brazempje

ik kom er nu achter dat mijn cdrom het niet doet ik heb gekeken in apparaatbeheer en daar staan gele driehoekjes achter

ik heb de schijfgecontroleerd ik wist niet dat dat zo lang duurde 4 uur hij gaf aan dat er geen fouten gevonden waren

de tekst die hij geeft is : er zijn geen schendingen van de integriteit gevonden .

hoe maak ik een copy van die opdrachtprompt wandt de scan heb ik al uitgevoerd .

hoe krujg ik toegang tot mijn CBS.log

bij vista heb je geen opdrachtprompt maar wel een zoekopdracht,als ik daar sfc /scannow in typ en uitvoeren als administrator gebeurd er niets . een windows cd heb ik niet bij de pc gekregen.

ik heb een nieuwe update uit gevoerd en krijg de foutmelding niet meer , of het opgelost is moet nog blijken .

de melding die ik krijg is , Boostspeed.exe C/progamdata/temp is beschadigd . hulpprogamma CHKDSK

krijg een fout melding ,er staat bij dat ik een hulpprogamma moet starten met deze boodschap : boods progamma CHKDSK

dit alles is uitgevoerd

de melding 120 ben ik niet mee tegen gekomen , ik denk dat hij nu weer nomaal draait . bedankt voor het gedult ook je colega , jullie hebben goed werk geleverd .

ComboFix 12-02-10.03 - Gebruiker 13-02-2012 16:40:37.7.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3326.2156 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\11111.exe AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}A SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-13 to 2012-02-13 )))))))))))))))))))))))))))))) . . 2012-02-13 15:50 . 2012-02-13 15:50 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp 2012-02-13 15:50 . 2012-02-13 15:50 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-02-13 15:50 . 2012-02-13 15:50 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-13 15:15 . 2012-02-13 15:15 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\AVG2012 2012-02-13 15:14 . 2012-02-13 15:14 -------- d-----w- c:\programdata\AVG Secure Search 2012-02-13 15:14 . 2012-02-13 15:14 -------- d-----w- c:\program files\AVG Secure Search 2012-02-13 15:12 . 2012-02-13 15:29 -------- d-----w- c:\windows\system32\drivers\AVG 2012-02-13 15:12 . 2012-02-13 15:31 -------- d-----w- c:\programdata\AVG2012 2012-02-13 15:03 . 2012-01-05 19:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FA34B801-FD47-4A26-B3C3-1509EFB0A99A}\mpengine.dll 2012-02-11 10:24 . 2012-02-11 10:38 -------- d-----w- C:\11111 2012-02-10 18:05 . 2012-02-10 18:05 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\AVG9 2012-02-10 17:09 . 2012-02-10 17:09 -------- d-----w- C:\rsit 2012-02-10 16:11 . 2012-02-10 16:10 713784 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5825539C-3241-47EF-982C-6339D579017E}\gapaengine.dll 2012-02-06 17:37 . 2012-02-10 11:55 -------- d-----w- c:\program files\Ask.com 2012-02-06 17:36 . 2012-02-06 17:36 -------- d-----w- c:\users\Gebruiker\AppData\Local\APN 2012-02-05 17:18 . 2012-02-05 17:18 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-05 17:18 . 2012-02-05 17:18 -------- d-----w- c:\program files\Trend Micro 2012-02-05 10:30 . 2012-02-05 10:30 -------- d-----w- c:\program files\Common Files\Java 2012-02-04 18:18 . 2012-02-04 18:18 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\TuneUp Software 2012-02-04 18:17 . 2012-02-11 08:22 -------- d-----w- c:\programdata\TuneUp Software 2012-02-04 18:17 . 2012-02-04 18:17 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-04 15:40 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2012-02-04 15:40 . 2012-02-04 15:40 -------- d-----w- c:\program files\PC Connectivity Solution 2012-01-23 13:07 . 2012-01-23 13:07 -------- d-----w- c:\program files\iPod 2012-01-18 15:18 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-18 15:18 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-18 15:18 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-18 15:18 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-18 15:18 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-18 15:18 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-05 10:30 . 2010-04-21 13:58 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-31 12:44 . 2009-10-03 13:25 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-01-26 10:54 . 2009-09-19 18:52 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-01-26 10:54 . 2010-02-28 17:13 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-01-26 10:54 . 2009-09-19 18:52 215128 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-01-05 19:19 . 2010-12-23 16:54 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-30 13:48 . 2011-05-15 11:31 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-22 13:36 . 2009-09-19 18:52 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-12-10 15:31 . 2009-09-19 18:52 22328 ----a-w- c:\users\Gebruiker\AppData\Roaming\PnkBstrK.sys 2011-11-25 15:59 . 2012-01-11 16:12 376320 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 13:37 . 2011-12-15 11:22 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-18 20:23 . 2012-01-11 16:12 1205064 ----a-w- c:\windows\system32\ntdll.dll 2011-11-18 17:47 . 2012-01-11 16:12 66560 ----a-w- c:\windows\system32\packager.dll 2010-11-28 13:37 . 2010-11-28 13:38 1164640 ----a-w- c:\program files\unins000.exe 2010-11-18 19:48 . 2010-11-28 13:38 1792000 ----a-w- c:\program files\launcher.exe 2009-06-16 18:54 . 2009-08-16 18:45 13727048 ----a-w- c:\program files\winzip121.exe 2001-05-24 09:59 . 2009-09-26 17:05 162304 ----a-w- c:\program files\UNWISE.EXE 1998-11-08 08:10 . 2009-08-17 16:30 520 ----a-w- c:\program files\car2.reg 1998-10-16 08:05 . 2009-08-17 16:30 118784 ----a-w- c:\program files\d3d.bdd 1998-07-25 11:42 . 2009-08-17 16:30 69632 ----a-w- c:\program files\3dfx_win.bdd 1998-07-24 15:48 . 2009-08-17 16:30 69632 ----a-w- c:\program files\hardware_3dfx.bdd 1998-07-21 14:12 . 2009-08-17 16:30 236544 ----a-w- c:\program files\hardware_d3d.bdd 1998-06-13 05:49 . 2009-08-17 16:30 17920 ----a-w- c:\program files\DDRAW.BDD 1998-06-13 05:48 . 2009-08-17 16:30 139776 ----a-w- c:\program files\SOFTD.BDD 1998-06-13 05:48 . 2009-08-17 16:30 18432 ----a-w- c:\program files\SOFTB.BDD 1998-06-13 05:48 . 2009-08-17 16:30 34304 ----a-w- c:\program files\SOFTTZ.BDD 1998-06-13 05:48 . 2009-08-17 16:30 31232 ----a-w- c:\program files\SOFTT.BDD 1998-06-13 05:48 . 2009-08-17 16:30 100864 ----a-w- c:\program files\SOFTHZF.BDD 1998-06-13 05:48 . 2009-08-17 16:30 53248 ----a-w- c:\program files\SOFTHF.BDD 1998-06-13 05:48 . 2009-08-17 16:30 137216 ----a-w- c:\program files\SFTIZFBF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 135168 ----a-w- c:\program files\SOFTIZBF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 142848 ----a-w- c:\program files\SOFTIZFF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 173568 ----a-w- c:\program files\SOFTIZF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 103424 ----a-w- c:\program files\SOFTIF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 13312 ----a-w- c:\program files\SOFTIZ.BDD 1998-06-13 05:47 . 2009-08-17 16:30 12288 ----a-w- c:\program files\SOFTI.BDD 1998-06-13 05:47 . 2009-08-17 16:30 108544 ----a-w- c:\program files\SOFTPRMF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 8704 ----a-w- c:\program files\MCGA.BDD 1998-06-13 05:47 . 2009-08-17 16:30 23552 ----a-w- c:\program files\VESA.BDD . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-02-13 15:14 1811296 ----a-w- c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll" [2012-02-13 1811296] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NSLauncher"="c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe" [2006-11-28 2658304] "NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2011-12-13 190768] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-02-13 939872] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-01-16 16:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2008-05-20 10:06 6144000 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-11-20 10:15 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2] 2004-08-30 14:37 286720 ----a-w- c:\windows\vsnpstd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-08-16 18:39 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 14:29] . 2012-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 14:29] . 2012-02-13 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://msn.nl/ TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-PcSync - c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe . . . ************************************************************************** scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:95,ef,02,97,d9,4c,ed,d5,13,15,e4,3e,2a,ed,21,fc,5d,ef,68,58,0c,6e,db, e7,98,ad,24,b3,4c,37,9c,19,a0,45,c5,4d,d6,43,85,22,19,f3,90,22,90,51,62,65,\ "??"=hex:06,db,d0,4b,b7,08,cb,0b,a0,18,78,ad,01,5c,b3,28 . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\SecuROM\License information*] "datasecu"=hex:93,b3,34,a8,8b,a6,06,bc,9d,c2,f3,ab,24,b6,d4,b8,71,f0,a3,74,37, 18,43,ea,86,85,64,df,c4,14,94,c1,6d,4f,6f,9d,24,1c,a9,e1,55,d7,ec,a9,ed,44,\ "rkeysecu"=hex:87,59,20,87,ce,78,2a,73,2c,31,c3,99,23,50,99,c5 . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\c:\Users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats] "qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00" "qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00" "qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00" . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\c:\Users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs] "qcncodecs4.dll"=multi:"2011-10-10T16:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00" "qkrcodecs4.dll"=multi:"2011-10-10T16:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00" "qtwcodecs4.dll"=multi:"2011-10-10T16:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00" . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs] "qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T16:42\00\00" "qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats] "Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00" "msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00" "qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-02-13 16:53:00 ComboFix-quarantined-files.txt 2012-02-13 15:52 ComboFix2.txt 2012-02-11 10:38 . Pre-Run: 606.757.998.592 bytes beschikbaar Post-Run: 605.763.858.432 bytes beschikbaar . - - End Of File - - 6C51F83E546A5F321103ABB51DF57064

