Sargon

17 september 2010

Nederlands staat ook op Nederlands zoals je op het prentje weergeeft en volgens mij heb ik alles correct gedaan zoals die handleiding zegt.

Sommige dingen zijn wel lastig om uit te zoeken, daar ik nederlandse office heb ... maar toch al bedankt!

Is er hier niemand die een mac heeft ?

11 september 2010

Heb me gisteren eindelijk een mac aangekocht, maar nu zit ik al meteen met een klein probleem, aangezien ik niet deftig kan schrijven is het altijd wel handig als mijn spellingscontrole in WORD werkt. Het is dus Microsoft Office 2008 voor Mac.

Ik heb al eens bij WORD -> Preferences -> Spelling and Grammar -> die Custum Dictionary naar Default ACL Dutch gezet, maar dat lijkt niet echt veel te doen.

Hopelijk weten jullie raad! En heb ik misschien iets over het hoofd gezien. Hij corrigeert trouwens gewoon weg niets van woorden en als ik op spelling & grammar status klik zegt hij dat die voltooid is en geen fout in zitten.

10 mei 2010

Niemand die hier al ervaring mee heeft?

9 mei 2010

Binnenkort ga ik naar de VS en ik speel al langer met de plannen om een Mac Book Pro te kopen.

Nu is mijn vraag, zijn er verschillen buiten het stopcontact (zo'n adaptor zal ik hier wel apart kunnen kopen neem ik aan), het qwerty toetsenbord en de prijs die toch beduidend lager is??

Of kunnen er zich bepaalde problemen voor doen omdat het geen Europees/Belgisch model is?

Alvast bedankt

15 januari 2010

Door dat mapje weg te doen is het blijkbaar echt weg Ik kan beter virussen bestrijden dan u

Sluit de topic en nog eens 1000 maal dank!

14 januari 2010

Gereed - Geen virussen gevonden zegt hij ...

Mss omdat ik dat mapje weg gedaan heb? Ik wacht in ieder geval nog even af voor ik de topic sluit

14 januari 2010

Heb heel die map: c:\32788r22fwjfw eens weg gedaan ... kvin toch terug dat dat iets met spyware te maken had op google. Eens zien wat dat geeft

13 januari 2010

Vooral vreemd dat het altijd is als mijn pc eventjes opstaat (minuut of 20-25) en na het herstarten is het niet meer

;*************************************

ANALYSIS: 2010-01-13 21:32:17

PROTECTIONS: 1

MALWARE: 11

SUSPECTS: 1

;*************************************

PROTECTIONS

Description Version Active Updated

;=====================================

Symantec Endpoint Protection 11.0.777.1008 Yes Yes

;=====================================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;====================================

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\users\joey\appdata\roaming\microsoft\windows\cookies\joey@doubleclick[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@doubleclick[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\joey@doubleclick[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@doubleclick[1].txt

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@doubleclick[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\joey@atdmt[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@atdmt[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@atdmt[3].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\users\joey\appdata\roaming\microsoft\windows\cookies\joey@atdmt[1].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@atdmt[2].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@atdmt[3].txt

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@atdmt[2].txt

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@tradedoubler[1].txt

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@tradedoubler[2].txt

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@tradedoubler[1].txt

00168056 Cookie/YieldManager TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@ad.yieldmanager[2].txt

00168076 Cookie/BurstNet TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@burstnet[2].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@serving-sys[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@serving-sys[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\joey@serving-sys[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@serving-sys[1].txt

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\joey\appdata\roaming\microsoft\windows\cookies\joey@serving-sys[1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@bs.serving-sys[1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@bs.serving-sys[2].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\users\joey\appdata\roaming\microsoft\windows\cookies\joey@bs.serving-sys[1].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\joey@bs.serving-sys[2].txt

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@bs.serving-sys[2].txt

00168106 Cookie/Weborama TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@weborama[1].txt

00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@metriweb[1].txt

00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\users\joey\appdata\roaming\microsoft\windows\cookies\joey@metriweb[1].txt

