Ga naar inhoud

krid strea

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    12

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Berichten die geplaatst zijn door krid strea

    security center

    in Archief Windows Algemeen

    Geplaatst:

    Wat bedoel je met "Heb je de host-file al opgeruimd"? Was dat die massa bestanden die ik manueel heb verwijderd? Ja dan.

    Maar ik slaag er niet in de log van HijackThis door te sturen. Het lukt me niet met Ctrl+A en Ctrl+C en Ctrl+V. Ik vind ook "Uitvoeren als administrator" niet als ik rechts klik op het HijackThis-icoon. Ik werk met Vista en dan zou dat misschien de reden kunnen zijn dat het niet lukt?

    security center

    in Archief Windows Algemeen

    Geplaatst:

    voor Kape

    Het heeft wel een tijdje geduurd, maar hier is alvast de log van Malwarebytes:

    Malwarebytes' Anti-Malware 1.50.1.1100

    Malwarebytes : Free anti-malware, anti-virus and spyware removal download

    Databaseversie: 6463

    Windows 6.0.6002 Service Pack 2

    Internet Explorer 7.0.6002.18005

    28/04/2011 16:23:08

    mbam-log-2011-04-28 (16-23-08).txt

    Scantype: Snelle scan

    Objecten gescand: 199892

    Verstreken tijd: 5 minuut/minuten, 42 seconde(n)

    Geheugenprocessen geïnfecteerd: 0

    Geheugenmodulen geïnfecteerd: 0

    Registersleutels geïnfecteerd: 0

    Registerwaarden geïnfecteerd: 1

    Registerdata geïnfecteerd: 1

    Mappen geïnfecteerd: 0

    Bestanden geïnfecteerd: 4

    Geheugenprocessen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

    Registerdata geïnfecteerd:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (File Type Info - File Extension Search) Good: (http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

    Mappen geïnfecteerd:

    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:

    c:\programdata\d2a19a2f-c985-4076-abc0-31c24ef67457.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    c:\Users\dirk\AppData\Local\Temp\wrk1E8E.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    c:\Users\dirk\AppData\Local\Temp\wrk604E.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    c:\Users\dirk\AppData\Local\Temp\ins2396.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

    security center

    in Archief Windows Algemeen

    Geplaatst:

    Voor Kurtt of webmaster

    Logfile of random's system information tool 1.08 (written by random/random)

    Run by dirk at 2011-04-27 15:37:32

    Microsoft® Windows Vista™ Home Premium Service Pack 2

    System drive C: has 321 GB (72%) free of 446 GB

    Total RAM: 3069 MB (39% free)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 15:37:47, on 27/04/2011

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v7.00 (7.00.6002.18005)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Windows\System32\rundll32.exe

    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe

    C:\Program Files\Verdiem\Edison\Edison.exe

    C:\Program Files\AVG\AVG9\avgtray.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

    C:\Program Files\Windows Mail\WinMail.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\Program Files\Mozilla Firefox\plugin-container.exe

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe

    C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

    C:\Windows\System32\rundll32.exe

    C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe

    C:\Program Files\AVG\AVG9\avgtray.exe

    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

    C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

    C:\Program Files\Mozilla Firefox\firefox.exe

    C:\Program Files\Mozilla Firefox\plugin-container.exe

    C:\Program Files\Mozilla Firefox\plugin-container.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Mozilla Firefox\plugin-container.exe

    C:\Windows\system32\rundll32.exe

    C:\Windows\system32\mmc.exe

    C:\Windows\system32\SearchFilterHost.exe

    C:\Users\Gast\Downloads\RSIT.exe

    C:\Program Files\trend micro\dirk.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)

    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O4 - HKLM\..\Run: [NMSSupport] "C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe" /startup

    O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe

    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

    O4 - HKLM\..\Run: [Edison] "C:\Program Files\Verdiem\Edison\Edison.exe" /autolaunched

    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

    O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - HKUS\S-1-5-21-1446336886-1062152450-4152672085-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'IUSR_NMPR')

    O4 - HKUS\S-1-5-21-1446336886-1062152450-4152672085-1000\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'IUSR_NMPR')