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:52:27, on 13-2-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\System32\mobsync.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1ca25908833949e) (gupdate1ca25908833949e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- End of file - 3073 bytes

heb ik geprobeerd maar het progamma start 2 sec en doed verder niets ,haald ook het bestemde kladblok niet op. maar nu even dit is er bij je collega iets verkeerd gegaan , die in indruk heb ik wel . ---------- Post toegevoegd om 15:09 ---------- Vorige post was om 15:05 ---------- ook de updates van avg krijg ik niet mee , geeft aan update is mislukt

kan het Combofix.txt log niet vinden . tijdens het draaien van combofix kon ik zien dat hij het kladblokbestand van het bureaublad af haalde.

ik heb combofix op nieuw gedaait maar hij geeft geen log uit

ComboFix 12-02-10.03 - Gebruiker 11-02-2012 11:25:56.2.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3326.1993 [GMT 1:00] Gestart vanuit: c:\users\Gebruiker\Desktop\11111.exe AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160} FW: AVG Firewall *Enabled* {621CC794-9486-F902-D092-0484E8EA828B} SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . ---- Voorgaande Run ------- . C:\90210.exe C:\iexplor520.exe C:\Iexplor701.exe C:\Iexploreiosg.exe C:\Install.exe c:\program files\INSTALL.LOG c:\programdata\Tages c:\programdata\Tages\100663612\Serial.txt c:\programdata\Tages\Priv.xey c:\users\Gebruiker\AppData\Roaming\.# c:\users\Gebruiker\AppData\Roaming\client c:\users\Gebruiker\AppData\Roaming\data.dat c:\users\Gebruiker\AppData\Roaming\Gebruiker3SQLite3.dll c:\users\Gebruiker\AppData\Roaming\Gebruikerlog.dat c:\users\Gebruiker\AppData\Roaming\Secure-Soft Bot c:\users\Gebruiker\AppData\Roaming\Svchost.exe c:\users\Gebruiker\AppData\Roaming\system32 c:\users\Gebruiker\AppData\Roaming\Windowsupdate c:\users\Gebruiker\AppData\Roaming\Windowsupdate\Update - kopie (2).exe c:\users\Gebruiker\AppData\Roaming\Windowsupdate\Update - kopie (3).exe c:\users\Gebruiker\AppData\Roaming\Windowsupdate\Update - kopie.exe c:\users\Gebruiker\AppData\Roaming\Windowsupdate\Update.exe c:\windows\IsUn0413.exe c:\windows\system32\CddbCdda.dll c:\windows\system32\muzapp.exe c:\windows\system32\system c:\windows\unin0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-01-11 to 2012-02-11 )))))))))))))))))))))))))))))) . . 2012-02-11 10:35 . 2012-02-11 10:35 -------- d-----w- c:\users\Gebruiker\AppData\Local\temp 2012-02-11 10:35 . 2012-02-11 10:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-02-11 10:35 . 2012-02-11 10:35 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-02-10 18:38 . 2012-01-05 19:19 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A566E735-D703-4BA4-9493-2275FDE8275F}\mpengine.dll 2012-02-10 18:05 . 2012-02-10 18:05 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\AVG9 2012-02-10 17:09 . 2012-02-10 17:09 -------- d-----w- C:\rsit 2012-02-10 16:11 . 2012-02-10 16:10 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5825539C-3241-47EF-982C-6339D579017E}\gapaengine.dll 2012-02-06 17:37 . 2012-02-10 11:55 -------- d-----w- c:\program files\Ask.com 2012-02-06 17:36 . 2012-02-06 17:36 -------- d-----w- c:\users\Gebruiker\AppData\Local\APN 2012-02-05 17:18 . 2012-02-05 17:18 388096 ----a-r- c:\users\Gebruiker\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-02-05 17:18 . 2012-02-05 17:18 -------- d-----w- c:\program files\Trend Micro 2012-02-05 10:30 . 2012-02-05 10:30 -------- d-----w- c:\program files\Common Files\Java 2012-02-05 10:07 . 2012-02-05 10:07 -------- d-----w- c:\program files\E Dev 2012-02-04 18:18 . 2012-02-04 18:18 -------- d-----w- c:\users\Gebruiker\AppData\Roaming\TuneUp Software 2012-02-04 18:17 . 2012-02-11 08:22 -------- d-----w- c:\programdata\TuneUp Software 2012-02-04 18:17 . 2012-02-04 18:17 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-04 15:40 . 2008-08-26 08:26 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2012-02-04 15:40 . 2012-02-04 15:40 -------- d-----w- c:\program files\PC Connectivity Solution 2012-01-23 13:07 . 2012-01-23 13:07 -------- d-----w- c:\program files\iPod 2012-01-18 15:18 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-01-18 15:18 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll 2012-01-18 15:18 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll 2012-01-18 15:18 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll 2012-01-18 15:18 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll 2012-01-18 15:18 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-02-05 10:30 . 2010-04-21 13:58 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-01-31 12:44 . 2009-10-03 13:25 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-01-26 10:54 . 2009-09-19 18:52 139128 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-01-26 10:54 . 2010-02-28 17:13 215128 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-01-26 10:54 . 2009-09-19 18:52 215128 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-01-05 19:19 . 2010-12-23 16:54 6557240 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2011-12-30 13:48 . 2011-05-15 11:31 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-12-22 13:36 . 2009-09-19 18:52 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-12-10 15:31 . 2009-09-19 18:52 22328 ----a-w- c:\users\Gebruiker\AppData\Roaming\PnkBstrK.sys 2011-11-25 15:59 . 2012-01-11 16:12 376320 ----a-w- c:\windows\system32\winsrv.dll 2011-11-23 13:37 . 2011-12-15 11:22 2043904 ----a-w- c:\windows\system32\win32k.sys 2011-11-18 20:23 . 2012-01-11 16:12 1205064 ----a-w- c:\windows\system32\ntdll.dll 2011-11-18 17:47 . 2012-01-11 16:12 66560 ----a-w- c:\windows\system32\packager.dll 2010-11-28 13:37 . 2010-11-28 13:38 1164640 ----a-w- c:\program files\unins000.exe 2010-11-18 19:48 . 2010-11-28 13:38 1792000 ----a-w- c:\program files\launcher.exe 2009-06-16 18:54 . 2009-08-16 18:45 13727048 ----a-w- c:\program files\winzip121.exe 2001-05-24 09:59 . 2009-09-26 17:05 162304 ----a-w- c:\program files\UNWISE.EXE 1998-11-08 08:10 . 2009-08-17 16:30 520 ----a-w- c:\program files\car2.reg 1998-10-16 08:05 . 2009-08-17 16:30 118784 ----a-w- c:\program files\d3d.bdd 1998-07-25 11:42 . 2009-08-17 16:30 69632 ----a-w- c:\program files\3dfx_win.bdd 1998-07-24 15:48 . 2009-08-17 16:30 69632 ----a-w- c:\program files\hardware_3dfx.bdd 1998-07-21 14:12 . 2009-08-17 16:30 236544 ----a-w- c:\program files\hardware_d3d.bdd 1998-06-13 05:49 . 2009-08-17 16:30 17920 ----a-w- c:\program files\DDRAW.BDD 1998-06-13 05:48 . 2009-08-17 16:30 139776 ----a-w- c:\program files\SOFTD.BDD 1998-06-13 05:48 . 2009-08-17 16:30 18432 ----a-w- c:\program files\SOFTB.BDD 1998-06-13 05:48 . 