krid strea
-
Items
12 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door krid strea
-
-
Nee, alleen "openen" en dan het reeksje vanaf "kopiëren naar" tot "eigenschappen" van jouw printscreen...
-
Wat bedoel je met "Heb je de host-file al opgeruimd"? Was dat die massa bestanden die ik manueel heb verwijderd? Ja dan.
Maar ik slaag er niet in de log van HijackThis door te sturen. Het lukt me niet met Ctrl+A en Ctrl+C en Ctrl+V. Ik vind ook "Uitvoeren als administrator" niet als ik rechts klik op het HijackThis-icoon. Ik werk met Vista en dan zou dat misschien de reden kunnen zijn dat het niet lukt?
-
voor Kape
Het heeft wel een tijdje geduurd, maar hier is alvast de log van Malwarebytes:
Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Databaseversie: 6463
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005
28/04/2011 16:23:08
mbam-log-2011-04-28 (16-23-08).txt
Scantype: Snelle scan
Objecten gescand: 199892
Verstreken tijd: 5 minuut/minuten, 42 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 1
Registerdata geïnfecteerd: 1
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 4
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.
Registerdata geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (File Type Info - File Extension Search) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\programdata\d2a19a2f-c985-4076-abc0-31c24ef67457.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\dirk\AppData\Local\Temp\wrk1E8E.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\dirk\AppData\Local\Temp\wrk604E.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\dirk\AppData\Local\Temp\ins2396.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
-
Wat ik moest verwijderen is verwijderd.
Maar... in Hostexpert lukt Restore MS Hosts file niet want: Error: Cannot create file C:\Windows\System32\DRIVERS\ETC\hosts
Wat nu?
-
Voor Kurtt of webmaster
Logfile of random's system information tool 1.08 (written by random/random)
Run by dirk at 2011-04-27 15:37:32
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 321 GB (72%) free of 446 GB
Total RAM: 3069 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:37:47, on 27/04/2011
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\Verdiem\Edison\Edison.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\mmc.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Gast\Downloads\RSIT.exe
C:\Program Files\trend micro\dirk.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [Edison] "C:\Program Files\Verdiem\Edison\Edison.exe" /autolaunched
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1446336886-1062152450-4152672085-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1446336886-1062152450-4152672085-1000\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-21-1446336886-1062152450-4152672085-501\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Gast')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - https://site03.remoteoffice.citigroup.com/dana-cached/sc/JuniperSetupClient.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® DHTrace Controller (DHTRACE) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Edison Power Management Service (edsvc) - Verdiem - C:\Program Files\Verdiem\Edison\edsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel® NMSCore (NMSCore) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
O23 - Service: Intel® Quality Manager (QualityManager) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
--
End of file - 8323 bytes
======Scheduled tasks folder======
C:\Windows\tasks\EasyShare Registration Task.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\JkDefrag.job
C:\Windows\tasks\SmartDefrag.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NMSSupport"=C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [2007-06-27 439512]
"CCUTRAYICON"=C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [2007-06-27 215256]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-12-14 81920]
"WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2008-10-09 333120]
"Edison"=C:\Program Files\Verdiem\Edison\Edison.exe [2008-10-24 1799424]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2011-03-15 2071904]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-09 178712]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-10-11 1826816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]
C:\Program Files\GoogleEULA\EULALauncher.exe [2007-02-09 16896]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]
C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [2007-10-19 155648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]
C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2010-01-27 323584]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======List of files/folders created in the last 1 months======
2011-04-27 15:37:32 ----D---- C:\rsit
2011-04-26 09:16:29 ----D---- C:\Program Files\Trend Micro
2011-04-20 21:07:03 ----D---- C:\0d087d704fc93428a58a1aad51df
2011-04-15 12:57:50 ----A---- C:\Windows\system32\atmfd.dll
2011-04-15 12:57:49 ----A---- C:\Windows\system32\atmlib.dll
2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-04-15 12:57:46 ----A---- C:\Windows\system32\mfc42u.dll
2011-04-15 12:57:46 ----A---- C:\Windows\system32\mfc42.dll
2011-04-15 12:57:45 ----A---- C:\Windows\system32\drivers\srv.sys