00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\windows.old\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@metriweb[1].txt

00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@metriweb[1].txt

00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@metriweb[2].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\joey@bluestreak[1].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No c:\users\joey\appdata\roaming\microsoft\windows\cookies\joey@bluestreak[2].txt

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No c:\$windows.~q\data\users\joey\appdata\roaming\microsoft\windows\cookies\low\joey@bluestreak[1].txt

00590315 Rootkit/Agent.LNB HackTools No 0 Yes No c:\windows\syswow64\drivers\rcgsbw.sys

00590315 Rootkit/Agent.LNB HackTools No 0 Yes No c:\windows\syswow64\drivers\cdsrqrf.sys

;=======================================

SUSPECTS

Sent Location

;========================================

No c:\32788r22fwjfw\pev.exe

;======================================

VULNERABILITIES

Id Severity Description

;=======================================

13 januari 2010

Enkele minuten later krijg ik toch weer het bericht van de infostealer.gamepass

13 januari 2010

Ok! Done!

Dus het zou nu opgelost moeten zijn ... zal meteen op de knop drukken, als het toch nog voorkomt, open ik hem wel weer.

13 januari 2010

Kan ik dat daar dan niet uit weg doen? Want het is toch niet altijd even handig dat ik mijn pc altijd opzet en daarna nog eens moet herstarten voor ik hem echt kan gebruiken...

13 januari 2010

Wednesday, January 13, 2010

Operating system: Microsoft Windows Vista Home Premium Edition, 64-bit Service Pack 1 (build 6001)

Kaspersky Online Scanner version: 7.0.26.13

Last database update: Tuesday, January 12, 2010 19:41:47

Records in database: 3301412

Scan settings scan using the following database extended Scan archives yes Scan e-mail databases yes

Scan area My Computer C:\

D:\

F:\

Scan statistics Objects scanned 256515 Threats found 1 Infected objects found 1 Suspicious objects found 0 Scan duration 03:08:47

File name Threat Threats count C:\Windows.old\ProgramData\Symantec\Symantec AntiVirus Corporate Edition\7.5\Quarantine\0E880000\4F889FEE.VBNInfected: Packed.Win32.Tdss.c1

Selected area has been scanned.

11 januari 2010

ja, nog steeds

10 januari 2010

Heb heel stap 4 gedaan:

4. To delete the value from the registry

Enkel bij deze:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDriveTypeAutoRun" = "145"

Deed hij anders dan de anderen. Er staat zo altijd tussen ( ) hetzelfde getal en bij deze werd het 325 in plaats van 145

10 januari 2010

Een kladblok file met volgende naam heb ik ook nog gevonden: fzfau

Files to delete:

C:\Windows\system32\drivers\abkarffq.sys

Drivers to delete:

abkarffq

Het lijkt weg te zijn! Laat symantec nog eens een scan doen, als er niets te voorschijn komt, sluit ik na de scan de topic.

Bedankt!

---------- Post toegevoegd om 11:44 ---------- Vorige post was om 11:37 ----------

Enkele minuten later krijg ik weer de melding, zal eens wat meer info geven: Infostealer.gamepass

File name: DWHBAA7.tmp

Original Location: C:\Users\Joey\AppData\Local\Temp\

Current Location: C:\Users\Joey\AppData\Local\Temp\

En voor het verwijderen vraagt de pc altijd om te herstarten. Ik doe altijd mijn onzichtbare mappen weg, maar na het verwijderen van dit staan ze altijd terug op zichtbaar.

9 januari 2010

Wederom geen logfile en met de zoekfunctie lijkt hij niets te vinden ... wat goed is neem ik aan

9 januari 2010

Heb het gedaan, er opende wel geen logfile en kan er ook nergens een vinden. Toen ik op execute drukte zei VIPRE iets van a known threat was blocked from opening en zag ik ook iets taan van trojan.exe ... ging allemaal nogal snel want enkele seconden later was hij aan het heropstarten. Tot hiertoe geen melding van Symantec anti-virus, maar uit ondervinden is het meestal als de pc even heeft afgestaan.