    O4 - HKUS\S-1-5-21-1446336886-1062152450-4152672085-501\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'Gast')

    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

    O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - https://site03.remoteoffice.citigroup.com/dana-cached/sc/JuniperSetupClient.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Intel® DHTrace Controller (DHTRACE) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe

    O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe

    O23 - Service: Edison Power Management Service (edsvc) - Verdiem - C:\Program Files\Verdiem\Edison\edsvc.exe

    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe

    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

    O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe

    O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe

    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

    O23 - Service: Intel® NMSCore (NMSCore) - Intel® Corporation - C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe

    O23 - Service: Intel® Quality Manager (QualityManager) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe

    O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe

    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

    O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe

    O23 - Service: TVEnhance Background Capture Service (TBCS) (TVECapSvc) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe

    O23 - Service: TVEnhance Task Scheduler (TTS)) (TVESched) - Unknown owner - C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe

    --

    End of file - 8323 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\EasyShare Registration Task.job

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    C:\Windows\tasks\JkDefrag.job

    C:\Windows\tasks\SmartDefrag.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

    AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

    Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-11 41760]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "NMSSupport"=C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [2007-06-27 439512]

    "CCUTRAYICON"=C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [2007-06-27 215256]

    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-12-14 81920]

    "WinPatrol"=C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [2008-10-09 333120]

    "Edison"=C:\Program Files\Verdiem\Edison\Edison.exe [2008-10-24 1799424]

    "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2011-03-15 2071904]

    "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-09 178712]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-20 932288]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

    C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-01-31 35760]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]

    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

    C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickFinder Scheduler]

    []

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]

    C:\Windows\Skytel.exe [2007-10-11 1826816]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\toolbar_eula_launcher]

    C:\Program Files\GoogleEULA\EULALauncher.exe [2007-02-09 16896]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVEService]

    C:\Program Files\HomeCinema\TV Enhance\TVEService.exe [2007-10-19 155648]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

    C:\PROGRA~1\Kodak\KODAKE~1\bin\EASYSH~1.EXE [2010-01-27 323584]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro35.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "BindDirectlyToPropertySetStorage"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 1 months======