2009-08-17 16:30 34304 ----a-w- c:\program files\SOFTTZ.BDD 1998-06-13 05:48 . 2009-08-17 16:30 31232 ----a-w- c:\program files\SOFTT.BDD 1998-06-13 05:48 . 2009-08-17 16:30 100864 ----a-w- c:\program files\SOFTHZF.BDD 1998-06-13 05:48 . 2009-08-17 16:30 53248 ----a-w- c:\program files\SOFTHF.BDD 1998-06-13 05:48 . 2009-08-17 16:30 137216 ----a-w- c:\program files\SFTIZFBF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 135168 ----a-w- c:\program files\SOFTIZBF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 142848 ----a-w- c:\program files\SOFTIZFF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 173568 ----a-w- c:\program files\SOFTIZF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 103424 ----a-w- c:\program files\SOFTIF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 13312 ----a-w- c:\program files\SOFTIZ.BDD 1998-06-13 05:47 . 2009-08-17 16:30 12288 ----a-w- c:\program files\SOFTI.BDD 1998-06-13 05:47 . 2009-08-17 16:30 108544 ----a-w- c:\program files\SOFTPRMF.BDD 1998-06-13 05:47 . 2009-08-17 16:30 8704 ----a-w- c:\program files\MCGA.BDD 1998-06-13 05:47 . 2009-08-17 16:30 23552 ----a-w- c:\program files\VESA.BDD . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] 2008-01-22 09:13 152872 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] 2008-01-21 02:25 125952 ----a-w- c:\windows\ehome\ehtray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] 2009-02-26 17:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-01-16 16:22 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] 2006-06-27 14:21 1449984 ----a-w- c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2008-05-20 10:06 6144000 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] 2007-11-20 10:15 1826816 ----a-w- c:\windows\SkyTel.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2] 2004-08-30 14:37 286720 ----a-w- c:\windows\vsnpstd2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2009-08-16 18:39 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . R2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Inhoud van de 'Gedeelde Taken' map . 2012-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 14:29] . 2012-02-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-08-25 14:29] . 2012-02-11 c:\windows\Tasks\HP Photo Creations Messager.job - c:\programdata\HP Photo Creations\MessageCheck.exe [2011-02-15 10:11] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://msn.nl/ IE: Zoek op het web - c:\program files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html TCP: DhcpNameServer = 192.168.1.1 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) WebBrowser-{AB8DC1E0-22BE-4181-B77E-02C495E031F8} - c:\program files\HyvesToolbar\Hyves Toolbar\tbcore3.dll WebBrowser-{5E5AB302-7F65-44CD-8211-C1D4CAACCEA3} - (no file) WebBrowser-{FC7CC2AB-180C-41BD-95D2-FFA6BA645EB8} - (no file) WebBrowser-{B9D63C58-90CC-428B-8D3B-CBB88EB07E7E} - (no file) WebBrowser-{13E6001D-2628-4EBA-B8E1-36866E267EAF} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) WebBrowser-{65CA59EE-9920-4D7F-8C41-BFA12403261A} - (no file) WebBrowser-{F4E6547E-325B-403C-A3BB-AD29ED37A92F} - (no file) WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file) ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file) SafeBoot-WudfPf SafeBoot-WudfRd SafeBoot-BsScanner MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-HD Treiber x64 - c:\users\Gebruiker\AppData\Roaming\Treiber_Update.exe MSConfigStartUp-MSSE - c:\program files\Microsoft Security Essentials\msseces.exe MSConfigStartUp-NBKeyScan - c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe MSConfigStartUp-NSLauncher - c:\program files\Nokia\Nokia Software Launcher\NSLauncher.exe MSConfigStartUp-SUPERAntiSpyware - c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe AddRemove-Klaverjassen - c:\windows\unin0413.exe AddRemove-The Treasures of Montezuma 2 Deluxe - c:\games\The Treasures of Montezuma 2 Deluxe\GameInstlr.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-02-11 11:35 Windows 6.0.6002 Service Pack 2 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:95,ef,02,97,d9,4c,ed,d5,13,15,e4,3e,2a,ed,21,fc,5d,ef,68,58,0c,6e,db, e7,98,ad,24,b3,4c,37,9c,19,a0,45,c5,4d,d6,43,85,22,19,f3,90,22,90,51,62,65,\ "??"=hex:06,db,d0,4b,b7,08,cb,0b,a0,18,78,ad,01,5c,b3,28 . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\SecuROM\License information*] "datasecu"=hex:93,b3,34,a8,8b,a6,06,bc,9d,c2,f3,ab,24,b6,d4,b8,71,f0,a3,74,37, 18,43,ea,86,85,64,df,c4,14,94,c1,6d,4f,6f,9d,24,1c,a9,e1,55,d7,ec,a9,ed,44,\ "rkeysecu"=hex:87,59,20,87,ce,78,2a,73,2c,31,c3,99,23,50,99,c5 . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\c:\Users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats] "qgif4.dll"=multi:"2011-10-10T16:42\00gif\00\00" "qico4.dll"=multi:"2011-10-10T16:42\00ico\00\00" "qjpeg4.dll"=multi:"2011-10-10T16:42\00jpeg\00jpg\00\00" . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.7\com.trolltech.Qt.QTextCodecFactoryInterface:\c:\Users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs] "qcncodecs4.dll"=multi:"2011-10-10T16:42\00GB18030\00GBK\00GB2312\00CP936\00MS936\00windows-936\00MIB: 114\00MIB: 113\00MIB: 2025\00\00" "qkrcodecs4.dll"=multi:"2011-10-10T16:42\00EUC-KR\00cp949\00MIB: 38\00MIB: -949\00\00" "qtwcodecs4.dll"=multi:"2011-10-10T16:42\00Big5\00Big5-HKSCS\00Big5-ETen\00CP950\00MIB: 2026\00MIB: 2101\00\00" . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\codecs] "qcncodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qjpcodecs4.dll"=multi:"40602\000\00Windows msvc release full-config\002011-10-10T16:42\00\00" "qjpcodecsd4.dll"=multi:"40703\001\00Windows msvc debug full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qkrcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qtwcodecs4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" . [HKEY_USERS\S-1-5-21-1117353456-3715185269-3049925691-1000\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.7.false\c:\users\Gebruiker\Desktop\BF3\B*a*t*t*l*e*f*i*e*l*d* *3*"!\Core\imageformats] "Microsoft.VC80.CRT.manifest"=multi:"0\001\00unknown\002011-10-10T16:42\00\00" "msvcr80.dll"=multi:"0\001\00unknown\002011-10-10T16:42\00\00" "qgif4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qico4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" "qjpeg4.dll"=multi:"40703\000\00Windows msvc release full-config QT_NO_DRAGANDDROP\002011-10-10T16:42\00\00" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Voltooingstijd: 2012-02-11 11:38:29 ComboFix-quarantined-files.txt 2012-02-11 10:38 . Pre-Run: 616.052.621.312 bytes beschikbaar Post-Run: 615.973.830.656 bytes beschikbaar . - - End Of File - - F4EF9EA5E7F001959B28C1BEBCFF3C06

ik heb het progamma nog een keer gedaaid en hij heeft een log gemaakt. moet ik die log op sturen.