Heb wel enkele bestandjes gevonden die zijn aangemaakt net voor de pc heropstarten. Deze staan bij Lokaal station (C:) het is 1 backup, 1 cleanup, 1 zip bestand en een txt bestandje waar het volgende instaat (geen idee of je hier iets mee bent):

Just before processing loop...

C:\Program Files (x86)\GIGABYTE\EnergySaver\info.dat

Current = 0

Total = 0

savetime = 0

Type=60,Port=b2,BiosAddr=cfeeecd0

Current=0.000000,Total=0.000000,MaxVid=1.200000,Rev=0x20

8 januari 2010

Chapeau da gij daar aan uit kunt

Logfile of random's system information tool 1.06 (written by random/random)

Run by Joey at 2010-01-08 10:33:15

Microsoft® Windows Vista™ Home Premium Service Pack 1

System drive C: has 668 GB (70%) free of 954 GB

Total RAM: 4094 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:33:19, on 8/01/2010

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v8.00 (8.00.6001.18865)

Boot mode: Normal

Running processes:

C:\Windows\vVX1000.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe

C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe

C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

C:\Program Files (x86)\Java\jre6\bin\jusched.exe

C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe

C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\ProtectionUtilSurrogate.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Joey\Desktop\RSIT.exe

C:\Program Files (x86)\Trend Micro\HijackThis\Joey.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ::1 localhost

O1 - Hosts: 85.10.209.11 breakz.be

O1 - Hosts: 85.10.209.11 www.breakz.be

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O4 - HKLM\..\Run: [ccApp] "C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"

O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [sBAMTray] C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{4ACFA183-9A8E-4CD3-A7C8-EC3272F2CE83}: NameServer = 208.67.222.222,208.67.220.220

O17 - HKLM\System\CS1\Services\Tcpip\..\{4ACFA183-9A8E-4CD3-A7C8-EC3272F2CE83}: NameServer = 208.67.222.222,208.67.220.220

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: VIPRE Antivirus + Antispyware (SBAMSvc) - Sunbelt Software - C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe

O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9658 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ccApp"=C:\Program Files (x86)\Common Files\Symantec Shared\ccApp.exe [2007-08-06 115560]

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

"OpwareSE4"=C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [2007-02-04 79400]

"LifeCam"=C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [2007-05-17 279912]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2009-11-10 417792]

"TkBellExe"=C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe [2009-11-30 198160]

"SunJavaUpdateSched"=C:\Program Files (x86)\Java\jre6\bin\jusched.exe [2009-10-11 149280]

"SBAMTray"=C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMTray.exe [2009-10-27 959824]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1555968]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]

"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2009-10-30 1217808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBAMSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=

"ForceActiveDesktopOn"=

"NoActiveDesktopChanges"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files (x86)\BitTorrent\bittorrent.exe"="C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]

shell\AutoRun\command - G:\LaunchU3.exe -a

======File associations======

.js - edit - C:\Windows\SysWOW64\Notepad.exe %1

.js - open - C:\Windows\SysWOW64\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2010-01-08 10:33:15 ----D---- C:\rsit

2010-01-06 21:10:08 ----D---- C:\ProgramData\Sunbelt

2010-01-06 21:09:59 ----D---- C:\Users\Joey\AppData\Roaming\Sunbelt

2010-01-06 21:07:35 ----D---- C:\Program Files (x86)\Sunbelt Software

2010-01-06 20:57:02 ----D---- C:\32788R22FWJFW

2009-12-30 10:52:14 ----D---- C:\Users\Joey\AppData\Roaming\Malwarebytes

2009-12-30 10:52:09 ----D---- C:\ProgramData\Malwarebytes

2009-12-30 10:52:09 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2009-12-29 21:38:18 ----D---- C:\Program Files (x86)\URUSoft