    2011-04-27 15:37:32 ----D---- C:\rsit

    2011-04-26 09:16:29 ----D---- C:\Program Files\Trend Micro

    2011-04-20 21:07:03 ----D---- C:\0d087d704fc93428a58a1aad51df

    2011-04-15 12:57:50 ----A---- C:\Windows\system32\atmfd.dll

    2011-04-15 12:57:49 ----A---- C:\Windows\system32\atmlib.dll

    2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys

    2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys

    2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\mrxsmb.sys

    2011-04-15 12:57:48 ----A---- C:\Windows\system32\drivers\bowser.sys

    2011-04-15 12:57:46 ----A---- C:\Windows\system32\mfc42u.dll

    2011-04-15 12:57:46 ----A---- C:\Windows\system32\mfc42.dll

    2011-04-15 12:57:45 ----A---- C:\Windows\system32\drivers\srv.sys

    2011-04-15 12:57:44 ----A---- C:\Windows\system32\drivers\srvnet.sys

    2011-04-15 12:57:44 ----A---- C:\Windows\system32\drivers\srv2.sys

    2011-04-15 12:57:43 ----A---- C:\Windows\system32\dnsrslvr.dll

    2011-04-15 12:57:43 ----A---- C:\Windows\system32\dnscacheugc.exe

    2011-04-15 12:57:43 ----A---- C:\Windows\system32\dnsapi.dll

    2011-04-15 12:57:38 ----A---- C:\Windows\system32\urlmon.dll

    2011-04-15 12:57:38 ----A---- C:\Windows\system32\mshtmled.dll

    2011-04-15 12:57:38 ----A---- C:\Windows\system32\mshtml.dll

    2011-04-15 12:57:37 ----A---- C:\Windows\system32\wininet.dll

    2011-04-15 12:57:37 ----A---- C:\Windows\system32\mstime.dll

    2011-04-15 12:57:37 ----A---- C:\Windows\system32\ieframe.dll

    2011-04-15 12:57:36 ----A---- C:\Windows\system32\msfeeds.dll

    2011-04-15 12:57:36 ----A---- C:\Windows\system32\iepeers.dll

    2011-04-15 12:57:36 ----A---- C:\Windows\system32\ieencode.dll

    2011-04-15 12:57:36 ----A---- C:\Windows\system32\ieapfltr.dll

    2011-04-15 12:57:32 ----A---- C:\Windows\system32\win32k.sys

    2011-04-15 12:57:31 ----A---- C:\Windows\system32\vbscript.dll

    2011-04-15 12:57:31 ----A---- C:\Windows\system32\jscript.dll

    2011-04-15 12:57:31 ----A---- C:\Windows\system32\inetcomm.dll

    2011-04-12 15:43:36 ----D---- C:\Program Files\WhatsRunning

    ======List of files/folders modified in the last 1 months======

    2011-04-27 15:37:45 ----D---- C:\Windows\Prefetch

    2011-04-27 15:37:36 ----D---- C:\Windows\Temp

    2011-04-27 14:52:12 ----SHD---- C:\System Volume Information

    2011-04-27 13:45:17 ----D---- C:\Windows\system32\drivers\Avg

    2011-04-27 09:42:21 ----D---- C:\Windows\System32

    2011-04-27 09:42:21 ----D---- C:\Windows\inf

    2011-04-27 09:42:21 ----A---- C:\Windows\system32\PerfStringBackup.INI

    2011-04-27 09:36:47 ----D---- C:\Windows\system32\Tasks

    2011-04-26 09:16:29 ----SHD---- C:\Windows\Installer

    2011-04-26 09:16:29 ----RD---- C:\Program Files

    2011-04-25 14:03:02 ----HD---- C:\ProgramData

    2011-04-23 09:42:28 ----D---- C:\Windows\system32\catroot2

    2011-04-22 09:41:28 ----D---- C:\Program Files\Microsoft Silverlight

    2011-04-20 21:07:05 ----A---- C:\Windows\system32\mrt.exe

    2011-04-16 11:19:37 ----D---- C:\Program Files\TweakNow WinSecret

    2011-04-16 11:11:20 ----SD---- C:\ProgramData\Microsoft

    2011-04-15 18:36:17 ----D---- C:\Windows\Microsoft.NET

    2011-04-15 18:35:59 ----RSD---- C:\Windows\assembly

    2011-04-15 18:34:22 ----D---- C:\Windows\winsxs

    2011-04-15 18:24:15 ----D---- C:\Windows\system32\catroot

    2011-04-15 18:21:25 ----D---- C:\Windows\system32\drivers

    2011-04-15 18:21:24 ----D---- C:\Program Files\Windows Mail

    2011-04-12 16:16:51 ----D---- C:\Program Files\Vistumbler

    2011-04-11 13:15:28 ----D---- C:\Windows\Tasks

    2011-03-30 18:01:04 ----D---- C:\Program Files\Windows Live

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2007-10-09 306200]

    R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2010-12-03 64288]

    R0 PCGenFAM;PCGenFAM; C:\Windows\system32\DRIVERS\PCGenFAM.sys [2010-09-22 183240]

    R1 a00a6aa2-1398-447e-b8d8-9bc1ea73aa86;a00a6aa2-1398-447e-b8d8-9bc1ea73aa86; \??\C:\Windows\iprot\a00a6aa2-1398-447e-b8d8-9bc1ea73aa86\PhysMem.sys [2009-01-20 3584]

    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-17 216400]

    R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-06-04 29584]

    R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-17 243024]

    R1 d8a4fef9-85c1-448f-a6f9-2570fb195020;d8a4fef9-85c1-448f-a6f9-2570fb195020; \??\C:\Windows\iprot\d8a4fef9-85c1-448f-a6f9-2570fb195020\PhysMem.sys [2010-05-31 3584]

    R2 nmsunidr;UniDriver for NMS; C:\Windows\system32\DRIVERS\nmsunidr.sys [2007-02-18 5376]