2011-04-15 12:57:44 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-04-15 12:57:44 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-04-15 12:57:43 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-04-15 12:57:43 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-04-15 12:57:43 ----A---- C:\Windows\system32\dnsapi.dll
2011-04-15 12:57:38 ----A---- C:\Windows\system32\urlmon.dll
2011-04-15 12:57:38 ----A---- C:\Windows\system32\mshtmled.dll
2011-04-15 12:57:38 ----A---- C:\Windows\system32\mshtml.dll
2011-04-15 12:57:37 ----A---- C:\Windows\system32\wininet.dll
2011-04-15 12:57:37 ----A---- C:\Windows\system32\mstime.dll
2011-04-15 12:57:37 ----A---- C:\Windows\system32\ieframe.dll
2011-04-15 12:57:36 ----A---- C:\Windows\system32\msfeeds.dll
2011-04-15 12:57:36 ----A---- C:\Windows\system32\iepeers.dll
2011-04-15 12:57:36 ----A---- C:\Windows\system32\ieencode.dll
2011-04-15 12:57:36 ----A---- C:\Windows\system32\ieapfltr.dll
2011-04-15 12:57:32 ----A---- C:\Windows\system32\win32k.sys
2011-04-15 12:57:31 ----A---- C:\Windows\system32\vbscript.dll
2011-04-15 12:57:31 ----A---- C:\Windows\system32\jscript.dll
2011-04-15 12:57:31 ----A---- C:\Windows\system32\inetcomm.dll
2011-04-12 15:43:36 ----D---- C:\Program Files\WhatsRunning
======List of files/folders modified in the last 1 months======
2011-04-27 15:37:45 ----D---- C:\Windows\Prefetch
2011-04-27 15:37:36 ----D---- C:\Windows\Temp
2011-04-27 14:52:12 ----SHD---- C:\System Volume Information
2011-04-27 13:45:17 ----D---- C:\Windows\system32\drivers\Avg
2011-04-27 09:42:21 ----D---- C:\Windows\System32
2011-04-27 09:42:21 ----D---- C:\Windows\inf
2011-04-27 09:42:21 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-04-27 09:36:47 ----D---- C:\Windows\system32\Tasks
2011-04-26 09:16:29 ----SHD---- C:\Windows\Installer
2011-04-26 09:16:29 ----RD---- C:\Program Files
2011-04-25 14:03:02 ----HD---- C:\ProgramData
2011-04-23 09:42:28 ----D---- C:\Windows\system32\catroot2
2011-04-22 09:41:28 ----D---- C:\Program Files\Microsoft Silverlight
2011-04-20 21:07:05 ----A---- C:\Windows\system32\mrt.exe
2011-04-16 11:19:37 ----D---- C:\Program Files\TweakNow WinSecret
2011-04-16 11:11:20 ----SD---- C:\ProgramData\Microsoft
2011-04-15 18:36:17 ----D---- C:\Windows\Microsoft.NET
2011-04-15 18:35:59 ----RSD---- C:\Windows\assembly
2011-04-15 18:34:22 ----D---- C:\Windows\winsxs
2011-04-15 18:24:15 ----D---- C:\Windows\system32\catroot
2011-04-15 18:21:25 ----D---- C:\Windows\system32\drivers
2011-04-15 18:21:24 ----D---- C:\Program Files\Windows Mail
2011-04-12 16:16:51 ----D---- C:\Program Files\Vistumbler
2011-04-11 13:15:28 ----D---- C:\Windows\Tasks
2011-03-30 18:01:04 ----D---- C:\Program Files\Windows Live
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-10-09 306200]
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]
R0 PCGenFAM;PCGenFAM; C:\Windows\system32\DRIVERS\PCGenFAM.sys [2010-09-22 183240]
R1 a00a6aa2-1398-447e-b8d8-9bc1ea73aa86;a00a6aa2-1398-447e-b8d8-9bc1ea73aa86; \??\C:\Windows\iprot\a00a6aa2-1398-447e-b8d8-9bc1ea73aa86\PhysMem.sys [2009-01-20 3584]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-17 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-04 29584]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-17 243024]
R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020; \??\C:\Windows\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [2010-05-31 3584]
R2 nmsunidr;UniDriver for NMS; C:\Windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]
R3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2008-01-08 1302368]
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-06-19 229248]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]
R3 IntelDH;IntelDH Driver; C:\Windows\System32\Drivers\IntelDH.sys [2007-10-30 5632]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-12-14 8244320]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2005-11-28 7040]
R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver-service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hitmanpro3;Hitman Pro 3 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro3.sys []
S3 iANSMiniport;Intel® Advanced Network Services Virtual Adapter; C:\Windows\system32\DRIVERS\iansw60.sys [2007-05-22 100240]
S3 iANSProtocol;Intel® Advanced Network Services Protocol; C:\Windows\system32\DRIVERS\iansw60.sys [2007-05-22 100240]
S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]
S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [2007-06-27 14552]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2007-06-27 223448]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]
R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]
R2 edsvc;Edison Power Management Service; C:\Program Files\Verdiem\Edison\edsvc.exe [2008-10-24 75008]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-09 358936]
R2 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2007-06-27 59096]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-21 2146496]
R2 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2007-06-27 268504]
R2 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2007-06-27 157912]
R2 NMSCore;Intel® NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-06-27 317656]
R2 QualityManager;Intel® Quality Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-06-27 272600]