ik heb het Combofix prgamma uit gevoerd maar toen hij klaar was heb ik bijna een uur gewacht . toeheb ik hem handmatig op nieuw gestart . het progamma werkte wel .

klopt het dat dit het progamma is TuneUp Utilities , wand als ik Combofix aan tik kom ik uit bij het eerder genoemde progamma

ik heb van avg alle instellingen open gemaakt en nergens zo als het op de side vind je dielink terug . kan ik zonder een virus te krijgen dat allemaal uit schakelen , en de firewall moet die ook uit

info.txt logfile of random's system information tool 1.09 2012-02-10 18:09:21 ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\Windows\UNNeroBackItUp.exe /UNINSTALL -->C:\Windows\UNNeroMediaHome.exe /UNINSTALL -->C:\Windows\UNNeroShowTime.exe /UNINSTALL -->C:\Windows\UNNeroVision.exe /UNINSTALL -->C:\Windows\UNRecode.exe /UNINSTALL -->MsiExec /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4} Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07} Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07} Act of War - Direct Action-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F9B915DF-B79C-4747-9BA3-9705A57DC717}\setup.exe" -l0x9 Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil10q_Plugin.exe -maintain plugin Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe -maintain activex Adobe Reader X (10.1.2)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} Advertising Center-->MsiExec.exe /X{b2ec4a38-b545-4a00-8214-13fe0e915e6d} Aion-->"C:\Program Files\InstallShield Installation Information\{29DBFF35-27F3-466E-9845-7D103A70CAF5}\setup.exe" -runfromtemp -l0x0009 -removeonly ALTools Update-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe" Apache: Air Assault 1.0.0.1-->"C:\Program Files\unins000.exe" Apple Application Support-->MsiExec.exe /I{343666E2-A059-48AC-AD67-230BF74E2DB2} Apple Mobile Device Support-->MsiExec.exe /I{8153ED9A-C94A-426E-9880-5E6775C08B62} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Ask Toolbar-->MsiExec.exe /X{86D4B82A-ABED-442A-BE86-96357B70F4FE} Ask Toolbar-->rundll32 C:\PROGRA~1\AskTBar\bar\1.bin\AskTBar.dll,O Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0013 -removeonly AVG 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL AVG PC Tuneup-->"C:\Program Files\AVG\AVG PC Tuneup\unins001.exe" Babylon toolbar on IE-->"C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\uninstall.exe" Basissoftware voor HP Photosmart 5510 series-->MsiExec.exe /I{1C028BEA-56C8-4262-8C48-806E31F22BE6} Battlefield: Bad Company™ 2-->MsiExec.exe /X{3AC8457C-0385-4BEA-A959-E095F05D6D67} BattleRaper-->MsiExec.exe /I{FFD3AC96-E1E2-4824-B70C-3899EE2AE859} Bejeweled 3-->"C:\Program Files\Bejeweled 3\uninstall.exe" "/U:C:\Program Files\Bejeweled 3\Uninstall\uninstall.xml" Bejeweled Blitz-->C:\Program Files\PopCap Games\Bejeweled Blitz\PopUninstall.exe "C:\Program Files\PopCap Games\Bejeweled Blitz\Install.log" Bing Bar Platform-->MsiExec.exe /I{B86C9440-82D7-423C-9FEC-6CB3092D1AA4} Bing Bar-->C:\Program Files\Bing Bar Installer\InstallManager.exe /UNINSTALL Bing Rewards Client Installer-->MsiExec.exe /X{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17} Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B} Call of Duty® 4 - Modern Warfare-->C:\Program Files\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe -runfromtemp -l0x0409 Crysis® 2-->MsiExec.exe /X{6033673D-2530-4587-8AD0-EB059FC263F9} D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Deep Blue Sea 2 1.00-->C:\Program Files\Games\Deep Blue Sea 2\Uninstall.exe DiRT2-->"C:\Program Files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe" -runfromtemp -l0x0009 -removeonly DolbyFiles-->MsiExec.exe /X{b1adf008-e898-4fe2-8a1f-690d9a06acaf} DVD Shrink 3.2-->"C:\Program Files\DVD Shrink\unins000.exe" EAX4 Unified Redist-->MsiExec.exe /X{89661B04-C646-4412-B6D3-5E19F02F1F37} Elf 1.15 Toolbar-->C:\PROGRA~1\Elf_1.15\UNWISE.EXE /U C:\PROGRA~1\Elf_1.15\INSTALL.LOG EPU-6 Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56B83336-FBC1-4C46-8613-90A9E3B440D6}\setup.exe" -l0x9 Feedback Tool-->MsiExec.exe /I{13A5E785-5197-4EAD-8EE3-D660271E49BC} Feedback Tool-->MsiExec.exe /I{90024193-9F13-4877-89D5-A1CDF0CBBF28} FinalAlert 2 - Yuri's Revenge-->C:\Windows\iun503.exe C:\Program Files\FinalAlert 2 - Yuri's Revenge\irunin.ini GameShadow-->MsiExec.exe /I{16393B5A-43A8-434B-B22A-0724581F7873} GameSpy Arcade-->C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG GameSpy Comrade-->MsiExec.exe /X{361AA6F2-124E-4E98-9402-83B1445B8448} Google Chrome-->"C:\Program Files\Google\Chrome\Application\17.0.963.46\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Home Media Server 4.0.0.0072-->C:\Program Files\SimpleCenter\uninstall.exe Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" HP Photo Creations-->"C:\Program Files\HP Photo Creations\uninst.exe" HP Photosmart 5510 series Haelp-->MsiExec.exe /I{E02964EA-0E1B-4620-A26E-CBAB0341B1BB} HP Update-->MsiExec.exe /X{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3} Hyves Toolbar-->C:\Program Files\Hyves\uninstall.exe Hyves Toolbar-->regsvr32 /u /s "C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll" Indeo® Software-->C:\Windows\IsUninst.exe -f"C:\Program Files\Ligos\Indeo\Uninst.isu" iTunes-->MsiExec.exe /I{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C} Java 6 Update 30-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216030FF} Jewel Quest 5 The Sleepless Star CE 1.00-->C:\Program Files\Games\Jewel Quest 5 The Sleepless Star CE\Uninstall.exe Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Klaverjassen-->C:\Windows\unin0413.exe -f"c:\program files\games\DeIsL1.isu" -c"c:\program files\games\_ISREG32.DLL" Lineage II-->C:\Program Files\InstallShield Installation Information\{21040472-F8DF-48A9-A093-2986C1495670}\setup.exe -runfromtemp -l0x0009 -removeonly Lyrics Plugin for iTunes-->MsiExec.exe /I{5B0E58BD-1F06-4A17-80FB-7C93C5FD039B} Lyrics Plugin for Winamp-->MsiExec.exe /I{75E9A522-65D2-4200-A95F-C3EF89703263} Lyrics Plugin for Windows Media Player-->MsiExec.exe /I{43002AE2-4093-49E0-A03D-990EE184C568} marvell 61xx-->C:\Program Files\Marvell\61xx\uninst-61xx.exe Medal of Honor -->MsiExec.exe /X{415030B8-3E8B-462A-8C03-41D95AA3AB3B} MediaBar-->C:\Program Files\BearShare Applications\MediaBar\uninstall.exe Menu Templates - Starter Kit-->MsiExec.exe /X{b78120a0-cf84-4366-a393-4d0a59bc546c} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Messenger Companion-->MsiExec.exe /I{8142D25E-028A-4563-86ED-5755783C8029} Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF} Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6} Microsoft Antimalware Service NL-NL Language Pack-->MsiExec.exe /X{F8EDC0F8-15BC-4411-8762-77105C8AAEEC} Microsoft Antimalware-->MsiExec.exe /X{05BFB060-4F22-4710-B0A2-2801A1B606C5} Microsoft Default Manager-->MsiExec.exe /X{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{F2508213-9989-4E85-A078-72BE483917EF} Microsoft Games for Windows Marketplace-->MsiExec.exe /X{4CB0307C-565E-4441-86BE-0DF2E4FB828C} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISER /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Enterprise 2007-->MsiExec.exe /X{91120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE} Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE} Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262} Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE} Microsoft Office Outlook Connector-->MsiExec.exe /X{95140000-007F-0413-0000-0000000FF1CE} Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE} Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE} Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE} Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE} Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE} Microsoft Search Enhancement Pack-->MsiExec.exe /X{928B06E4-DDAA-476A-926A-641620326327} Microsoft Security Client NL-NL Language Pack-->MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825} Microsoft Security Client-->MsiExec.exe /I{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B} Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Text-to-Speech Engine 4.0 (English)-->RunDll32 advpack.dll,LaunchINFSection C:\Windows\INF\msTTS.inf, Uninstall Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729-->MsiExec.exe /X{6AFCA4E1-9B78-3640-8F72-A7BF33448200} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Microsoft_VC100_CRT_SP1_x86-->MsiExec.exe /I{E3B64CC5-C011-40C0-92BC-7316CD5E5688} Movie Templates - Starter Kit-->MsiExec.exe /X{e498385e-1c51-459a-b45f-1721e37aa1a0} MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NCsoft Launcher-->"C:\Program Files\InstallShield Installation Information\{C9FB868B-2086-4EE2-BD4F-BFBA36B131F4}\setup.exe" -runfromtemp -l0x0009 -removeonly Nero 7 Premium-->MsiExec.exe /X{98EFD8F0-08DE-48DB-B922-A2EBAB711043} Nero BurnRights-->MsiExec.exe /X{7829db6f-a066-4e40-8912-cb07887c20bb} Nero ControlCenter-->MsiExec.exe /X{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} Nero CoverDesigner-->MsiExec.exe /X{62ac81f6-bdd3-4110-9d36-3e9eaab40999} Nero