2009-12-29 11:40:07 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR

2009-12-23 09:27:37 ----D---- C:\Program Files (x86)\Trend Micro

2009-12-22 13:18:39 ----D---- C:\ProgramData\TEMP

2009-12-12 08:03:55 ----A---- C:\Windows\system32\nshhttp.dll

2009-12-12 08:03:52 ----A---- C:\Windows\system32\httpapi.dll

2009-12-12 08:03:00 ----A---- C:\Windows\system32\mshtml.dll

2009-12-12 08:02:58 ----A---- C:\Windows\system32\urlmon.dll

2009-12-12 08:02:58 ----A---- C:\Windows\system32\iertutil.dll

2009-12-12 08:02:58 ----A---- C:\Windows\system32\ieframe.dll

2009-12-12 08:02:57 ----A---- C:\Windows\system32\wininet.dll

2009-12-12 08:02:57 ----A---- C:\Windows\system32\occache.dll

2009-12-12 08:02:57 ----A---- C:\Windows\system32\msfeeds.dll

2009-12-12 08:02:57 ----A---- C:\Windows\system32\iedkcs32.dll

2009-12-12 08:02:56 ----A---- C:\Windows\system32\msfeedsbs.dll

2009-12-12 08:02:56 ----A---- C:\Windows\system32\ieUnatt.exe

2009-12-12 08:02:56 ----A---- C:\Windows\system32\ieui.dll

2009-12-12 08:02:56 ----A---- C:\Windows\system32\iepeers.dll

2009-12-12 08:02:55 ----A---- C:\Windows\system32\msfeedssync.exe

2009-12-12 08:02:55 ----A---- C:\Windows\system32\jsproxy.dll

2009-12-12 08:02:55 ----A---- C:\Windows\system32\iesysprep.dll

2009-12-12 08:02:55 ----A---- C:\Windows\system32\iesetup.dll

2009-12-12 08:02:55 ----A---- C:\Windows\system32\iernonce.dll

2009-12-12 08:02:55 ----A---- C:\Windows\system32\ie4uinit.exe

2009-12-12 08:02:34 ----A---- C:\Windows\system32\rastls.dll

2009-12-12 08:02:34 ----A---- C:\Windows\system32\raschap.dll

2009-12-12 08:02:31 ----A---- C:\Windows\system32\winhttp.dll

2009-12-08 20:50:13 ----D---- C:\Program Files (x86)\YouTube Downloader

2009-12-02 23:09:19 ----D---- C:\Windows\Freecorder

2009-12-02 23:09:19 ----D---- C:\Program Files (x86)\Freecorder

2009-12-01 19:47:05 ----A---- C:\Windows\system32\javaws.exe

2009-12-01 19:47:05 ----A---- C:\Windows\system32\javaw.exe

2009-12-01 19:47:05 ----A---- C:\Windows\system32\java.exe

2009-11-30 10:06:33 ----A---- C:\Windows\system32\rmoc3260.dll

2009-11-30 10:06:28 ----A---- C:\Windows\system32\pndx5032.dll

2009-11-30 10:06:28 ----A---- C:\Windows\system32\pndx5016.dll

2009-11-30 10:06:26 ----D---- C:\Program Files (x86)\Common Files\xing shared

2009-11-30 10:06:13 ----A---- C:\Windows\system32\pncrt.dll

2009-11-27 09:58:13 ----A---- C:\Windows\system32\tzres.dll

2009-11-27 09:56:53 ----A---- C:\Windows\system32\msxml6.dll

2009-11-27 09:56:53 ----A---- C:\Windows\system32\msxml3.dll

2009-11-24 23:49:02 ----D---- C:\ProgramData\Real

2009-11-22 14:00:00 ----D---- C:\Program Files (x86)\QuickTime

2009-11-22 13:59:59 ----D---- C:\ProgramData\Apple Computer

2009-11-20 21:56:20 ----D---- C:\Program Files (x86)\PS3 Media Server

2009-11-14 09:39:04 ----D---- C:\ProgramData\FLEXnet

2009-11-14 09:31:12 ----D---- C:\Program Files (x86)\Bonjour

