MsiExec.exe /I{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker-->MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453}
Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker-->MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60}
Windows Live Movie Maker-->MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker-->MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker-->MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E}
Windows Live Movie Maker-->MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker-->MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}
Windows Live Movie Maker-->MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker-->MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}
Windows Live Movie Maker-->MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1}
Windows Live Movie Maker-->MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker-->MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker-->MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker-->MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}
Windows Live Movie Maker-->MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker-->MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}
Windows Live Movie Maker-->MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}
Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker-->MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F}
Windows Live Movie Maker-->MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker-->MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}
Windows Live Movie Maker-->MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}
Windows Live Movie Maker-->MsiExec.exe /X{E4E88B54-4777-4659-967A-2EED1E6AFD83}
Windows Live Movie Maker-->MsiExec.exe /X{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}
Windows Live Movie Maker-->MsiExec.exe /X{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}
Windows Live Movie Maker-->MsiExec.exe /X{FF105207-8423-4E13-B0B1-50753170B245}
Windows Live Movie Maker-->MsiExec.exe /X{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}
Windows Live Movie Maker-->MsiExec.exe /X{FF737490-5A2D-4269-9D82-97DB2F7C0B09}
Windows Live Photo Common-->MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common-->MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common-->MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48}
Windows Live Photo Common-->MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common-->MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74}
Windows Live Photo Common-->MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}
Windows Live Photo Common-->MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common-->MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}
Windows Live Photo Common-->MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common-->MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common-->MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}
Windows Live Photo Common-->MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common-->MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}
Windows Live Photo Common-->MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}
Windows Live Photo Common-->MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common-->MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common-->MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common-->MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}
Windows Live Photo Common-->MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}
Windows Live Photo Common-->MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68}
Windows Live Photo Common-->MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common-->MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common-->MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common-->MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E}
Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Common-->MsiExec.exe /X{F0F5D89A-197C-495B-827E-3E98B811CD2E}
Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery-->MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}
Windows Live Photo Gallery-->MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6}
Windows Live Photo Gallery-->MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5}
Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live Photo Gallery-->MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947}
Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources-->MsiExec.exe /I{02602409-9189-4567-BC07-562605243B69}
Windows Live Remote Client Resources-->MsiExec.exe /I{05E47624-97C4-4B22-83C8-D4E30EC3EF02}
Windows Live Remote Client Resources-->MsiExec.exe /I{143DB9C9-3F0D-4DC7-A57B-A7E4F26FA12E}
Windows Live Remote Client Resources-->MsiExec.exe /I{244C5A67-39DC-4C6C-BF1B-BCC9D342A4C4}
Windows Live Remote Client Resources-->MsiExec.exe /I{2852BC06-B850-4518-97E6-CD136FE75683}
Windows Live Remote Client Resources-->MsiExec.exe /I{2B3EA5DA-D040-48FB-813F-1CF8C0123698}
Windows Live Remote Client Resources-->MsiExec.exe /I{30E82CD5-6E97-4381-86EB-548202A6D5B7}
Windows Live Remote Client Resources-->MsiExec.exe /I{3BC3B1A5-30E3-4DDB-BE08-E7262B838B5F}
Windows Live Remote Client Resources-->MsiExec.exe /I{41B72CAF-036B-4E0A-8D22-F5DF7C970434}
Windows Live Remote Client Resources-->MsiExec.exe /I{454F5782-A4C3-480E-A629-D435795DEFD8}
Windows Live Remote Client Resources-->MsiExec.exe /I{464B3406-A4D0-4914-910F-7CA4380DCC13}
Windows Live Remote Client Resources-->MsiExec.exe /I{4B1EDAFC-B0EB-465F-886C-24FAC1BED2AC}
Windows Live Remote Client Resources-->MsiExec.exe /I{5C8BC258-A629-4DF2-97D0-E106C2A9B1BD}
Windows Live Remote Client Resources-->MsiExec.exe /I{6255D9FC-427F-4867-84DB-164DBEA0661F}
Windows Live Remote Client Resources-->MsiExec.exe /I{66B0B400-22AB-47E6-8673-38A5D37F6331}
Windows Live Remote Client Resources-->MsiExec.exe /I{7846B719-862C-468A-9FD0-4769D2590535}
Windows Live Remote Client Resources-->MsiExec.exe /I{7962DFC7-BBD8-4FA1-B510-46A993C2BF94}
Windows Live Remote Client Resources-->MsiExec.exe /I{7A143876-9658-4A58-82E7-B5F02D942957}
Windows Live Remote Client Resources-->MsiExec.exe /I{84D3CB13-C7EE-4A29-817E-D82697320BF5}
Windows Live Remote Client Resources-->MsiExec.exe /I{A4C16B19-10AA-4990-AA87-D14F653E3345}
Windows Live Remote Client Resources-->MsiExec.exe /I{A9ABC0A6-DC01-4102-BEC9-86974A73B214}
Windows Live Remote Client Resources-->MsiExec.exe /I{B512307E-543D-457E-B759-75E0D5B0BCDF}
Windows Live Remote Client Resources-->MsiExec.exe /I{B6F55C3E-30EE-4D25-8BAD-CEE4BF8C78EB}
Windows Live Remote Client Resources-->MsiExec.exe /I{C30628D8-D3A0-4F23-90F0-F145808087B6}
Windows Live Remote Client Resources-->MsiExec.exe /I{CD6CB7F1-1B8E-424A-9B81-F8D2F03958EC}
Windows Live Remote Client Resources-->MsiExec.exe /I{DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
Windows Live Remote Client Resources-->MsiExec.exe /I{E1629C45-9CEF-498E-83CD-D6A09CADA176}
Windows Live Remote Client Resources-->MsiExec.exe /I{E7FB0043-24A5-4B30-AED6-01B47B44CB67}
Windows Live Remote Client Resources-->MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}
Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources-->MsiExec.exe /I{065241D0-A178-4F24-8A09-691761A8957B}
Windows Live Remote Service Resources-->MsiExec.exe /I{0891B708-EF3F-4D7E-9724-265245F46276}
Windows Live Remote Service Resources-->MsiExec.exe /I{0A1651F1-7E0F-4613-93FE-967F5BC3C1B7}
Windows Live Remote Service Resources-->MsiExec.exe /I{17504ED4-DB08-40A8-81C2-27D8C01581DA}
Windows Live Remote Service Resources-->MsiExec.exe /I{201B5096-AF6E-423E-B987-023E040D9B42}
Windows Live Remote Service Resources-->MsiExec.exe /I{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}
Windows Live Remote Service Resources-->MsiExec.exe /I{3BFB2388-64EE-4AAA-9235-5FE725FED6DE}
Windows Live Remote Service Resources-->MsiExec.exe /I{41E4FA4B-9376-4C32-AA46-65FCC0087CD5}
Windows Live Remote Service Resources-->MsiExec.exe /I{448702D4-83DD-4EFC-B09B-94AD6CA0D978}
Windows Live Remote Service Resources-->MsiExec.exe /I{5008BC55-FD3D-4A32-A1B7-610E18F4D220}
Windows Live Remote Service Resources-->MsiExec.exe /I{61A5DE19-BE38-45AF-A9BC-73E49703315E}
Windows Live Remote Service Resources-->MsiExec.exe /I{7612E28A-C4DB-4259-AA91-CB02B1BCF623}
Windows Live Remote Service Resources-->MsiExec.exe /I{82EE333F-45A9-4585-A5D9-31FE16B7FB25}
Windows Live Remote Service Resources-->MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}
Windows Live Remote Service Resources-->MsiExec.exe /I{93C6647F-AFE0-4CC2-8809-28A0B320D11B}
Windows Live Remote Service Resources-->MsiExec.exe /I{97124033-1253-4474-8B25-1AB314A920E6}
Windows Live Remote Service Resources-->MsiExec.exe /I{AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
Windows Live Remote Service Resources-->MsiExec.exe /I{AC0628FF-532F-4800-91EC-40903B04682F}
Windows Live Remote Service Resources-->MsiExec.exe /I{AC259A12-6CD9-486D-A97A-B619EB46225A}
Windows Live Remote Service Resources-->MsiExec.exe /I{BA8D4CEF-D23D-44AB-8A89-66E602253791}
Windows Live Remote Service Resources-->MsiExec.exe /I{C1015024-0BF1-4B51-8A06-C28953687DA7}
Windows Live Remote Service Resources-->MsiExec.exe /I{C411942C-C26B-4450-8B9A-173DCC22AEC6}
Windows Live Remote Service Resources-->MsiExec.exe /I{C4E7704D-5AFB-44CA-B8BA-F16C8FA46D5F}
Windows Live Remote Service Resources-->MsiExec.exe /I{CB240A71-3AFC-4429-B4D4-F965B8C4267E}
Windows Live Remote Service Resources-->MsiExec.exe /I{D378BEA1-912E-4827-B9DB-D3B2C3D0BD4A}
Windows Live Remote Service Resources-->MsiExec.exe /I{D3CAE2CA-BE71-4CA4-9EB9-46E1C82E778B}
Windows Live Remote Service Resources-->MsiExec.exe /I{DEDF8BAB-98D7-4CFA-9C42-27431EC4BD1F}
Windows Live Remote Service Resources-->MsiExec.exe /I{E6617B44-D556-49AC-B2A3-01451E115043}
Windows Live Remote Service Resources-->MsiExec.exe /I{F81DB83D-A016-45A6-A6A0-135B1E6939EF}
Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Temel Parçalar-->MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{DF71ABBB-B834-41C0-BB58-80B0545D754C}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E5DD4723-FE0B-436E-A815-DC23CF902A0B}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{EA777812-4905-4C08-8F6E-13BDCC734609}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources-->MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources-->MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}
Windows Live Writer Resources-->MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources-->MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}
Windows Live Writer Resources-->MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8}
Windows Live Writer Resources-->MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources-->MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}
Windows Live Writer Resources-->MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources-->MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources-->MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources-->MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}
Windows Live Writer Resources-->MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}
Windows Live Writer Resources-->MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229}
Windows Live Writer Resources-->MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources-->MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}
Windows Live Writer Resources-->MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources-->MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer Resources-->MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656}
Windows Live Writer Resources-->MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}
Windows Live Writer Resources-->MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources-->MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources-->MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}
Windows Live Writer Resources-->MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}
Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources-->MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer Resources-->MsiExec.exe /X{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}
Windows Live Writer Resources-->MsiExec.exe /X{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}
Windows Live Writer Resources-->MsiExec.exe /X{F52C5BE7-3F57-464E-8A54-908402E43CE8}
Windows Live Writer-->MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}
Windows Live Writer-->MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer-->MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer-->MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}
Windows Live Writer-->MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer-->MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer-->MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}
Windows Live Writer-->MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer-->MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer-->MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer-->MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer-->MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}
Windows Live Writer-->MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13}
Windows Live Writer-->MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}
Windows Live Writer-->MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer-->MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F}
Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer-->MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}
Windows Live Writer-->MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer-->MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812}
Windows Live Writer-->MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer-->MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
Windows Live Writer-->MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999}
Windows Live Writer-->MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}
Windows Live Writer-->MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}
Windows Live Writer-->MsiExec.exe /X{E55E0C35-AC3C-4683-BA2F-834348577B80}
Windows Live Writer-->MsiExec.exe /X{E62E0550-C098-43A2-B54B-03FB1E634483}
Windows Live Writer-->MsiExec.exe /X{E8524B28-3BBB-4763-AC83-0E83FE31C350}
Windows Live 影像中心-->MsiExec.exe /X{EEF99142-3357-402C-B298-DEC303E12D92}
Windows Live 程式集-->MsiExec.exe /I{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}
Windows Live-->MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
Windows Liven asennustyökalu-->MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08}
Windows Liven sähköposti-->MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}
Windows Liven valokuvavalikoima-->MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866}
Zuma Deluxe-->"C:\Program Files\Acer Games\Zuma Deluxe\uninstall\uninstaller.exe"
Συλλογή φωτογραφιών του Windows Live-->MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}
Основные компоненты Windows Live-->MsiExec.exe /I{E83DC314-C926-4214-AD58-147691D6FE9F}
Почта Windows Live-->MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Фотоальбом Windows Live-->MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Фотогалерия на Windows Live-->MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
גלריית התמונות של Windows Live-->MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}
بريد Windows Live-->MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}
معرض صور Windows Live-->MsiExec.exe /X{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}