    R3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2008-01-08 1302368]

    R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-06-19 229248]

    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-11-14 2016920]

    R3 IntelDH;IntelDH Driver; C:\Windows\System32\Drivers\IntelDH.sys [2007-10-30 5632]

    R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2007-09-21 554496]

    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-12-14 8244320]

    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

    R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2005-11-28 7040]

    R3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]

    S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

    S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver-service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]

    S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

    S3 hitmanpro3;Hitman Pro 3 Support Driver; \??\C:\Windows\system32\drivers\hitmanpro3.sys []

    S3 iANSMiniport;Intel® Advanced Network Services Virtual Adapter; C:\Windows\system32\DRIVERS\iansw60.sys [2007-05-22 100240]

    S3 iANSProtocol;Intel® Advanced Network Services Protocol; C:\Windows\system32\DRIVERS\iansw60.sys [2007-05-22 100240]

    S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-04 15232]

    S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

    S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

    S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

    S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]

    S3 TSHWMDTCP;TSHWMDTCP; \??\C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [2007-06-27 14552]

    S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AlertService;Intel® Alert Service; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [2007-06-27 223448]

    R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-17 308136]

    R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-07-27 345376]

    R2 DQLWinService;DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2007-02-12 208896]

    R2 edsvc;Edison Power Management Service; C:\Program Files\Verdiem\Edison\edsvc.exe [2008-10-24 75008]

    R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

    R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-09 358936]

    R2 ISSM;Intel® Software Services Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [2007-06-27 59096]

    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2011-04-21 2146496]

    R2 M1 Server;Intel® Viiv Media Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [2007-06-27 268504]

    R2 MCLServiceATL;Intel® Application Tracker; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [2007-06-27 157912]

    R2 NMSCore;Intel® NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [2007-06-27 317656]

    R2 QualityManager;Intel® Quality Manager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [2007-06-27 272600]

    R2 Remote UI Service;Intel® Remoting Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [2007-06-27 446680]

    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]

    R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2010-09-22 330784]

    R2 TVECapSvc;TVEnhance Background Capture Service (TBCS); C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [2007-10-19 290909]

    R2 TVESched;TVEnhance Task Scheduler (TTS)); C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [2007-10-19 114779]

    R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

    S3 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]

    S3 DHTRACE;Intel® DHTrace Controller; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [2007-06-27 39640]

    S3 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-24 136176]

    S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-24 820008]

    S3 MatSvc;@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000; C:\Program Files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]

    S3 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]

    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-15 382248]

    S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

    S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]

    S4 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]

    S4 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [2001-11-12 20480]

    -info.txt logfile of random's system information tool 1.08 2011-04-27 15:37:51

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL

    -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL

    -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL

    -->C:\Windows\UNNeroShowTime.exe /UNINSTALL

    -->C:\Windows\UNNeroVision.exe /UNINSTALL

    -->C:\Windows\UNRecode.exe /UNINSTALL

    -->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}

    Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

    Ad-Aware-->"C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE

    Ad-Aware-->C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe

    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10o_Plugin.exe -maintain plugin

    Adobe Reader 9.4.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A94000000001}

    Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

    Apple Application Support-->MsiExec.exe /I{EE6097DD-05F4-4178-9719-D3170BF098E8}

    Apple Mobile Device Support-->MsiExec.exe /I{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}

    Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1}

    ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1AlbumPage

    ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1Funhouse

    ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1GreetingCard

    ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1PhotoBook

    ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1Calendar

    ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1ScrapBook

    ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13 -1Slimline

    ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}\setup.exe" -l0x13

    AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL

    Bonjour-->MsiExec.exe /X{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}

    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"

    CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}

    Cd 2 van Microsoft Office 2000-->MsiExec.exe /I{00040413-78E1-11D2-B60F-006097C998E7}

    CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe"

    CodeStuff Starter-->"C:\Program Files\CodeStuff\Starter\unStarter.exe"

    Compatibiliteitspakket voor het 2007 Microsoft Office system-->MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE}

    Corel WordPerfect Office - iFilter-->MsiExec.exe /X{1DF03ECE-6AF4-414E-B118-C316F151A9A2}