Disc Copy Gadget-->MsiExec.exe /X{f1861f30-3419-44db-b2a1-c274825698b3} Nero DiscSpeed-->MsiExec.exe /X{869200db-287a-4dc0-b02b-2b6787fbcd4c} Nero DriveSpeed-->MsiExec.exe /X{33cf58f5-48d8-4575-83d6-96f574e4d83a} Nero InfoTool-->MsiExec.exe /X{fbcdfd61-7dcf-4e71-9226-873ba0053139} Nero Installer-->MsiExec.exe /X{e8a80433-302b-4ff1-815d-fcc8eac482ff} Nero Live-->MsiExec.exe /X{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa} Nero PhotoSnap-->MsiExec.exe /X{9e82b934-9a25-445b-b8df-8012808074ac} Nero Recode-->MsiExec.exe /X{359cfc0a-beb1-440d-95ba-cf63a86da34f} Nero Rescue Agent-->MsiExec.exe /X{368ba326-73ad-4351-84ed-3c0a7a52cc53} Nero ShowTime-->MsiExec.exe /X{d9dcf92e-72eb-412d-ac71-3b01276e5f8b} Nero StartSmart-->MsiExec.exe /X{7748ac8c-18e3-43bb-959b-088faea16fb2} Nero Vision-->MsiExec.exe /X{43e39830-1826-415d-8bae-86845787b54b} Nero WaveEditor-->MsiExec.exe /X{a209525b-3377-43f4-b886-32f6b6e7356f} NeroBurningROM-->MsiExec.exe /X{d025a639-b9c9-417d-8531-208859000af8} NeroExpress-->MsiExec.exe /X{595a3116-40bb-4e0f-a2e8-d7951da56270} NeroLiveGadget-->MsiExec.exe /X{9e9fdde6-2c26-492a-85a0-05646b3f2795} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} newsgroepen Toolbar-->C:\Program Files\newsgroepen\uninstall.exe NewsLeecher v3.9 Final-->"C:\Program Files\NewsLeecher\unins000.exe" Next Generation Visualisations-->MsiExec.exe /I{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B} Nokia Connectivity Cable Driver-->MsiExec.exe /I{4AA68A73-DB9C-439D-9481-981C82BD008B} Nokia Lifeblog 2.5-->MsiExec.exe /I{E94603CA-2996-4154-8EE2-A5FCD4BFB500} Nokia Map Loader-->MsiExec.exe /I{45D4F727-43B5-49CD-B474-B9866A8F4FB8} Nokia MTP driver-->MsiExec.exe /I{0E94871C-623C-464F-A117-B8474BFF84E1} Nokia Ovi Player-->MsiExec.exe /I{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF} Nokia PC Suite-->MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375} Nokia Software Updater-->MsiExec.exe /X{F983B4FE-547B-4C44-BAF7-4F4DBA93D548} Nokia Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7}\Installer.exe Nokia Suite-->MsiExec.exe /X{92D1CEBC-7C72-4ECF-BFC6-C131EF3FE6A7} Nokia_Multimedia_Common_Components_2_5-->MsiExec.exe /I{70B31335-50EE-4834-8431-27412CDE62BD} NVIDIA 3D Vision Controller Driver-->"C:\Program Files\InstallShield Installation Information\{714B9C6C-70FC-4750-98E2-61520B906C45}\setup.exe" -runfromtemp -l0x0009 -removeonly NVIDIA 3D Vision controllerstuurprogramma 285.62-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.NVIRUSB NVIDIA 3D Vision stuurprogramma 285.62-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.3DVision NVIDIA Grafisch stuurprogramma 285.62-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.Driver NVIDIA PhysX systeemsoftware 9.11.0621-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /X{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4} NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask NVIDIA Update 1.5.20-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.3\NVI2.DLL",UninstallPackage Display.Update OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18} OpenAL-->"C:\Program Files\OpenAL\oalinst.exe" /U PC Connectivity Solution-->MsiExec.exe /I{A2AA4204-C05A-4013-888A-AD153139297F} PC Info-->MsiExec.exe /I{E6F1FA4C-A2E9-4D59-BA1B-1310F3A2E33F} Productverbeteringonderzoek HP Photosmart 5510 series-->MsiExec.exe /I{5916F99F-8A3E-4853-BB9E-C9B4A622094F} ProtectDisc Driver, Version 11-->C:\Program Files\ProtectDisc Driver Installer\uninstall_v11.exe PunkBuster Services-->C:\Users\Gebruiker\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe -u QuickPar 0.9-->C:\Program Files\QuickPar\uninst.exe QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C} Rage-->"M:\game\Rage\unins000.exe" RapeLay-->C:\Program Files\InstallShield Installation Information\{CA31F991-DBD2-4DE1-B6D2-30105F23CBBC}\setup.exe -runfromtemp -l0x0009 -removeonly Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709 redist-->MsiExec.exe /I{153C7D89-9CF4-4719-A551-C5BF45236DB5} Risen-->"C:\Program Files\InstallShield Installation Information\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}\setup.exe" -runfromtemp -l0x0009 -removeonly Safari-->MsiExec.exe /I{F2AF3E5D-9697-485C-A5AC-E2B9468C446A} Samsung Auto Backup-->"C:\Program Files\InstallShield Installation Information\{821D6F49-1B20-4809-8C73-286CFC52B1B1}\setup.exe" -runfromtemp -l0x0013 -removeonly SearchElf 1.2 Toolbar-->C:\PROGRA~1\SEARCH~1.2\UNWISE.EXE /U C:\PROGRA~1\SEARCH~1.2\INSTALL.LOG Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)-->c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP Security Update for Windows Media Encoder (KB2447961)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={6139D160-F916-4708-953E-68B213BE6B7A} /qb Security Update for Windows Media Encoder (KB979332)-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} MSIPATCHREMOVE={950E24CA-CA7E-4606-8F0D-DEDBC94F2A1E} /qb Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} SilverCrest GML807 Driver-->"C:\Program Files\InstallShield Installation Information\{3AC9D33E-918B-4171-91F4-EFDD43F32501}\setup.exe" -runfromtemp -l0x0013 -removeonly SmartSound Common Data-->"C:\Program Files\InstallShield Installation Information\{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}\setup.exe" -runfromtemp -l0x0409 -removeonly SmartSound Common Data-->MsiExec.exe /I{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} SmartSound Quicktracks 5-->"C:\Program Files\InstallShield Installation Information\{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}\setup.exe" -runfromtemp -l0x0409 -removeonly SmartSound Quicktracks 5-->MsiExec.exe /I{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} Softonic Netherlands Toolbar-->C:\PROGRA~1\SOFTON~1\UNWISE.EXE /U C:\PROGRA~1\SOFTON~1\INSTALL.LOG SoundTrax-->MsiExec.exe /X{c5a7cb6c-e76d-408f-ba0e-85605420fe9d} Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3} System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP ToggleDU Toolbar-->C:\PROGRA~1\ToggleDU\UNINST~1.EXE Tom Clancy's EndWar-->"C:\Program Files\InstallShield Installation Information\{7C3D8108-8D99-427F-A1C2-D8E0D25A469C}\setup.exe" -runfromtemp -l0x0009 -removeonly Trust WB-3400T Webcam-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}\Setup.exe" -l0x9 Ubisoft Game Launcher-->"C:\Program Files\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202} Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202} Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48202D27-A6D4-4264-A184-51A6E8AD7C40} Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {48202D27-A6D4-4264-A184-51A6E8AD7C40} Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF} Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF} Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF} Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {91120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF} Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809} VC8&9 CRT and ATL-->MsiExec.exe /X{516A594B-FEFF-4521-B857-69809AB266FF} Windows 7 Upgrade Advisor-->MsiExec.exe /I{0DC66F25-C58F-40d3-86BC-CA29C6D99BF8} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C} Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen-->MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F} Windows Live Mesh-->MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live Messenger-->MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27} Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11} Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92} Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live Remote Client Resources-->MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D} Windows Live Remote Client-->MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF} Windows Live Remote Service Resources-->MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95} Windows Live Remote Service-->MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live Sync-->MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D} Windows Live UX Platform Language Pack-->MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218} Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Media Encoder 9 Series-->msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows Media Encoder 9 Series-->MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf WinRAR 4.00 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe Wolfenstein 1.1 Patch-->C:\Program Files\InstallShield Installation Information\{E03B44A3-9237-4B55-B7A5-DB1DD46920D3}\setup.exe -runfromtemp -l0x0409 World in Conflict-->C:\Program Files\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0009 -removeonly WW2 Time of Wrath-->"C:\Windows\WW2 Time of Wrath\uninstall.exe" "/U:C:\Matrix Games\WW2 Time of Wrath\Uninstall\uninstall.xml" WWII General Commander-->"C:\Windows\WWII General Commander\uninstall.exe" "/U:C:\Matrix Games\WWII General Commander\Uninstall\uninstall.xml" Xfire (remove only)-->"C:\Program Files\Xfire\uninst.exe" XfireXO Toolbar-->C:\PROGRA~1\XfireXO\UNWISE.EXE /U