======System event log======


Computer Name: WIN-VHFH9EBO6FI
Event Code: 7036
Message: De Windows Search-service heeft nu de status stopped.
Record Number: 1724
Source Name: Service Control Manager
Time Written: 20111028232704.214631-000
Event Type: Informatie
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 7040
Message: Het opstarttype van de service Windows Search is gewijzigd van auto start in disabled.
Record Number: 1723
Source Name: Service Control Manager
Time Written: 20111028232702.623428-000
Event Type: Informatie
User: LausenElze-PC\Administrator


Computer Name: WIN-VHFH9EBO6FI
Event Code: 104
Message: Logboekbestand Setup is gewist.
Record Number: 1722
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111028232648.365003-000
Event Type: Informatie
User: LausenElze-PC\Administrator


Computer Name: WIN-VHFH9EBO6FI
Event Code: 104
Message: Logboekbestand Application is gewist.
Record Number: 1721
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111028232648.318203-000
Event Type: Informatie
User: LausenElze-PC\Administrator


Computer Name: WIN-VHFH9EBO6FI
Event Code: 104
Message: Logboekbestand System is gewist.
Record Number: 1720
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111028232648.302603-000
Event Type: Informatie
User: LausenElze-PC\Administrator


=====Application event log=====


Computer Name: LausenElze-PC
Event Code: 1532
Message: De User Profile-service is gestopt.