    D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

    Edison-->MsiExec.exe /X{9542A589-9E34-4D25-BBED-E4AFA039AF56}

    ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}

    ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}

    ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}

    ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}

    ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}

    ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}

    ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}

    ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}

    essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}

    Google Earth Plug-in-->MsiExec.exe /X{05AB8EF0-F783-11DF-83AC-001279CD8240}

    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

    Identity Finder-->MsiExec.exe /I{27D8D00F-0DC2-4E8C-8EA2-AB5547197071}

    Intel® Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe

    Intel® PRO Network Connections 12.2.41.0-->MsiExec.exe /i{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85} ARPREMOVE=1

    Intel® PRO Network Connections 12.2.41.0-->MsiExec.exe /i{BBBF4CFE-9D26-4D93-A869-B2B021B3CA85} ARPREMOVE=1

    Intel® Viiv™ software-->MsiExec.exe /X{A7472CEE-6E85-4D43-9C71-BDFC0D471F70} /qb!

    iTunes-->MsiExec.exe /I{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}

    Java 6 Update 18-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

    Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

    Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

    Kodak EasyShare-software-->C:\ProgramData\Kodak\EasyShareSetup\$SETUP_1e0001_2a34a7\Setup.exe /APR-REMOVE

    MakeDisc-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\Setup.exe" -uninstall

    MCE Software Encoder 1.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall

    MediaShow-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\Setup.exe" -uninstall

    Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

    Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}

    Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

    Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

    Microsoft Automated Troubleshooting Services Shim-->%windir%\system32\sdbinst.exe -u "C:\Windows\AppPatch\Custom\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb"

    Microsoft Fix it Center-->MsiExec.exe /X{B7588D45-AFDC-4C93-9E2E-A100F3554B64}

    Microsoft Office 2000 Professional-->MsiExec.exe /I{00010413-78E1-11D2-B60F-006097C998E7}

    Microsoft Office Converter Pack-->MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}

    Microsoft Office PowerPoint Viewer 2007 (Dutch)-->MsiExec.exe /X{95120000-00AF-0413-0000-0000000FF1CE}

    Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

    Microsoft Works-->MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD}

    Mozilla Firefox 4.0 (x86 nl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

    MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

    MSXML 4.0 SP2 (KB925672)-->MsiExec.exe /I{A9CF9052-F4A0-475D-A00F-A8388C62DD63}

    MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

    Nero 8 Essentials-->MsiExec.exe /X{5BB977A4-E843-4E31-9859-745F442B1043}

    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

    netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}

    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

    OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}

    OpenOffice.org 3.2-->MsiExec.exe /I{9C43D327-EC1E-4FCC-8F40-D4ACCCCA0BF6}

    PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall

    Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"

    PIXresizer 2.0.4-->"C:\Program Files\PIXresizer\unins000.exe"

    PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" /z-uninstall

    PowerDVD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

    PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall

    Realtek High Definition Audio Driver-->RtlUpd.exe -r -m

    Recuva-->"C:\Program Files\Recuva\uninst.exe"

    Remote Wonder Series Driver and Control Panel-->C:\Windows\UNWISE.EXE C:\PROGRA~1\X10HAR~1\Install.log

    RidNacs 2.0.3-->"C:\Program Files\RidNacs\unins000.exe"

    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""

    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client

    Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}

    SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}

    SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}

    skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}

    SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}

    Smart Defrag-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"

    Soluto-->MsiExec.exe /X{8109E5E7-A23D-4B67-A26D-7DAC358D46A2}

    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000004}

    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

    staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}

    Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

    Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP

    TV Enhance-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E4C891D6-6844-41B8-86E8-633CACCC644F}\Setup.exe" -uninstall

    TweakNow WinSecret Professional-->"C:\Program Files\TweakNow WinSecret\unins000.exe"

    Ulead PhotoImpact 12-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11AFE21E-B193-430D-B57A-DFF7815BB962}\setup.exe" -l0x9

    Undelete 360-->"C:\Program Files\File Recovery\undelete360\unins000.exe"