2009-11-14 09:27:29 ----D---- C:\Windows\system32\spool

2009-11-14 09:23:58 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared

2009-11-11 13:23:08 ----A---- C:\Windows\system32\WSDApi.dll

======List of files/folders modified in the last 2 months======

2010-01-08 10:33:17 ----D---- C:\Windows\Temp

2010-01-08 10:05:26 ----D---- C:\Program Files (x86)\Steam

2010-01-08 10:05:01 ----D---- C:\Windows\System32

2010-01-07 23:31:38 ----SHD---- C:\Windows\Installer

2010-01-07 23:31:38 ----RD---- C:\Program Files (x86)

2010-01-07 23:31:31 ----SHD---- C:\System Volume Information

2010-01-07 23:30:21 ----D---- C:\Program Files (x86)\Common Files\Adobe

2010-01-07 23:29:41 ----D---- C:\Users\Joey\AppData\Roaming\Adobe

2010-01-07 23:28:24 ----D---- C:\ProgramData\Adobe

2010-01-07 23:28:24 ----D---- C:\Program Files (x86)\Adobe

2010-01-07 23:25:14 ----D---- C:\Windows\system32\drivers

2010-01-07 23:23:46 ----D---- C:\ProgramData

2010-01-07 23:21:34 ----D---- C:\Program Files (x86)\CCleaner

2010-01-07 21:41:09 ----D---- C:\Users\Joey\AppData\Roaming\BitTorrent

2010-01-06 23:08:40 ----D---- C:\Windows\Prefetch

2010-01-06 21:54:35 ----D---- C:\Program Files (x86)\Mozilla Firefox

2010-01-06 21:07:36 ----D---- C:\Windows\SysWOW64

2010-01-05 08:40:13 ----D---- C:\Windows\inf

2010-01-03 16:00:54 ----RSD---- C:\Windows\Fonts

2009-12-31 22:29:36 ----D---- C:\Users\Joey\AppData\Roaming\Skype

2009-12-31 19:17:16 ----D---- C:\Users\Joey\AppData\Roaming\skypePM

2009-12-30 20:45:23 ----D---- C:\Users\Joey\AppData\Roaming\Real

2009-12-29 11:57:08 ----D---- C:\Program Files (x86)\Common Files\Steam

2009-12-29 11:40:07 ----D---- C:\Program Files (x86)\Common Files

2009-12-23 11:14:41 ----D---- C:\Windows

2009-12-23 08:42:57 ----D---- C:\Windows\Minidump

2009-12-23 08:42:57 ----D---- C:\Windows\Debug

2009-12-22 12:46:15 ----D---- C:\Windows\Tasks

2009-12-22 12:46:13 ----D---- C:\Windows\registration

2009-12-12 19:22:22 ----D---- C:\Windows\rescache

2009-12-12 19:19:02 ----D---- C:\Windows\winsxs

2009-12-12 08:11:48 ----D---- C:\Windows\system32\migration

2009-12-12 08:11:48 ----D---- C:\Program Files (x86)\Internet Explorer

2009-12-12 08:11:47 ----D---- C:\Windows\system32\nl-NL

2009-12-12 08:11:47 ----D---- C:\Program Files (x86)\Windows Mail

2009-12-12 08:07:48 ----D---- C:\ProgramData\Microsoft Help

2009-12-12 08:05:23 ----RSD---- C:\Windows\assembly

2009-12-01 19:46:38 ----D---- C:\Program Files (x86)\Java

2009-11-30 10:06:35 ----D---- C:\Program Files (x86)\Common Files\Real

2009-11-30 10:06:12 ----RD---- C:\Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2009-08-26 475696]

R1 sbtis;sbtis; C:\Windows\system32\drivers\sbtis.sys []

R1 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP64.SYS [2007-08-14 397872]

R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX64.SYS [2007-08-14 32304]

R1 WPS;WPS; \??\C:\Windows\system32\drivers\wpsdrvnt.sys []