Record Number: 2756
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20111028232927.929284-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM


Computer Name: WIN-VHFH9EBO6FI
Event Code: 258
Message: De schijfdefragmentatie heeft defragmentation op SYSTEM RESERVED voltooid
Record Number: 2755
Source Name: Microsoft-Windows-Defrag
Time Written: 20111028232716.000000-000
Event Type: Informatie
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 1003
Message: De Windows Search-service is gestart.


Record Number: 2754
Source Name: Microsoft-Windows-Search
Time Written: 20111028232704.000000-000
Event Type: Informatie
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 1013
Message: De Windows Search-service is normaal gestopt.


Record Number: 2753
Source Name: Microsoft-Windows-Search
Time Written: 20111028232704.000000-000
Event Type: Informatie
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 103
Message: Windows (3788) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.
Record Number: 2752
Source Name: ESENT
Time Written: 20111028232703.000000-000
Event Type: Informatie
User:


=====Security event log=====


Computer Name: WIN-VHFH9EBO6FI
Event Code: 4624
Message: Er is een account aangemeld.


Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: WIN-VHFH9EBO6FI$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7


Aanmeldingstype: 5


Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}


Procesgegevens:
Proces-id: 0x254
Naam proces: C:\Windows\System32\services.exe


Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -


Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0


Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.


De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.


In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).


Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.


In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.


De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 616
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028232706.741835-000
Event Type: Controle geslaagd
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.


Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7


Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 615
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028232704.791832-000
Event Type: Controle geslaagd
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 4624
Message: Er is een account aangemeld.


Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: WIN-VHFH9EBO6FI$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7


Aanmeldingstype: 5


Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}


Procesgegevens:
Proces-id: 0x254
Naam proces: C:\Windows\System32\services.exe


Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -


Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0


Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.


De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.


In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).


Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.


In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.


De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 614
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028232704.791832-000
Event Type: Controle geslaagd
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 4738
Message: Er is een gebruikersaccount gewijzigd.


Onderwerp:
Beveiligings-id: S-1-5-21-863504456-2856911146-1323721928-500
Accountnaam: Administrator
Accountdomein: WIN-VHFH9EBO6FI
Aanmeldings-id: 0x21a95


Doelaccount:
Beveiligings-id: S-1-5-21-863504456-2856911146-1323721928-500
Accountnaam: Administrator
Accountdomein: WIN-VHFH9EBO6FI


Gewijzigde kenmerken:
SAM-accountnaam: -
Weergavenaam: -
Principal-naam van gebruiker: -
Basismap: -
Basisstation: -
Pad naar script: -
Pad naar profiel: -
Gebruikerswerkstations: -
Wachtwoord voor het laatst ingesteld: -
Account verloopt op: -
Primaire groeps-id: -
Mag overdragen aan: -
Oude UAC-waarde: 0x211
Nieuwe UAC-waarde: 0x211
Gebruikersaccountbeheer: -
Gebruikersparameters: -
SID-geschiedenis: -
Aantal uren aangemeld: -


Aanvullende gegevens:
Bevoegdheden: -
Record Number: 613
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20111028232648.489803-000
Event Type: Controle geslaagd
User:


Computer Name: WIN-VHFH9EBO6FI
Event Code: 1102
Message: Het controlelogboek is gewist.
Onderwerp:
Beveiligings-id: S-1-5-21-863504456-2856911146-1323721928-500
Accountnaam: Administrator
Domeinnaam: WIN-VHFH9EBO6FI
Aanmeldings-id: 0x21a95
Record Number: 612
Source Name: Microsoft-Windows-Eventlog
Time Written: 20111028232648.333803-000
Event Type: Controle geslaagd
User:


======Environment variables======


"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared;C:\Program Files\EgisTec MyWinLocker\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 28 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=1c0a
"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log
"windows_tracing_flags"=3


-----------------EOF-----------------

Logfile of random's system information tool 1.09 (written by random/random)
Run by Laus en Elze at 2012-10-27 17:01:52
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 253 GB (88%) free of 288 GB
Total RAM: 1012 MB (14% free)


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:27, on 27-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files\EgisTec IPS\PmmUpdate.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Acer\Android Manager\iSync.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Acer\Updater\iUpdate.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Nero\Tools\InCD\NBHGui.exe
C:\Program Files\Nero\Tools\InCD\InCD.exe
C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Codebox\BitMeter\BitMeter2.exe
C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\Downloads\RSIT.exe
C:\Program Files\trend micro\Laus en Elze.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe
O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe
O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\WEB Partner\WEB Partner
O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O4 - Global Startup: Camera Monitor SD.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe


--
End of file - 12336 bytes


======Scheduled tasks folder======


C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000UA.job


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773}]
TNS NIPO Clicks - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll [2012-01-16 151904]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-11 10025576]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-11 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-11 150552]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368]
"iSyncData"=C:\Program Files\Acer\Android Manager\iSync.exe [2011-05-10 408128]
"AndroidManager"=C:\Program Files\Acer\Android Manager\AML.exe [2011-05-10 508992]
"iPatchData"=C:\Program Files\Acer\Updater\iUpdate.exe [2011-05-10 492096]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-07-31 1147488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-03-22 1406248]
"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]
"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18 116648]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-07-26 247768]
"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2012-09-13 23069600]
"Mobile Partner"=C:\Program Files\WEB Partner\WEB Partner []
"TNS NIPO Clicks"=C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe [2012-01-16 909664]


C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe
Camera Monitor SD.lnk - C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-24 218112]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv


======File associations======


.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*


======List of files/folders created in the last 1 month======


2012-10-27 17:01:54 ----D---- C:\Program Files\trend micro
2012-10-27 17:01:52 ----D---- C:\rsit
2012-10-26 20:52:06 ----D---- C:\Program Files\HiJack
2012-10-23 16:41:47 ----D---- C:\ProgramData\MSScanAppDataDir
2012-10-23 16:35:09 ----A---- C:\Windows\ODBC.INI
2012-10-23 16:34:49 ----A---- C:\Windows\system32\mdimon.dll
2012-10-18 19:01:21 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Wakoopa
2012-10-18 18:05:53 ----D---- C:\ProgramData\MyPoiWorld
2012-10-18 18:00:07 ----D---- C:\Program Files\Dnote Software
2012-10-11 10:29:04 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 10:28:58 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 10:28:38 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\crypt32.dll
2012-10-11 10:27:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 10:21:30 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-09-29 12:04:48 ----A---- C:\Windows\system32\OxpsConverter.exe


======List of files/folders modified in the last 1 month======


2012-10-27 17:03:16 ----D---- C:\Windows\Temp
2012-10-27 17:02:52 ----D---- C:\ProgramData\Bitmeter2
2012-10-27 17:01:54 ----RD---- C:\Program Files
2012-10-27 16:53:44 ----D---- C:\Windows\system32\drivers\AVG
2012-10-27 12:00:51 ----D---- C:\Windows\system32\config
2012-10-27 11:53:41 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Skype
2012-10-27 11:47:58 ----D---- C:\ProgramData\MFAData
2012-10-26 23:33:47 ----D---- C:\Windows\Microsoft.NET
2012-10-26 20:52:09 ----SHD---- C:\Windows\Installer
2012-10-26 20:52:07 ----SD---- C:\Users\Laus en Elze\AppData\Roaming\Microsoft
2012-10-26 20:51:35 ----SHD---- C:\System Volume Information
2012-10-26 19:06:44 ----D---- C:\Windows\system32\catroot2
2012-10-25 23:09:42 ----A---- C:\Windows\win.ini
2012-10-25 23:09:28 ----D---- C:\Program Files\Common Files\System
2012-10-25 15:19:06 ----D---- C:\Windows\system32\NDF
2012-10-23 18:03:03 ----D---- C:\Windows\system32\Tasks
2012-10-23 17:07:55 ----D---- C:\Windows\SHELLNEW
2012-10-23 17:03:43 ----D---- C:\Windows
2012-10-23 17:00:07 ----D---- C:\ProgramData\Microsoft Help
2012-10-23 17:00:06 ----RSD---- C:\Windows\assembly
2012-10-23 16:57:47 ----SD---- C:\ProgramData\Microsoft
2012-10-23 16:57:47 ----D---- C:\Program Files\Microsoft Office
2012-10-23 16:57:46 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-10-23 16:57:46 ----D---- C:\Program Files\Common Files\microsoft shared
2012-10-23 16:56:50 ----D---- C:\Program Files\MSBuild
2012-10-23 16:41:47 ----HD---- C:\ProgramData
2012-10-23 16:34:49 ----D---- C:\Windows\System32
2012-10-23 16:30:38 ----D---- C:\Windows\inf
2012-10-23 16:22:51 ----D---- C:\Windows\system
2012-10-23 16:21:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-19 14:44:09 ----D---- C:\Program Files\Common Files
2012-10-11 14:08:05 ----D---- C:\Windows\winsxs
2012-10-11 14:06:20 ----D---- C:\Windows\system32\nl-NL
2012-10-11 14:06:20 ----D---- C:\Windows\system32\fr-FR
2012-10-11 14:06:20 ----D---- C:\Windows\system32\en-US
2012-10-11 14:06:16 ----D---- C:\Windows\system32\drivers
2012-10-11 10:46:50 ----D---- C:\Windows\debug
2012-10-11 10:46:37 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 10:27:41 ----D---- C:\Windows\system32\catroot


======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-07-31 27496]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-26 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-26 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-26 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-24 4807168]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-11 3396136]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-07 252520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-03-24 204288]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]
S3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]


======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944]
R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632]
R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-07-31 830048]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]


-----------------EOF-----------------

#10 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 16:31

Logfile of random's system information tool 1.09 (written by random/random)
Run by Laus en Elze at 2012-10-27 17:01:52
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 253 GB (88%) free of 288 GB
Total RAM: 1012 MB (14% free)


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:03:27, on 27-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files\EgisTec IPS\PmmUpdate.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Acer\Android Manager\iSync.exe
C:\Program Files\Launch Manager\LMworker.exe
C:\Program Files\Acer\Updater\iUpdate.exe
C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\EgisTec IPS\EgisUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Nero\Tools\InCD\NBHGui.exe
C:\Program Files\Nero\Tools\InCD\InCD.exe
C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe
C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe
C:\Program Files\Acer\Acer VCM\AcerVCM.exe
C:\Program Files\Codebox\BitMeter\BitMeter2.exe
C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\Downloads\RSIT.exe
C:\Program Files\trend micro\Laus en Elze.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe
O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe
O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\WEB Partner\WEB Partner
O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer VCM.lnk = ?
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O4 - Global Startup: Camera Monitor SD.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe


--
End of file - 12336 bytes


======Scheduled tasks folder======


C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000UA.job


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773}]
TNS NIPO Clicks - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll [2012-01-16 151904]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-11 10025576]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-11 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-11 150552]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368]
"iSyncData"=C:\Program Files\Acer\Android Manager\iSync.exe [2011-05-10 408128]
"AndroidManager"=C:\Program Files\Acer\Android Manager\AML.exe [2011-05-10 508992]
"iPatchData"=C:\Program Files\Acer\Updater\iUpdate.exe [2011-05-10 492096]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-07-31 1147488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-03-22 1406248]
"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]
"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18 116648]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-07-26 247768]
"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2012-09-13 23069600]
"Mobile Partner"=C:\Program Files\WEB Partner\WEB Partner []
"TNS NIPO Clicks"=C:\Users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe [2012-01-16 909664]


C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer VCM.lnk - C:\Program Files\Acer\Acer VCM\AcerVCM.exe
Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe
Camera Monitor SD.lnk - C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-24 218112]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv


======File associations======


.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*


======List of files/folders created in the last 1 month======


2012-10-27 17:01:54 ----D---- C:\Program Files\trend micro
2012-10-27 17:01:52 ----D---- C:\rsit
2012-10-26 20:52:06 ----D---- C:\Program Files\HiJack
2012-10-23 16:41:47 ----D---- C:\ProgramData\MSScanAppDataDir
2012-10-23 16:35:09 ----A---- C:\Windows\ODBC.INI
2012-10-23 16:34:49 ----A---- C:\Windows\system32\mdimon.dll
2012-10-18 19:01:21 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Wakoopa
2012-10-18 18:05:53 ----D---- C:\ProgramData\MyPoiWorld
2012-10-18 18:00:07 ----D---- C:\Program Files\Dnote Software
2012-10-11 10:29:04 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 10:28:58 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 10:28:38 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\crypt32.dll
2012-10-11 10:27:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 10:21:30 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-09-29 12:04:48 ----A---- C:\Windows\system32\OxpsConverter.exe


======List of files/folders modified in the last 1 month======


2012-10-27 17:03:16 ----D---- C:\Windows\Temp
2012-10-27 17:02:52 ----D---- C:\ProgramData\Bitmeter2
2012-10-27 17:01:54 ----RD---- C:\Program Files
2012-10-27 16:53:44 ----D---- C:\Windows\system32\drivers\AVG
2012-10-27 12:00:51 ----D---- C:\Windows\system32\config
2012-10-27 11:53:41 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Skype
2012-10-27 11:47:58 ----D---- C:\ProgramData\MFAData
2012-10-26 23:33:47 ----D---- C:\Windows\Microsoft.NET
2012-10-26 20:52:09 ----SHD---- C:\Windows\Installer
2012-10-26 20:52:07 ----SD---- C:\Users\Laus en Elze\AppData\Roaming\Microsoft
2012-10-26 20:51:35 ----SHD---- C:\System Volume Information
2012-10-26 19:06:44 ----D---- C:\Windows\system32\catroot2
2012-10-25 23:09:42 ----A---- C:\Windows\win.ini
2012-10-25 23:09:28 ----D---- C:\Program Files\Common Files\System
2012-10-25 15:19:06 ----D---- C:\Windows\system32\NDF
2012-10-23 18:03:03 ----D---- C:\Windows\system32\Tasks
2012-10-23 17:07:55 ----D---- C:\Windows\SHELLNEW
2012-10-23 17:03:43 ----D---- C:\Windows
2012-10-23 17:00:07 ----D---- C:\ProgramData\Microsoft Help
2012-10-23 17:00:06 ----RSD---- C:\Windows\assembly
2012-10-23 16:57:47 ----SD---- C:\ProgramData\Microsoft
2012-10-23 16:57:47 ----D---- C:\Program Files\Microsoft Office
2012-10-23 16:57:46 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-10-23 16:57:46 ----D---- C:\Program Files\Common Files\microsoft shared
2012-10-23 16:56:50 ----D---- C:\Program Files\MSBuild
2012-10-23 16:41:47 ----HD---- C:\ProgramData
2012-10-23 16:34:49 ----D---- C:\Windows\System32
2012-10-23 16:30:38 ----D---- C:\Windows\inf
2012-10-23 16:22:51 ----D---- C:\Windows\system
2012-10-23 16:21:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-19 14:44:09 ----D---- C:\Program Files\Common Files
2012-10-11 14:08:05 ----D---- C:\Windows\winsxs
2012-10-11 14:06:20 ----D---- C:\Windows\system32\nl-NL
2012-10-11 14:06:20 ----D---- C:\Windows\system32\fr-FR
2012-10-11 14:06:20 ----D---- C:\Windows\system32\en-US
2012-10-11 14:06:16 ----D---- C:\Windows\system32\drivers
2012-10-11 10:46:50 ----D---- C:\Windows\debug
2012-10-11 10:46:37 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 10:27:41 ----D---- C:\Windows\system32\catroot


======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-07-31 27496]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-26 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-26 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-26 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-24 4807168]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-11 3396136]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-07 252520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-03-24 204288]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]
S3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]


======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944]
R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632]
R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-07-31 830048]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]


-----------------EOF-----------------

#11 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 16:34

Sorry, maar ik had niet helemaal onder controle, wat nu wel en wat nu niet weg gestuurd werd.

Ik hoop, dat je hier aanwijzingen in vind voor mij.............

Met vriendelijke groet, Betje

#12 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40891 berichten

Geplaatst 27 oktober 2012 - 16:34

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - Global Startup: Acer VCM.lnk = ?

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

[FONT=&]Download ComboFix van één van deze locaties:

Link 1
Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op[/FONT]
[FONT=&]
1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
3. Dubbelklik op "Combofix.exe" om de tool te starten.
4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht, samen met een nieuw logje van HijackThis.[/FONT]

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#13 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 21:08