R2 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2007-06-27 446680]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2010-09-22 330784]
R2 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [2007-10-19 290909]
R2 TVESched;TVEnhance Task Scheduler (TTS)); C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [2007-10-19 114779]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
S3 DHTRACE;Intel® DHTrace Controller; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 39640]
S3 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-24 136176]
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]
S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-15 382248]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]
S4 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]
-info.txt logfile of random's system information tool 1.08 2011-04-27 15:37:51
======Uninstall list======
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->"C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE
Ad-Aware-->C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10o_Plugin.exe -maintain plugin
Adobe Reader 9.4.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A94000000001}
Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}
Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}
ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1AlbumPage
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1Calendar
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1Slimline
ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Cd 2 van Microsoft Office 2000-->MsiExec.exe /I{00040413-78E1-11D2-B60F-006097C998E7}
CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"
CodeStuff Starter-->"C:\Program Files\CodeStuff\Starter\unStarter.exe"
Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE}
Corel WordPerfect Office - iFilter-->MsiExec.exe /X{1DF03ECE-6AF4-414E-B118-C316F151A9A2}
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Edison-->MsiExec.exe /X{9542A589-9E34-4D25-BBED-E4AFA039AF56}
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
Google Earth Plug-in-->MsiExec.exe /X{05AB8EF0-F783-11DF-83AC-001279CD8240}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Identity Finder-->MsiExec.exe /I{27D8D00F-0DC2-4E8C-8EA2-AB5547197071}
Intel® Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Intel® PRO Network Connections 12.2.41.0-->MsiExec.exe /i{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85} ARPREMOVE=1
Intel® PRO Network Connections 12.2.41.0-->MsiExec.exe /i{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85} ARPREMOVE=1
Intel® Viiv™ software-->MsiExec.exe /X{A7472CEE-6E85-4D43-9C71-BDFC0D471F70} /qb!
iTunes-->MsiExec.exe /I{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}
Java 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Kodak EasyShare-software-->C:\ProgramData\Kodak\EasyShareSetup\$SETUP_1e0001_2a34a7\Setup.exe /APR-REMOVE
MakeDisc-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\Setup.exe" -uninstall
MCE Software Encoder 1.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall
MediaShow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\Setup.exe" -uninstall
Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}
Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Automated Troubleshooting Services Shim-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb"
Microsoft Fix it Center-->MsiExec.exe /X{B7588D45-AFDC-4C93-9E2E-A100F3554B64}
Microsoft Office 2000 Professional-->MsiExec.exe /I{00010413-78E1-11D2-B60F-006097C998E7}
Microsoft Office Converter Pack-->MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}
Microsoft Office PowerPoint Viewer 2007 (Dutch)-->MsiExec.exe /X{95120000-00AF-0413-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Works-->MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD}
Mozilla Firefox 4.0 (x86 nl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8 Essentials-->MsiExec.exe /X{5BB977A4-E843-4E31-9859-745F442B1043}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
OpenOffice.org 3.2-->MsiExec.exe /I{9C43D327-EC1E-4FCC-8F40-D4ACCCCA0BF6}
PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
PIXresizer 2.0.4-->"C:\Program Files\PIXresizer\unins000.exe"
PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall
PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Recuva-->"C:\Program Files\Recuva\uninst.exe"
Remote Wonder Series Driver and Control Panel-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log
RidNacs 2.0.3-->"C:\Program Files\RidNacs\unins000.exe"
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client
Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Smart Defrag-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Soluto-->MsiExec.exe /X{8109E5E7-A23D-4B67-A26D-7DAC358D46A2}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000004}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP
TV Enhance-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\Setup.exe" -uninstall
TweakNow WinSecret Professional-->"C:\Program Files\TweakNow WinSecret\unins000.exe"
Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\setup.exe" -l0x9
Undelete 360-->"C:\Program Files\File Recovery\undelete360\unins000.exe"
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}
Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}
Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}
Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}
Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}
Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}
Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinPatrol 2008-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}
Wise Registry Cleaner Free 5.11-->"C:\Program Files\Wise Registry Cleaner\unins000.exe"
WordPerfect Office X4 - MAIL-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529080}
Youtube Video Downloader 3.19-->"C:\Program Files\DownloadToolz\Youtube Video Downloader\unins000.exe"
======Hosts File======
127.0.0.1 007guard.com - 007guard and Free Antivirus
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 008k.com
127.0.0.1 00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
======Security center information======
AV: AVG Anti-Virus Free
AS: AVG Anti-Virus Free (disabled)
AS: Lavasoft Ad-Watch Live! (disabled)
AS: Windows Defender
======System event log======
Computer Name: PC_van_dirk
Event Code: 4372
Message: De status van pakket KB905866(Update) wordt ingesteld op Tijdelijk opslaan(Staging)
Record Number: 277793
Source Name: Microsoft-Windows-Servicing
Time Written: 20101110191500.000000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
Computer Name: PC_van_dirk
Event Code: 4372
Message: De status van pakket KB905866(Update) wordt ingesteld op Tijdelijk opslaan(Staging)
Record Number: 277792
Source Name: Microsoft-Windows-Servicing
Time Written: 20101110191500.000000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
Computer Name: PC_van_dirk
Event Code: 4372
Message: De status van pakket KB905866(Update) wordt ingesteld op Opgelost(Resolved)
Record Number: 277791
Source Name: Microsoft-Windows-Servicing
Time Written: 20101110191500.000000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
Computer Name: PC_van_dirk
Event Code: 18
Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?donderdag ?11 ?november ?2010 om 18:00:
- KB890830: Windows-programma voor het verwijderen van schadelijke software - november 2010
- KB2413381: Beveiligingsupdate voor Microsoft Office PowerPoint Viewer 2007 uur
Record Number: 277790
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20101110191457.880000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
Computer Name: PC_van_dirk
Event Code: 18
Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?donderdag ?11 ?november ?2010 om 18:00:
- KB890830: Windows-programma voor het verwijderen van schadelijke software - november 2010 uur
Record Number: 277789
Source Name: Microsoft-Windows-WindowsUpdateClient
Time Written: 20101110191457.880000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
=====Application event log=====
Computer Name: PC_van_dirk
Event Code: 1
Message: De Windows Security Center-service is gestart.
Record Number: 31935
Source Name: SecurityCenter
Time Written: 20090914075904.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_dirk
Event Code: 7500
Message: Intel RAID-controller: Onbekende controller
Aantal seriële ATA-poorten: 6
Versie RAID Option ROM: Onbekend
Stuurprogrammaversie: 7.6.3.1004
Versie RAID-module: 7.6.3.1004
Versie taalresources van RAID-module: Bestand niet gevonden
Versie van wizard Volume maken: 7.6.3.1004
Versie taalresources voor wizard Volume maken: Bestand niet gevonden
Versie van wizard Volume maken op basis van bestaande harde schijf: 7.6.3.1004
Versie taalresources voor wizard Volume maken op basis van bestaande harde schijf: Bestand niet gevonden
Versie van wizard Volume wijzigen: 7.6.3.1004
Versie taalresources voor wizard Volume wijzigen: Bestand niet gevonden
Versie van wizard Volume verwijderen: 7.6.3.1004
Versie taalresources voor wizard Volume verwijderen: Bestand niet gevonden
ISDI-bibliotheekversie: 7.6.3.1004
Versie hulpmiddel voor gebruikersmeldingen van controleprogramma voor gebeurtenissen: 7.6.3.1004
Versie taalresources voor hulpmiddel voor gebruikersmeldingen van controleprogramma voor gebeurtenissen: Bestand niet gevonden
Versie controleprogramma voor gebeurtenissen: 7.6.3.1004
Harde schijf 0
Gebruik: Onbekend gebruik harde schijf
Status: Normaal
Apparaatpoort: 0
Locatie apparaatpoort: Intern
Huidige SATA-overdrachtmodus: Generatie 2
Model: WDC WD5000AACS-00ZUB0
Serienummer: WD-WCASU0699226
Firmware: 01.01B01
Ondersteuning voor geïntegreerde opdrachtwachtrijen: Ja
Systeemschijf: Ja
Grootte: 465.7 GB
Grootte van fysieke sector: 512 bytes
Grootte van logische sector: 512 bytes
Niet gebruikte poort 0
Apparaatpoort: 2
Locatie apparaatpoort: Extern
Niet gebruikte poort 1
Apparaatpoort: 3
Locatie apparaatpoort: Extern
Niet gebruikte poort 2
Apparaatpoort: 4
Locatie apparaatpoort: Extern
Niet gebruikte poort 3
Apparaatpoort: 5
Locatie apparaatpoort: Extern
CD/DVD-station 0
Apparaatpoort: 1
Locatie apparaatpoort: Intern
Huidige SATA-overdrachtmodus: Generatie 1
Model: HL-DT-ST DVDRAM GH20NS10
Serienummer: K7L7CQE5152
Firmware: EL00
Record Number: 31934
Source Name: IAANTmon
Time Written: 20090914075704.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_dirk
Event Code: 0
Message:
Record Number: 31933
Source Name: M1 Server
Time Written: 20090914075703.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_dirk
Event Code: 1003
Message: De Windows Search-service is gestart.