C:\PROGRA~1\XfireXO\INSTALL.LOG Xotic © WXP Games version 1-->"M:\game\Xotic\unins000.exe" ======Security center information====== AS: Windows Defender ======System event log====== Computer Name: PC_van_Gebruike Event Code: 4371 Message: De status van pakket KB2117917(Update) wordt gewijzigd van Geïnstalleerd(Installed) naar Geïnstalleerd(Installed) Record Number: 1532999 Source Name: Microsoft-Windows-Servicing Time Written: 20120209164226.000000-000 Event Type: Informatie User: PC_van_Gebruike\Gebruiker Computer Name: PC_van_Gebruike Event Code: 4371 Message: De status van pakket KB2117917(Update) wordt gewijzigd van Geïnstalleerd(Installed) naar Geïnstalleerd(Installed) Record Number: 1532998 Source Name: Microsoft-Windows-Servicing Time Written: 20120209164226.000000-000 Event Type: Informatie User: PC_van_Gebruike\Gebruiker Computer Name: PC_van_Gebruike Event Code: 4371 Message: De status van pakket KB2117917(Update) wordt gewijzigd van Geïnstalleerd(Installed) naar Geïnstalleerd(Installed) Record Number: 1532997 Source Name: Microsoft-Windows-Servicing Time Written: 20120209164226.000000-000 Event Type: Informatie User: PC_van_Gebruike\Gebruiker Computer Name: PC_van_Gebruike Event Code: 4371 Message: De status van pakket KB2117917(Update) wordt gewijzigd van Geïnstalleerd(Installed) naar Geïnstalleerd(Installed) Record Number: 1532996 Source Name: Microsoft-Windows-Servicing Time Written: 20120209164226.000000-000 Event Type: Informatie User: PC_van_Gebruike\Gebruiker Computer Name: PC_van_Gebruike Event Code: 4371 Message: De status van pakket KB2117917(Update) wordt gewijzigd van Geïnstalleerd(Installed) naar Geïnstalleerd(Installed) Record Number: 1532995 Source Name: Microsoft-Windows-Servicing Time Written: 20120209164226.000000-000 Event Type: Informatie User: PC_van_Gebruike\Gebruiker =====Application event log===== Computer Name: PC_van_Gebruike Event Code: 0 Message: Record Number: 96876 Source Name: gupdate1ca25908833949e Time Written: 20111102212602.000000-000 Event Type: Informatie User: Computer Name: PC_van_Gebruike Event Code: 0 Message: Record Number: 96875 Source Name: gupdate1ca25908833949e Time Written: 20111102212601.000000-000 Event Type: Informatie User: Computer Name: PC_van_Gebruike Event Code: 1007 Message: Gegevens voor het Programma voor verbetering van de gebruikerservaring zijn naar Microsoft verzonden. Record Number: 96874 Source Name: Microsoft-Windows-CEIP Time Written: 20111102201728.000000-000 Event Type: Informatie User: Computer Name: PC_van_Gebruike Event Code: 1005 Message: Gegevens voor het Programma voor verbetering van de gebruikerservaring zijn samengevoegd in bestanden die voor analyse naar Microsoft worden verzonden. Deze bestanden worden alleen verzonden als de gebruiker deelneemt aan het Windows-programma voor verbetering van de gebruikerservaring. Record Number: 96873 Source Name: Microsoft-Windows-CEIP Time Written: 20111102200001.000000-000 Event Type: Informatie User: Computer Name: PC_van_Gebruike Event Code: 8224 Message: De VSS-service is vanwege een time-out voor niet actief afgesloten. Record Number: 96872 Source Name: VSS Time Written: 20111102180724.000000-000 Event Type: Informatie User: =====Security event log===== Computer Name: PC_van_Gebruike Event Code: 4634 Message: Er is een account afgemeld. Onderwerp: Beveiligings-id: S-1-5-21-1117353456-3715185269-3049925691-1003 Accountnaam: UpdatusUser Accountdomein: PC_van_Gebruike Aanmeldings-id: 0x2d82f1 Aanmeldingstype: 5 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt vernietigd. De gebeurtenis kan met behulp van de aanmeldings-id positief worden afgestemd met een aanmeldingsgebeurtenis. Aanmeldings-id's zijn alleen uniek wanneer de computer opnieuw is opgestart. Record Number: 105944 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111102215833.662416-000 Event Type: Controle geslaagd User: Computer Name: PC_van_Gebruike Event Code: 4634 Message: Er is een account afgemeld. Onderwerp: Beveiligings-id: S-1-5-7 Accountnaam: ANONIEME LOGON Accountdomein: NT AUTHORITY Aanmeldings-id: 0xa753f Aanmeldingstype: 3 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt vernietigd. De gebeurtenis kan met behulp van de aanmeldings-id positief worden afgestemd met een aanmeldingsgebeurtenis. Aanmeldings-id's zijn alleen uniek wanneer de computer opnieuw is opgestart. Record Number: 105943 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111102215825.488016-000 Event Type: Controle geslaagd User: Computer Name: PC_van_Gebruike Event Code: 1100 Message: De Event Logging-service is afgesloten. Record Number: 105942 Source Name: Microsoft-Windows-Eventlog Time Written: 20111102215817.797216-000 Event Type: Controle geslaagd User: Computer Name: PC_van_Gebruike Event Code: 4647 Message: De gebruiker heeft een afmelding gestart: Onderwerp: Beveiligings-id: S-1-5-21-1117353456-3715185269-3049925691-1000 Accountnaam: Gebruiker Accountdomein: PC_van_Gebruike Aanmeldings-id: 0x28177 Deze gebeurtenis wordt gegenereerd wanneer een afmelding wordt gestart maar het aantal tokenverwijzingen niet nul is en de aanmeldingssessie niet kan worden vernietigd. De gebruiker kan verder geen activiteiten starten. Deze gebeurtenis kan worden geïnterpreteerd als een afmeldingsgebeurtenis. Record Number: 105941 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111102215801.557616-000 Event Type: Controle geslaagd User: Computer Name: PC_van_Gebruike Event Code: 1102 Message: Het controlelogboek is gewist. Onderwerp: Beveiligings-id: S-1-5-21-1117353456-3715185269-3049925691-1000 Accountnaam: Gebruiker Domeinnaam: PC_van_Gebruike Aanmeldings-id: 0x28154 Record Number: 105940 Source Name: Microsoft-Windows-Eventlog Time Written: 20111102180504.686816-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\PC Connectivity Solution\;C:\Program Files\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\Common Files\Ulead Systems\MPEG;C:\Program Files\Windows Live\Shared;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=1707 "NUMBER_OF_PROCESSORS"=4 "TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat "DFSTRACINGON"=FALSE "asl.log"=Destination=file "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.09 (written by random/random) Run by Gebruiker at 2012-02-10 18:09:14 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 573 GB (60%) free of 954 GB Total RAM: 3326 MB (50% free) HijackThis download failed ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Messager.job ======Registry dump====== [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2008-01-22 152872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe] C:\Windows\ehome\ehTray.exe [2008-01-21 125952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HD Treiber x64] C:\Users\Gebruiker\AppData\Roaming\Treiber_Update.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2012-01-16 421736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe -hide [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe [2006-06-27 1449984] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Windows\RtHDVCpl.exe [2008-05-20 6144000] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] C:\Windows\Skytel.exe [2007-11-20 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2] C:\Windows\vsnpstd2.exe [2004-08-30 286720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-08-16 39408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BsScanner] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 "NoDriveTypeAutoRun"=255 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Users\Gebruiker\AppData\Roaming\svchost.exe"="C:\Users\Gebruiker\AppData\Roaming\svchost.exe:*:Enabled:Windows Messanger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=iyvu9_32.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "vidc.dvsd"=pdvcodec.dll "vidc.iv41"=ir41_32.ax "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "VIDC.XFR1"=xfcodec.dll "msacm.siren"=sirenacm.