ComboFix 12-10-26.05 - Laus en Elze 27-10-2012 21:38:40.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1252.31.1043.18.1012.200 [GMT 2:00]
Gestart vanuit: c:\users\Laus en Elze\Downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe
c:\users\Laus en Elze\AppData\Roaming\Error.log
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-27 to 2012-10-27 ))))))))))))))))))))))))))))))
.
.
2012-10-27 19:54 . 2012-10-27 19:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-27 15:01 . 2012-10-27 15:03 -------- d-----w- c:\program files\trend micro
2012-10-27 15:01 . 2012-10-27 15:03 -------- d-----w- C:\rsit
2012-10-26 18:52 . 2012-10-26 18:52 388096 ----a-r- c:\users\Laus en Elze\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-26 18:52 . 2012-10-26 18:52 -------- d-----w- c:\program files\HiJack
2012-10-25 15:51 . 2012-10-25 15:51 -------- d-----w- c:\users\Laus en Elze\AppData\Local\CRE
2012-10-23 14:41 . 2012-10-23 14:41 -------- d-----w- c:\programdata\MSScanAppDataDir
2012-10-23 14:34 . 2003-06-18 23:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2012-10-23 14:34 . 2003-06-18 23:31 17920 ----a-w- c:\windows\system32\mdimon.dll
2012-10-18 17:01 . 2012-10-18 17:01 -------- d-----w- c:\users\Laus en Elze\AppData\Roaming\Wakoopa
2012-10-18 17:01 . 2012-10-27 19:04 -------- d-----w- c:\users\Laus en Elze\AppData\Local\Wakoopa Shared
2012-10-18 17:00 . 2012-10-27 19:53 -------- d-----w- c:\users\Laus en Elze\AppData\Local\TNS NIPO Clicks
2012-10-18 16:06 . 2008-10-01 18:01 1995776 ----a-w- c:\windows\system32\vcl120.bpl
2012-10-18 16:06 . 2008-10-01 18:01 1095168 ----a-w- c:\windows\system32\rtl120.bpl
2012-10-18 16:05 . 2012-10-19 12:44 -------- d-----w- c:\programdata\MyPoiWorld
2012-10-18 16:00 . 2012-10-18 16:00 -------- d-----w- c:\program files\Dnote Software
2012-10-11 08:29 . 2012-08-24 16:57 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-11 08:27 . 2012-08-31 17:18 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-11 08:21 . 2012-08-10 23:56 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 08:21 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-11 08:21 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-29 10:04 . 2012-08-21 20:12 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-24 13:43 . 2012-08-24 13:43 301920 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2012-08-24 06:59 . 2012-09-25 13:54 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51 . 2012-09-25 13:54 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51 . 2012-09-25 13:54 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47 . 2012-09-25 13:54 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47 . 2012-09-25 13:54 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43 . 2012-09-25 13:54 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16 . 2012-09-13 09:05 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-13 09:05 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-13 09:05 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-13 09:05 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-02 16:57 . 2012-09-13 09:05 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-31 20:03 . 2012-07-31 20:03 27496 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-31 20:03 2086496 ----a-w- c:\program files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll" [2012-07-31 2086496]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\NBHShellExt]
@="{8D2223A2-B3C6-4e32-B096-CDD11F628C60}"
[HKEY_CLASSES_ROOT\CLSID\{8D2223A2-B3C6-4e32-B096-CDD11F628C60}]
2009-10-16 08:44 97072 ----a-w- c:\program files\Nero\Tools\InCD\NBHshx.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Mobile Partner"="c:\program files\WEB Partner\WEB Partner" [X]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2012-07-26 247768]
"VoipBuster"="c:\program files\VoipBuster.com\VoipBuster\voipbuster.exe" [2012-09-13 23069600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-02-11 10025576]
"SuiteTray"="c:\program files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-04-02 340848]
"EgisTecPMMUpdate"="c:\program files\EgisTec IPS\PmmUpdate.exe" [2011-03-29 408432]
"EgisUpdate"="c:\program files\EgisTec IPS\EgisUpdate.exe" [2011-03-29 202608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-11 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-11 150552]
"LManager"="c:\program files\Launch Manager\LManager.exe" [2011-07-01 1103440]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-10-08 1934632]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 715368]
"iSyncData"="c:\program files\Acer\Android Manager\iSync.exe" [2011-05-10 408128]
"AndroidManager"="c:\program files\Acer\Android Manager\AML.exe" [2011-05-10 508992]
"iPatchData"="c:\program files\Acer\Updater\iUpdate.exe" [2011-05-10 492096]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-31 1147488]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"NBAgent"="c:\program files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" [2011-03-22 1406248]
"NBHGui"="c:\program files\Nero\Tools\InCD\NBHGui.exe" [2009-10-16 1600816]
"InCD"="c:\program files\Nero\Tools\InCD\InCD.exe" [2009-10-16 1060136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-20 73216]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bitmeter2.lnk - c:\program files\Codebox\BitMeter\BitMeter2.exe [2011-4-17 1462272]
Camera Monitor SD.lnk - c:\program files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe [2012-7-19 541976]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files\Common Files\EgisTec\Services\EgisTicketService.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]
R3 GamesAppService;GamesAppService;c:\program files\WildTangent Games\App\GamesAppService.exe [x]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x]
S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 NeroRegInCDSrv;Nero Registry InCD Service;c:\program files\Nero\Tools\InCD\NBHRegInCDSrv.exe [x]
S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdriverx.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfilterx.sys [x]
S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys [x]
S3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\DRIVERS\NETwNs32.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000Core.job
- c:\users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18 19:18]
.
2012-10-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000UA.job
- c:\users\Laus en Elze\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18 19:18]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.nl/
mStart Page = hxxp://acer.msn.com
IE: &Verzenden naar OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKCU-Run-TNS NIPO Clicks - c:\users\Laus en Elze\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'Explorer.exe'(2868)
c:\program files\Nero\Tools\InCD\NBHshx.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\progra~1\AVG\AVG2012\avgrsx.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\Nero\Tools\InCD\InCDSrv.exe
c:\program files\Launch Manager\LMutilps32.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\taskhost.exe
.
**************************************************************************
.
Voltooingstijd: 2012-10-27 22:03:01 - machine werd herstart
ComboFix-quarantined-files.txt 2012-10-27 20:03
.
Pre-Run: 265.543.835.648 bytes beschikbaar
Post-Run: 265.561.333.760 bytes beschikbaar
.
- - End Of File - - 99CF2440963A14BA6B1157438F07FD73

#14 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 21:14

Logfile of random's system information tool 1.09 (written by random/random)
Run by Laus en Elze at 2012-10-27 22:12:52
Microsoft Windows 7 Starter Service Pack 1
System drive C: has 253 GB (88%) free of 288 GB
Total RAM: 1012 MB (16% free)


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:13:10, on 27-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal


Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Laus en Elze\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Laus en Elze\Desktop\RSIT.exe
C:\Program Files\trend micro\Laus en Elze.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [SuiteTray] "C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Power Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
O4 - HKLM\..\Run: [iSyncData] C:\Program Files\Acer\Android Manager\iSync.exe
O4 - HKLM\..\Run: [AndroidManager] C:\Program Files\Acer\Android Manager\AML.exe
O4 - HKLM\..\Run: [iPatchData] C:\Program Files\Acer\Updater\iUpdate.exe
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\WEB Partner\WEB Partner
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files\Codebox\BitMeter\BitMeter2.exe
O4 - Global Startup: Camera Monitor SD.lnk = ?
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Acer\Registration\GREGsvc.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: InCD Helper (InCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Nero Registry InCD Service (NeroRegInCDSrv) - Nero AG - C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe


--
End of file - 10061 bytes


======Scheduled tasks folder======


C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-863504456-2856911146-1323721928-1000UA.job


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]
AVG Do Not Track - C:\Program Files\AVG\AVG2012\avgdtiex.dll [2012-08-13 938104]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-08-13 4120256]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773}]
TNS NIPO Clicks - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll []


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-06-07 1152264]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll [2012-07-31 2086496]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-02-11 10025576]
"SuiteTray"=C:\Program Files\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-04-02 340848]
"EgisTecPMMUpdate"=C:\Program Files\EgisTec IPS\PmmUpdate.exe [2011-03-29 408432]
"EgisUpdate"=C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29 202608]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-01-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-01-11 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-01-11 150552]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2011-07-01 1103440]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-10-08 1934632]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 715368]
"iSyncData"=C:\Program Files\Acer\Android Manager\iSync.exe [2011-05-10 408128]
"AndroidManager"=C:\Program Files\Acer\Android Manager\AML.exe [2011-05-10 508992]
"iPatchData"=C:\Program Files\Acer\Updater\iUpdate.exe [2011-05-10 492096]
"Anti-phishing Domain Advisor"=C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [2012-05-03 217256]
"AVG_TRAY"=C:\Program Files\AVG\AVG2012\avgtray.exe [2012-07-31 2596984]
"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-07-31 1147488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
"NBAgent"=C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-03-22 1406248]
"NBHGui"=C:\Program Files\Nero\Tools\InCD\NBHGui.exe [2009-10-16 1600816]
"InCD"=C:\Program Files\Nero\Tools\InCD\InCD.exe [2009-10-16 1060136]


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2012-07-26 247768]
"VoipBuster"=C:\Program Files\VoipBuster.com\VoipBuster\voipbuster.exe [2012-09-13 23069600]
"Mobile Partner"=C:\Program Files\WEB Partner\WEB Partner []


C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bitmeter2.lnk - C:\Program Files\Codebox\BitMeter\BitMeter2.exe
Camera Monitor SD.lnk - C:\Program Files\PIXELA\Everio MediaBrowser\MBCameraMonitor.exe


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-10-24 218112]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2012-07-18 203776]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv


======File associations======


.js - edit - C:\Windows\System32\Notepad.exe %1


======List of files/folders created in the last 1 month======


2012-10-27 22:03:02 ----A---- C:\ComboFix.txt
2012-10-27 21:57:58 ----D---- C:\$RECYCLE.BIN
2012-10-27 21:34:47 ----A---- C:\Windows\zip.exe
2012-10-27 21:34:47 ----A---- C:\Windows\SWSC.exe
2012-10-27 21:34:47 ----A---- C:\Windows\SWREG.exe
2012-10-27 21:34:47 ----A---- C:\Windows\sed.exe
2012-10-27 21:34:47 ----A---- C:\Windows\PEV.exe
2012-10-27 21:34:47 ----A---- C:\Windows\NIRCMD.exe
2012-10-27 21:34:47 ----A---- C:\Windows\MBR.exe
2012-10-27 21:34:47 ----A---- C:\Windows\grep.exe
2012-10-27 21:34:12 ----D---- C:\Qoobox
2012-10-27 21:32:57 ----D---- C:\Windows\erdnt
2012-10-27 17:01:54 ----D---- C:\Program Files\trend micro
2012-10-27 17:01:52 ----D---- C:\rsit
2012-10-26 20:52:06 ----D---- C:\Program Files\HiJack
2012-10-23 16:41:47 ----D---- C:\ProgramData\MSScanAppDataDir
2012-10-23 16:35:09 ----A---- C:\Windows\ODBC.INI
2012-10-23 16:34:49 ----A---- C:\Windows\system32\mdimon.dll
2012-10-18 19:01:21 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Wakoopa
2012-10-18 18:05:53 ----D---- C:\ProgramData\MyPoiWorld
2012-10-18 18:00:07 ----D---- C:\Program Files\Dnote Software
2012-10-11 10:29:04 ----A---- C:\Windows\system32\wintrust.dll
2012-10-11 10:28:58 ----A---- C:\Windows\system32\tzres.dll
2012-10-11 10:28:38 ----A---- C:\Windows\system32\kernel32.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-10-11 10:28:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\winsrv.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\KernelBase.dll
2012-10-11 10:28:34 ----A---- C:\Windows\system32\conhost.exe
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-11 10:28:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptsvc.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\cryptnet.dll
2012-10-11 10:28:15 ----A---- C:\Windows\system32\crypt32.dll
2012-10-11 10:27:44 ----A---- C:\Windows\system32\drivers\ntfs.sys
2012-10-11 10:21:30 ----A---- C:\Windows\system32\kerberos.dll
2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-10-11 10:21:26 ----A---- C:\Windows\system32\ntkrnlpa.exe
2012-09-29 12:04:48 ----A---- C:\Windows\system32\OxpsConverter.exe


======List of files/folders modified in the last 1 month======


2012-10-27 22:03:08 ----D---- C:\Windows\system32\drivers
2012-10-27 22:03:05 ----D---- C:\Windows\Temp
2012-10-27 21:58:02 ----D---- C:\Windows
2012-10-27 21:58:02 ----A---- C:\Windows\system.ini
2012-10-27 21:57:56 ----D---- C:\Windows\system32\drivers\etc
2012-10-27 21:56:10 ----D---- C:\ProgramData\Bitmeter2
2012-10-27 21:56:00 ----D---- C:\Windows\Microsoft.NET
2012-10-27 21:46:59 ----D---- C:\Windows\System32
2012-10-27 21:46:58 ----D---- C:\Windows\AppPatch
2012-10-27 21:46:54 ----D---- C:\Program Files\Common Files
2012-10-27 19:40:06 ----D---- C:\Windows\system32\config
2012-10-27 19:06:54 ----D---- C:\ProgramData\MFAData
2012-10-27 17:01:54 ----RD---- C:\Program Files
2012-10-27 16:54:14 ----D---- C:\Windows\system32\drivers\AVG
2012-10-27 11:53:41 ----D---- C:\Users\Laus en Elze\AppData\Roaming\Skype
2012-10-26 20:52:09 ----SHD---- C:\Windows\Installer
2012-10-26 20:52:07 ----SD---- C:\Users\Laus en Elze\AppData\Roaming\Microsoft
2012-10-26 20:51:35 ----SHD---- C:\System Volume Information
2012-10-26 19:06:44 ----D---- C:\Windows\system32\catroot2
2012-10-25 23:09:42 ----A---- C:\Windows\win.ini
2012-10-25 23:09:28 ----D---- C:\Program Files\Common Files\System
2012-10-25 15:19:06 ----D---- C:\Windows\system32\NDF
2012-10-23 18:03:03 ----D---- C:\Windows\system32\Tasks
2012-10-23 17:07:55 ----D---- C:\Windows\SHELLNEW
2012-10-23 17:00:07 ----D---- C:\ProgramData\Microsoft Help
2012-10-23 17:00:06 ----RSD---- C:\Windows\assembly
2012-10-23 16:57:47 ----SD---- C:\ProgramData\Microsoft
2012-10-23 16:57:47 ----D---- C:\Program Files\Microsoft Office
2012-10-23 16:57:46 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-10-23 16:57:46 ----D---- C:\Program Files\Common Files\microsoft shared
2012-10-23 16:56:50 ----D---- C:\Program Files\MSBuild
2012-10-23 16:41:47 ----D---- C:\ProgramData
2012-10-23 16:30:38 ----D---- C:\Windows\inf
2012-10-23 16:22:51 ----D---- C:\Windows\system
2012-10-23 16:21:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-10-11 14:08:05 ----D---- C:\Windows\winsxs
2012-10-11 14:06:20 ----D---- C:\Windows\system32\nl-NL
2012-10-11 14:06:20 ----D---- C:\Windows\system32\fr-FR
2012-10-11 14:06:20 ----D---- C:\Windows\system32\en-US
2012-10-11 10:46:50 ----D---- C:\Windows\debug
2012-10-11 10:46:37 ----A---- C:\Windows\system32\MRT.exe
2012-10-11 10:27:41 ----D---- C:\Windows\system32\catroot