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

    VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}

    Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}

    Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

    VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}

    Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

    Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

    Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}

    Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}

    Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

    Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}

    Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}

    Windows Live Messenger-->MsiExec.exe /X{6A563426-3474-41C6-B847-42B39F1485B2}

    Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90}

    Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}

    Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}

    Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

    Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}

    Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

    Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

    Windows Live UX Platform Language Pack-->MsiExec.exe /I{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}

    Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

    Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}

    Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

    WinPatrol 2008-->C:\PROGRA~1\BILLPS~1\WINPAT~1\Setup.exe /remove /q0

    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

    WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}

    Wise Registry Cleaner Free 5.11-->"C:\Program Files\Wise Registry Cleaner\unins000.exe"

    WordPerfect Office X4 - MAIL-->MsiExec.exe /I{DCDAB2ED-5741-4C30-A1A4-0FCB8A529080}

    Youtube Video Downloader 3.19-->"C:\Program Files\DownloadToolz\Youtube Video Downloader\unins000.exe"

    ======Hosts File======

    127.0.0.1 007guard.com - 007guard and Free Antivirus

    127.0.0.1 007guard.com

    127.0.0.1 008i.com

    127.0.0.1 008k.com

    127.0.0.1 008k.com

    127.0.0.1 00hq.com

    127.0.0.1 00hq.com

    127.0.0.1 010402.com

    127.0.0.1 www.032439.com

    127.0.0.1 032439.com

    ======Security center information======

    AV: AVG Anti-Virus Free

    AS: AVG Anti-Virus Free (disabled)

    AS: Lavasoft Ad-Watch Live! (disabled)

    AS: Windows Defender

    ======System event log======

    Computer Name: PC_van_dirk

    Event Code: 4372

    Message: De status van pakket KB905866(Update) wordt ingesteld op Tijdelijk opslaan(Staging)

    Record Number: 277793

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20101110191500.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: PC_van_dirk

    Event Code: 4372

    Message: De status van pakket KB905866(Update) wordt ingesteld op Tijdelijk opslaan(Staging)

    Record Number: 277792

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20101110191500.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: PC_van_dirk

    Event Code: 4372

    Message: De status van pakket KB905866(Update) wordt ingesteld op Opgelost(Resolved)

    Record Number: 277791

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20101110191500.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: PC_van_dirk

    Event Code: 18

    Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?donderdag ?11 ?november ?2010 om 18:00:

    - KB890830: Windows-programma voor het verwijderen van schadelijke software - november 2010

    - KB2413381: Beveiligingsupdate voor Microsoft Office PowerPoint Viewer 2007 uur

    Record Number: 277790

    Source Name: Microsoft-Windows-WindowsUpdateClient

    Time Written: 20101110191457.880000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: PC_van_dirk

    Event Code: 18

    Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?donderdag ?11 ?november ?2010 om 18:00:

    - KB890830: Windows-programma voor het verwijderen van schadelijke software - november 2010 uur

    Record Number: 277789

    Source Name: Microsoft-Windows-WindowsUpdateClient

    Time Written: 20101110191457.880000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    =====Application event log=====

    Computer Name: PC_van_dirk

    Event Code: 1

    Message: De Windows Security Center-service is gestart.

    Record Number: 31935

    Source Name: SecurityCenter

    Time Written: 20090914075904.000000-000

    Event Type: Informatie

    User:

    Computer Name: PC_van_dirk

    Event Code: 7500

    Message: Intel RAID-controller: Onbekende controller

    Aantal seriële ATA-poorten: 6

    Versie RAID Option ROM: Onbekend

    Stuurprogrammaversie: 7.6.3.1004

    Versie RAID-module: 7.6.3.1004

    Versie taalresources van RAID-module: Bestand niet gevonden

    Versie van wizard Volume maken: 7.6.3.1004

    Versie taalresources voor wizard Volume maken: Bestand niet gevonden

    Versie van wizard Volume maken op basis van bestaande harde schijf: 7.6.3.1004

    Versie taalresources voor wizard Volume maken op basis van bestaande harde schijf: Bestand niet gevonden