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-02-10 18:09:14 ----D---- C:\rsit 2012-02-06 18:37:07 ----D---- C:\Program Files\Ask.com 2012-02-05 18:18:45 ----D---- C:\Program Files\Trend Micro 2012-02-05 11:30:54 ----D---- C:\Program Files\Common Files\Java 2012-02-05 11:30:42 ----A---- C:\Windows\system32\javaws.exe 2012-02-05 11:30:42 ----A---- C:\Windows\system32\javaw.exe 2012-02-05 11:30:42 ----A---- C:\Windows\system32\java.exe 2012-02-05 11:13:04 ----A---- C:\log1.txt 2012-02-05 11:08:55 ----A---- C:\log.txt 2012-02-05 11:08:08 ----A---- C:\logtext.txt 2012-02-05 11:07:10 ----D---- C:\Program Files\E Dev 2012-02-04 19:18:11 ----D---- C:\Users\Gebruiker\AppData\Roaming\TuneUp Software 2012-02-04 19:17:57 ----D---- C:\ProgramData\TuneUp Software 2012-02-04 19:17:49 ----SHD---- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-04 16:40:56 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys 2012-02-04 16:40:17 ----D---- C:\Program Files\PC Connectivity Solution 2012-02-04 14:41:27 ----D---- C:\Program Files\PC Connectivity Solution(117) 2012-01-23 14:07:10 ----D---- C:\Program Files\iPod 2012-01-18 16:18:37 ----A---- C:\Windows\system32\winhttp.dll 2012-01-18 16:18:37 ----A---- C:\Windows\system32\secur32.dll 2012-01-18 16:18:37 ----A---- C:\Windows\system32\schannel.dll 2012-01-18 16:18:37 ----A---- C:\Windows\system32\lsass.exe 2012-01-18 16:18:37 ----A---- C:\Windows\system32\lsasrv.dll 2012-01-18 16:18:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2012-01-11 17:12:53 ----A---- C:\Windows\system32\winmm.dll 2012-01-11 17:12:53 ----A---- C:\Windows\system32\mciseq.dll 2012-01-11 17:12:41 ----A---- C:\Windows\system32\packager.dll 2012-01-11 17:12:38 ----A---- C:\Windows\system32\ntdll.dll 2012-01-11 17:12:36 ----A---- C:\Windows\system32\winsrv.dll 2012-01-11 17:12:32 ----A---- C:\Windows\system32\quartz.dll 2012-01-11 17:12:32 ----A---- C:\Windows\system32\qdvd.dll ======List of files/folders modified in the last 1 month====== 2012-02-10 18:09:15 ----D---- C:\Windows\Prefetch 2012-02-10 18:09:12 ----AD---- C:\ProgramData\TEMP 2012-02-10 18:09:11 ----D---- C:\Windows\Temp 2012-02-10 17:34:09 ----SHD---- C:\System Volume Information 2012-02-10 13:24:31 ----D---- C:\ProgramData\NVIDIA 2012-02-10 12:55:30 ----D---- C:\Program Files\SearchElf_1.2 2012-02-10 12:55:30 ----D---- C:\Program Files\newsgroepen 2012-02-10 12:55:30 ----D---- C:\Program Files\Elf_1.15 2012-02-10 12:55:27 ----D---- C:\Program Files\XfireXO 2012-02-10 12:55:27 ----D---- C:\Program Files\ToggleDU 2012-02-10 12:55:27 ----D---- C:\Program Files\Softonic_Netherlands 2012-02-10 12:55:27 ----D---- C:\Program Files\Hyves 2012-02-10 12:55:23 ----D---- C:\Windows\system32\drivers\etc 2012-02-10 12:33:20 ----D---- C:\Windows\system32\drivers\AVG 2012-02-10 12:27:45 ----D---- C:\Windows\System32 2012-02-09 14:01:40 ----D---- C:\Windows\inf 2012-02-08 13:40:55 ----D---- C:\Windows\system32\catroot2 2012-02-08 13:36:18 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-02-06 19:51:53 ----RD---- C:\Program Files 2012-02-06 19:06:23 ----SHD---- C:\Windows\Installer 2012-02-06 18:37:49 ----D---- C:\Windows\system32\Tasks 2012-02-06 15:27:32 ----D---- C:\Program Files\AVG Secure Search 2012-02-05 11:39:58 ----D---- C:\Windows 2012-02-05 11:30:54 ----D---- C:\Program Files\Common Files 2012-02-05 11:30:35 ----A---- C:\Windows\system32\deployJava1.dll 2012-02-05 10:21:15 ----D---- C:\Program Files\AVG 2012-02-04 20:09:34 ----D---- C:\Windows\system32\catroot 2012-02-04 20:08:01 ----D---- C:\Program Files\DAEMON Tools Toolbar 2012-02-04 19:17:57 ----HD---- C:\ProgramData 2012-02-04 16:41:02 ----D---- C:\Windows\system32\drivers 2012-02-04 16:40:56 ----DC---- C:\Windows\system32\DRVSTORE 2012-02-04 16:40:11 ----D---- C:\Windows\system32\drivers\UMDF 2012-02-04 16:01:24 ----D---- C:\Program Files\Nokia 2012-02-04 15:47:27 ----D---- C:\Windows\system32\Msdtc 2012-02-04 15:47:24 ----D---- C:\Windows\system32\wbem 2012-02-04 15:45:22 ----D---- C:\Windows\system32\config 2012-02-04 15:44:58 ----D---- C:\Windows\Tasks 2012-02-04 15:44:58 ----D---- C:\Windows\system32\spool 2012-02-04 15:44:57 ----D---- C:\Windows\system32\CodeIntegrity 2012-02-04 15:44:52 ----D---- C:\Program Files\yuPlay 2012-02-04 15:44:49 ----D---- C:\Program Files\iTunes 2012-02-04 15:44:48 ----D---- C:\Program Files\Common Files\AVG Secure Search 2012-02-04 15:44:44 ----D---- C:\Windows\registration 2012-02-04 14:43:46 ----D---- C:\Users\Gebruiker\AppData\Roaming\Nokia 2012-02-04 14:34:37 ----D---- C:\Users\Gebruiker\AppData\Roaming\PC Suite 2012-02-03 13:39:39 ----D---- C:\Windows\system32\WDI 2012-01-31 13:47:50 ----D---- C:\Program Files\Java 2012-01-31 13:44:05 ----N---- C:\Windows\system32\MpSigStub.exe 2012-01-26 11:54:31 ----A---- C:\Windows\system32\PnkBstrB.exe 2012-01-23 14:07:09 ----D---- C:\Program Files\Common Files\Apple 2012-01-23 14:07:08 ----D---- C:\ProgramData\Apple Computer 2012-01-19 13:52:05 ----D---- C:\Program Files\Common Files\Adobe 2012-01-18 16:40:16 ----D---- C:\Windows\winsxs 2012-01-18 14:31:18 ----D---- C:\ProgramData\AVG Secure Search 2012-01-12 13:02:04 ----A---- C:\Windows\system32\mrt.exe 2012-01-12 13:01:44 ----D---- C:\Program Files\Windows Mail 2012-01-12 13:01:34 ----D---- C:\Windows\ehome 2012-01-12 13:01:02 ----D---- C:\ProgramData\Microsoft Help 2012-01-11 13:09:43 ----D---- C:\Windows\Microsoft.NET 2012-01-11 13:09:21 ----RSD---- C:\Windows\assembly ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSErHrvtx;AVG9IDSErHr; C:\Windows\System32\Drivers\AVGIDSvx.sys [2011-05-05 25168] R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2011-05-05 52872] R0 mv61xx;mv61xx; C:\Windows\system32\DRIVERS\mv61xx.sys [2008-06-23 150568] R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-12-24 691696] R1 AsIO;AsIO; C:\Windows\system32\drivers\AsIO.sys [2007-12-17 12400] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2011-05-05 24856] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2011-05-05 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2011-09-13 29712] R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2011-05-06 243152] R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 165648] R2 acedrv11;acedrv11; \??\C:\Windows\system32\drivers\acedrv11.sys [2010-02-24 185472] R2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-12-04 281760] R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-12-04 25888] R3 AVGIDSDrivervtx;AVG9IDSDriver; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSDriver.sys [2011-05-05 122448] R3 AVGIDSFiltervtx;AVG9IDSFilter; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSFilter.sys [2011-05-05 30288] R3 AVGIDSShimvtx;AVG9IDSShim; \??\C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_Vista\AVGIDSShim.sys [2011-05-05 27216] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 InputFilter_Hid_FlexDef2c;Siliten HID Devices(FlexDef2c) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2c.sys [2010-08-06 16896] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-20 2143136] R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-06-30 47616] R3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680] R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2011-10-15 10327360] R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224] S0 is3srv;is3srv; C:\Windows\system32\drivers\is3srv.sys [] S0 szkg5;szkg5; C:\Windows\system32\drivers\szkg5.sys [] S0 szkgfs;szkgfs; C:\Windows\system32\drivers\szkgfs.sys [] S2 {09BB444F-B2E2-4009-BAF2-7B727681223E};BuddyVM; \\??\\C:\\Program Files\\VMLaunch\\BuddyVM.sys [] S3 a691fbig;a691fbig; C:\Windows\system32\drivers\a691fbig.sys [] S3 dgderdrv;dgderdrv; C:\Windows\system32\drivers\dgderdrv.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 mdf16;mdf16; \??\C:\Program Files\Clarus\Samsung SecretZone\mdf16.sys [] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 mvd22;mvd22; \??\C:\Program Files\Clarus\Samsung SecretZone\mvd22.sys [] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-11-01 18176] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-11-01 23168] S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816] S3 snpstd2;Trust WB-3400T Webcam; C:\Windows\system32\DRIVERS\snpstd2.sys [2004-10-14 347264] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-11-01 8192] S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-11-01 8192] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2011-05-05 308136] R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2011-05-05 2331544] R2 AVGIDSAgent;AVG9IDSAgent; C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2011-05-05 5897808] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1136448] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-07-27 249136] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248] R2 vToolbarUpdater;vToolbarUpdater; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe [2012-01-18 909152] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R3 NisSrv;@c:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate1ca25908833949e;Google Updateservice (gupdate1ca25908833949e); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-25 133104] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-08-25 133104] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-16 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-01-16 821608] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2011-08-07 3804120] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144] S4 AVG Security Toolbar Service;AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2011-11-10 167264] S4 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-04-08 800040] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208] S4 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2008-01-22 275752] S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920] S4 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-12-22 75064] S4 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2012-01-04 718888] S4 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-01-23 407336] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] -----------------EOF-----------------