======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-06 354840]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-23 47968]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2012-07-26 237408]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2011-12-23 41040]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2012-08-24 301920]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2012-07-31 27496]
R1 InCDRec;Nero UDF File System Recognizer Driver; C:\Windows\system32\DRIVERS\InCDRec.sys [2009-10-16 19096]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-07-26 21600]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-07-26 16936]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-07-26 62240]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2011-12-23 139856]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\avgidsfilterx.sys [2011-12-23 24144]
R3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2011-12-23 17232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2010-10-24 4807168]
R3 InCDFs;Nero UDF File System Driver; C:\Windows\system32\DRIVERS\InCDFs.sys [2009-10-16 130200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-02-11 3396136]
R3 NETwNs32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\Windows\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-07 252520]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-10-08 1314736]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 catchme;catchme; \??\C:\Users\LAUSEN~1\AppData\Local\Temp\catchme.sys []
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2010-03-24 204288]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2010-03-25 105984]
S3 InCDPass;Nero InCDPass Driver; C:\Windows\system32\DRIVERS\InCDPass.sys [2009-10-16 48280]
S3 mbr;mbr; \??\C:\Users\LAUSEN~1\AppData\Local\Temp\mbr.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtl8187.sys [2010-01-07 375808]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]


======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======


R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avgfws;AVG Firewall; C:\Program Files\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE [2011-05-13 249648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 739944]
R2 GREGService;GREGService; C:\Program Files\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 IconMan_R;IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-07 1755136]
R2 InCDSrv;InCD Helper; C:\Program Files\Nero\Tools\InCD\InCDSrv.exe [2009-10-16 1420592]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2011-04-22 244624]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2010-05-04 503080]
R2 NeroRegInCDSrv;Nero Registry InCD Service; C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe [2009-10-16 53560]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 Skype C2C Service;Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-08-13 3064000]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-07-26 92632]
R2 vToolbarUpdater12.1.5;vToolbarUpdater12.1.5; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe [2012-07-31 830048]
S2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2011-04-02 173424]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 51040]


-----------------EOF-----------------

#15 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 21:20

Beste Kape,
Ik heb geprobeerd de stappen uit te voeren, echter een aantal regels zul je weer terug vinden, omdat ik die niet weg kreeg na verscheidene pogingen.
De Combofix log is verstuurd, maar via RSIT heb ik het log bestand in het kladblok gekregen, maar niet de info. Het logbestand heb ik net ook doorgestuurd.

Echter die verrekte TOOLBAR is nog steeds aanwezig.

Kan ik de AVG weer instellen..............?

Groeten, Betje.

#16 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 27 oktober 2012 - 21:23

Onderstaande regels kreeg ik niet weg.


O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Laus en Elze\AppData\Local\Wakoopa Shared\WakoopaBHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Anti-phishing Domain Advisor] "C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe"

Groeten, Betje.


#17 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40891 berichten

Geplaatst 28 oktober 2012 - 06:16

Download de Emsisoft Emergency Kit naar het bureaublad en pak het ZIP bestand uit.

  • Open de map "EmsisoftEmergencyKit" en dubbelklik op "Start.exe"
  • Klik nu op "Emergency Kit Scanner" u krijg nu een melding dat het is aanbevolen om eerst te updaten sta dit toe door te klikken op "Ja"

    Geplaatste Afbeelding


  • Als de update gereed is en de melding "Update process is succesvol afgerond" verschijnt klikt u op "menu" en dan op "Scan PC"
  • Selecteer de optie "Diep" als deze niet standaard al zo is ingesteld.
  • Klik Nu op de knop "Scan" en doe verder niets op de computer tijdens het scannen, deze scan kan een geruime tijd in beslag nemen dus wacht dit geduldig af.
  • Het venster met de waarschuwing over een verhoogd risico kunt u sluiten als de scan gereed is.
  • Zorg ervoor dat alle gevonden items zijn aangevinkt en druk dan op de knop "verwijder geselecteerde" u zal nu de volgende melding krijgen maar klik hier op "Ja"

    Geplaatste Afbeelding


  • Als het verwijderen gereed is klikt u op de knop "View report" en selecteert u het tekstbestand van deze scan met de naam zoals: a2scan_110730-111615.txt
  • Plaats de inhoud van dit LOG bestand straks in uw volgende bericht.
  • Herstart nu de computer.

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#18 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 28 oktober 2012 - 11:35

Sorry, ik moet wachten op een verbinding met onbeperkt internet.
Dagelijks heb ik maar 100 Mb tot mijn beschikking.
We reizen in Spanje met de camper en hebben internet via de Carrefour.
Prima voor dagelijks gebruik.

Eind van de week willen we naar een camperplaats met internet. Ik zal moeten wachten tot dan.

Tot nu toe heb ik veel bewondering voor je hulp.
Ik hoop, dat ik hier eind van de week op terug mag komen.

Voor nu een prettige zondag en tot later.............groeten, Betje.

#19 kape

kape

    Website Beheerder

  • Website Beheerder
  • 40891 berichten

Geplaatst 28 oktober 2012 - 19:18

Geen enkel probleem ... we lezen het wel als je weer on-line bent !

Hebben we je goed geholpen? Overweeg eens een donatie aan PC Helpforum.​


#20 Betje

Betje

    Lid

  • Lid
  • PipPipPip
  • 61 berichten

Geplaatst 28 oktober 2012 - 21:35

Goed, tot later.............

Tot zover, nogmaals bedankt...............groeten, Betje.




0 gebruiker(s) lezen dit onderwerp

0 leden, 0 gasten, 0 anonieme gebruikers

Over ons

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!