    Versie van wizard Volume wijzigen: 7.6.3.1004

    Versie taalresources voor wizard Volume wijzigen: Bestand niet gevonden

    Versie van wizard Volume verwijderen: 7.6.3.1004

    Versie taalresources voor wizard Volume verwijderen: Bestand niet gevonden

    ISDI-bibliotheekversie: 7.6.3.1004

    Versie hulpmiddel voor gebruikersmeldingen van controleprogramma voor gebeurtenissen: 7.6.3.1004

    Versie taalresources voor hulpmiddel voor gebruikersmeldingen van controleprogramma voor gebeurtenissen: Bestand niet gevonden

    Versie controleprogramma voor gebeurtenissen: 7.6.3.1004

    Harde schijf 0

    Gebruik: Onbekend gebruik harde schijf

    Status: Normaal

    Apparaatpoort: 0

    Locatie apparaatpoort: Intern

    Huidige SATA-overdrachtmodus: Generatie 2

    Model: WDC WD5000AACS-00ZUB0

    Serienummer: WD-WCASU0699226

    Firmware: 01.01B01

    Ondersteuning voor geïntegreerde opdrachtwachtrijen: Ja

    Systeemschijf: Ja

    Grootte: 465.7 GB

    Grootte van fysieke sector: 512 bytes

    Grootte van logische sector: 512 bytes

    Niet gebruikte poort 0

    Apparaatpoort: 2

    Locatie apparaatpoort: Extern

    Niet gebruikte poort 1

    Apparaatpoort: 3

    Locatie apparaatpoort: Extern

    Niet gebruikte poort 2

    Apparaatpoort: 4

    Locatie apparaatpoort: Extern

    Niet gebruikte poort 3

    Apparaatpoort: 5

    Locatie apparaatpoort: Extern

    CD/DVD-station 0

    Apparaatpoort: 1

    Locatie apparaatpoort: Intern

    Huidige SATA-overdrachtmodus: Generatie 1

    Model: HL-DT-ST DVDRAM GH20NS10

    Serienummer: K7L7CQE5152

    Firmware: EL00

    Record Number: 31934

    Source Name: IAANTmon

    Time Written: 20090914075704.000000-000

    Event Type: Informatie

    User:

    Computer Name: PC_van_dirk

    Event Code: 0

    Message:

    Record Number: 31933

    Source Name: M1 Server

    Time Written: 20090914075703.000000-000

    Event Type: Informatie

    User:

    Computer Name: PC_van_dirk

    Event Code: 1003

    Message: De Windows Search-service is gestart.

    Record Number: 31932

    Source Name: Microsoft-Windows-Search

    Time Written: 20090914075700.000000-000

    Event Type: Informatie

    User:

    Computer Name: PC_van_dirk

    Event Code: 0

    Message:

    Record Number: 31931

    Source Name: ISSM

    Time Written: 20090914075657.000000-000

    Event Type: Informatie

    User:

    =====Security event log=====

    Computer Name: PC_van_dirk

    Event Code: 4672

    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Bevoegdheden: SeAssignPrimaryTokenPrivilege

    SeTcbPrivilege

    SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeAuditPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    Record Number: 122937

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20100728134154.008600-000

    Event Type: Controle geslaagd

    User:

    Computer Name: PC_van_dirk

    Event Code: 4624

    Message: Er is een account aangemeld.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: PC_VAN_DIRK$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldingstype: 5

    Nieuwe aanmelding:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Procesgegevens:

    Proces-id: 0x2f8

    Naam proces: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Naam van werkstation:

    Netwerkadres van bron: -

    Poort van bron: -

    Gedetailleerde verificatiegegevens:

    Aanmeldingsproces: Advapi

    Verificatiepakket: Negotiate

    Doorgezette services: -

    Pakketnaam (alleen NTLM): -

    Sleutellengte: 0

    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

    De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

    Record Number: 122936

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20100728134154.008600-000

    Event Type: Controle geslaagd

    User:

    Computer Name: PC_van_dirk

    Event Code: 4648

    Message: Poging tot aanmelden met expliciete referenties.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: PC_VAN_DIRK$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Account waarvan de referenties zijn gebruikt:

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Doelserver:

    Naam van doelserver: localhost

    Aanvullende gegevens: localhost

    Procesgegevens:

    Proces-id: 0x2f8

    Procesnaam: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Netwerkadres: -

    Poort: -

    Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

    Record Number: 122935

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20100728134154.008600-000

    Event Type: Controle geslaagd

    User:

    Computer Name: PC_van_dirk

    Event Code: 5038

    Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

    Bestandsnaam: \Device\HarddiskVolume1\Program Files\BillP Studios\WinPatrol\patrolpro.dll

    Record Number: 122934

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20100728133405.261600-000

    Event Type: Controle mislukt

    User:

    Computer Name: PC_van_dirk

    Event Code: 5038

    Message: De kopie-hash van een bestand is ongeldig. Mogelijk is het bestand beschadigd vanwege een onbevoegde wijziging of duidt de ongeldige hash op een schijffout.

    Bestandsnaam: \Device\HarddiskVolume1\Program Files\BillP Studios\WinPatrol\patrolpro.dll

    Record Number: 122933

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20100728133405.178600-000

    Event Type: Controle mislukt

    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe

    "FP_NO_HOST_CHECK"=NO

    "OS"=Windows_NT

    "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\DMIX;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared

    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

    "PROCESSOR_ARCHITECTURE"=x86

    "TEMP"=%SystemRoot%\TEMP

    "TMP"=%SystemRoot%\TEMP

    "USERNAME"=SYSTEM

    "windir"=%SystemRoot%

    "PROCESSOR_LEVEL"=6

    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 11, GenuineIntel

    "PROCESSOR_REVISION"=0f0b

    "NUMBER_OF_PROCESSORS"=4

    "asl.log"=Destination=file

    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

    -----------------EOF-----------------

    ----------------EOF-----------------

    security center

    in Archief Windows Algemeen

    Geplaatst: · aangepast door Kurtt

    Moderator:

    Hoi Krid strea. Je wou blijkbaar een bijlage of printscreen doorsturen met dit bericht. Dit is echter niet gelukt. Er kwamen allemaal rare tekens.

    Hier lees je hoe je een bijlage (of printscreen, want dat is ook een bijlage) aan een bericht kunt sturen. :top:

    security center

    in Archief Windows Algemeen

    Geplaatst:

    aan Clarkie:

    Tijdens het surfen op een Duitse website van een hotel verscheen plots een mededeling dat er allerlei gevaarlijks op mijn pc was gevonden. Ik zag het ding ook een snelle scan uitvoeren waarbij inderdaad gevaarlijke bestandjes werden gevonden.

    Tegelijkertijd verscheen het rode schild met wit kruis van de Beveiligingswaarschuwing van Windows in mijn taakbalk.

    Aangeklikt en daar gelezen dat "De service van het Beveiligingscentrum is uitgeschakeld". Het knopje "Nu inschakelen" gedrukt en te lezen gekregen: "De Security Center-service is niet gestart."

    Op zoek gegaan naar oplossingen op het forum en daar gestoten op de tip van... Angel, denk ik.

    security center

    in Archief Windows Algemeen

    Geplaatst:

    Ergens op het forum las ik:

    "5 maart 2010 20:14 #4

    Angel_

    Guest

    Probeer dan dit eens:

    Windowstoets + R

    Typ in het tekstveld van Uitvoeren: services.msc

    Maak het venster schermvullend, en scroll naar beneden tot je Security Center ziet staan.

    Rechtsklik nu op Security Center en kies voor Eigenschappen.

    Open het Tabblad Algemeen als dit nog niet het geval is.

    Schakel achter Opstarttype de Service naar Automatisch.

    Onder Status van service klik je op de knop Starten en daarna op Toepassen & OK

    Herstart hierna je PC."

    Dat leek me een goed idee, tot ik bij "Schakel achter Opstarttype de Service naar Automatisch." kwam.

    Dat kan bij mij niet want die regel is niet "gehighligt", m.a.w. ik kan daar niets in veranderen. Ik kan de service niet aanpassen.

    Wat nu?

    Alvast bedankt aan wie me helpt.

    Dirk Aerts

Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.