Record Number: 31932
Source Name: Microsoft-Windows-Search
Time Written: 20090914075700.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_dirk
Event Code: 0
Message:
Record Number: 31931
Source Name: ISSM
Time Written: 20090914075657.000000-000
Event Type: Informatie
User:
=====Security event log=====
Computer Name: PC_van_dirk
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 122937
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100728134154.008600-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_dirk
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_DIRK$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x2f8
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 122936
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100728134154.008600-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_dirk
Event Code: 4648
Message: Poging tot aanmelden met expliciete referenties.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_DIRK$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Account waarvan de referenties zijn gebruikt:
Accountnaam: SYSTEEM
Accountdomein: NT AUTHORITY
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Doelserver:
Naam van doelserver: localhost
Aanvullende gegevens: localhost
Procesgegevens:
Proces-id: 0x2f8
Procesnaam: C:\Windows\System32\services.exe
Netwerkgegevens:
Netwerkadres: -
Poort: -
Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.
Record Number: 122935
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100728134154.008600-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_dirk
Event Code: 5038
Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.
Bestandsnaam: \Device\HarddiskVolume1\Program Files\BillP Studios\WinPatrol\patrolpro.dll
Record Number: 122934
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100728133405.261600-000
Event Type: Controle mislukt
User:
Computer Name: PC_van_dirk
Event Code: 5038
Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.
Bestandsnaam: \Device\HarddiskVolume1\Program Files\BillP Studios\WinPatrol\patrolpro.dll
Record Number: 122933
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100728133405.178600-000
Event Type: Controle mislukt
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\DMIX;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"NUMBER_OF_PROCESSORS"=4
"asl.log"=Destination=file
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
-----------------EOF-----------------
----------------EOF-----------------
-
Aan Kurtt
Tweede poging om mijn log van Hijack This door te sturen:
-
Moderator:
Hoi Krid strea. Je wou blijkbaar een bijlage of printscreen doorsturen met dit bericht. Dit is echter niet gelukt. Er kwamen allemaal rare tekens.
Hier lees je hoe je een bijlage (of printscreen, want dat is ook een bijlage) aan een bericht kunt sturen.
-
aan Clarkie:
Tijdens het surfen op een Duitse website van een hotel verscheen plots een mededeling dat er allerlei gevaarlijks op mijn pc was gevonden. Ik zag het ding ook een snelle scan uitvoeren waarbij inderdaad gevaarlijke bestandjes werden gevonden.
Tegelijkertijd verscheen het rode schild met wit kruis van de Beveiligingswaarschuwing van Windows in mijn taakbalk.
Aangeklikt en daar gelezen dat "De service van het Beveiligingscentrum is uitgeschakeld". Het knopje "Nu inschakelen" gedrukt en te lezen gekregen: "De Security Center-service is niet gestart."
Op zoek gegaan naar oplossingen op het forum en daar gestoten op de tip van... Angel, denk ik.
-
Ook die kan ik weer niet aanklikken, net zoals daarstraks...
-
Ik kan inderdaad niet op de knop klikken.
De status is "gestopt"
-
Ergens op het forum las ik:
"5 maart 2010 20:14 #4
Angel_
Guest
Probeer dan dit eens:
Windowstoets + R
Typ in het tekstveld van Uitvoeren: services.msc
Maak het venster schermvullend, en scroll naar beneden tot je Security Center ziet staan.
Rechtsklik nu op Security Center en kies voor Eigenschappen.
Open het Tabblad Algemeen als dit nog niet het geval is.
Schakel achter Opstarttype de Service naar Automatisch.
Onder Status van service klik je op de knop Starten en daarna op Toepassen & OK
Herstart hierna je PC."
Dat leek me een goed idee, tot ik bij "Schakel achter Opstarttype de Service naar Automatisch." kwam.
Dat kan bij mij niet want die regel is niet "gehighligt", m.a.w. ik kan daar niets in veranderen. Ik kan de service niet aanpassen.
Wat nu?
Alvast bedankt aan wie me helpt.
Dirk Aerts
security center
in Archief Windows Algemeen
Geplaatst:
Dat is inderdaad gebeurd!