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:59:59, on 10-2-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\PROGRA~1\MICROS~2\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IELowutil.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1ca25908833949e) (gupdate1ca25908833949e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- End of file - 2749 bytes meer heb ik niet . ---------- Post toegevoegd om 17:04 ---------- Vorige post was om 17:00 ---------- ik heb nu wel dat mijn mail niet goed uit pakt . ---------- Post toegevoegd om 17:09 ---------- Vorige post was om 17:04 ---------- mijn downloads worden ook niet mee uitgepakt

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:01:59, on 10-2-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1ca25908833949e) (gupdate1ca25908833949e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- End of file - 2412 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:10:30, on 9-2-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Ask.com\Updater\Updater.exe C:\Windows\System32\mobsync.exe C:\Program Files\Windows Media Player\wmplayer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O1 - Hosts: ::1 localhost O2 - BHO: (no name) - AutorunsDisabled - (no file) O2 - BHO: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll O2 - BHO: Hyves - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll O2 - BHO: ToggleDU - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\prxtbTogg.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfi1.dll O2 - BHO: Softonic Netherlands Toolbar - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - C:\Program Files\Softonic_Netherlands\tbSoft.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: UrlHelper Class - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - C:\Program Files\Elf_1.15\tbElf_.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: TBSB07500 - {C89733F1-C3AE-4283-86DD-2AEE11E701F2} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: SearchElf 1.2 Toolbar - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\tbSear.dll O2 - BHO: newsgroepen - {fc7cc2ab-180c-41bd-95d2-ffa6ba645eb8} - C:\Program Files\newsgroepen\prxtbnew0.dll O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Hyves Toolbar - {AB8DC1E0-22BE-4181-B77E-02C495E031F8} - C:\Program Files\HyvesToolbar\Hyves Toolbar\tbcore3.dll O3 - Toolbar: XfireXO Toolbar - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} - C:\Program Files\XfireXO\tbXfi1.dll O3 - Toolbar: newsgroepen Toolbar - {fc7cc2ab-180c-41bd-95d2-ffa6ba645eb8} - C:\Program Files\newsgroepen\prxtbnew0.dll O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL O3 - Toolbar: SearchElf 1.2 Toolbar - {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - C:\Program Files\SearchElf_1.2\tbSear.dll O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll O3 - Toolbar: Elf 1.15 Toolbar - {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - C:\Program Files\Elf_1.15\tbElf_.dll O3 - Toolbar: Softonic Netherlands Toolbar - {65ca59ee-9920-4d7f-8c41-bfa12403261a} - C:\Program Files\Softonic_Netherlands\tbSoft.dll O3 - Toolbar: MediaBar - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\PROGRA~1\BEARSH~1\MediaBar\ToolBar\BearshareMediabarDx.dll O3 - Toolbar: ToggleDU Toolbar - {3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} - C:\Program Files\ToggleDU\prxtbTogg.dll O3 - Toolbar: Hyves Toolbar - {13e6001d-2628-4eba-b8e1-36866e267eaf} - C:\Program Files\Hyves\prxtbHyv0.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O3 - Toolbar: Support.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll,C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll,BdInstHk.dll,avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe O23 - Service: AVG9IDSAgent (AVGIDSAgent) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1ca25908833949e) (gupdate1ca25908833949e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- End of file - 11899 bytes