R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys []

R2 sbapifs;sbapifs; C:\Windows\system32\DRIVERS\sbapifs.sys []

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-08-26 132656]

R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2010-01-08 25640]

R3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []

R3 NAVENG;NAVENG; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20100107.049\ENG64.SYS [2009-08-27 116272]

R3 NAVEX15;NAVEX15; \??\C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20100107.049\EX64.SYS [2009-08-27 1742896]

R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys []

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []

R3 Teefer2;Teefer2 Miniport; C:\Windows\system32\DRIVERS\teefer2.sys []

R3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys []

R3 VX1000;VX-1000; C:\Windows\system32\DRIVERS\VX1000.sys []

R3 WpsHelper;WpsHelper; \??\C:\Windows\system32\drivers\WpsHelper.sys []

S1 EIO64;EIO Driver; C:\Windows\system32\DRIVERS\EIO64.sys []

S3 abkarffq;abkarffq; C:\Windows\system32\drivers\abkarffq.sys []

S3 asusgsb;ASUS Virtual Video Capture Device Driver; C:\Windows\system32\drivers\asusgsb.sys []

S3 COH_Mon;COH_Mon; \??\C:\Windows\system32\Drivers\COH_Mon.sys []

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys []

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys []

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys []

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys []

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys []

S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys []

S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys []

S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys []

S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys []

S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys []

S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys []

S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys []

S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL64.SYS [2007-08-14 429616]

S3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys []

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys []

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys []

S4 vsdatant;vsdatant; a []

S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]

R2 ccEvtMgr;Symantec Event Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2007-08-06 108392]

R2 ccSetMgr;Symantec Settings Manager; C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe [2007-08-06 108392]

R2 GEST Service;GEST Service for program management.; C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-02-06 68136]

R2 MSCamSvc;MSCamSvc; C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe [2007-05-17 443752]

R2 SBAMSvc;VIPRE Antivirus + Antispyware; C:\Program Files (x86)\Sunbelt Software\VIPRE\SBAMSvc.exe [2009-10-27 1012080]

R2 SmcService;Symantec Management Client; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe [2007-09-07 4392832]

R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2007-09-06 2177464]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2009-08-07 92008]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 2297216]

R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-12-29 321320]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2008-07-27 93184]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-12-29 655624]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]

S3 LiveUpdate;LiveUpdate; C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-08-11 3093872]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]

S3 SNAC;Symantec Network Access Control; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE [2007-09-07 287112]

S4 IJPLMSVC;PIXMA Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]

info.txt logfile of random's system information tool 1.06 2010-01-08 10:33:21

======Uninstall list======

-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}

Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}

Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}

Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}

Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

Adobe CMaps CS4-->MsiExec.exe /I{94D398EB-D2FD-4FD1-B8C4-592635E8A191}

Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}

Adobe Color Common Settings-->C:\Program Files (x86)\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe

Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}

Adobe Color EU Extra Settings CS4-->MsiExec.exe /I{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}

Adobe Color JA Extra Settings CS4-->MsiExec.exe /I{0D6013AB-A0C7-41DC-973C-E93129C9A29F}

Adobe Color NA Recommended Settings CS4-->MsiExec.exe /I{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}

Adobe Default Language CS4-->MsiExec.exe /I{C52E3EC1-048C-45E1-8D53-10B0C6509683}

Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

Adobe ExtendScript Toolkit 2-->C:\Program Files (x86)\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe

Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}

Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe

Adobe Fonts All-->MsiExec.exe /I{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}

Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}

Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}

Adobe PDF Library Files CS4-->MsiExec.exe /I{F93C84A6-0DC6-42AF-89FA-776F7C377353}

Adobe Photoshop CS3-->C:\Program Files (x86)\Common Files\Adobe\Installers\2ac78060bc5856b0c1cf873bb919b58\Setup.exe

Adobe Photoshop CS3-->MsiExec.exe /I{0046FA01-C5B9-4985-BACB-398DC480FC05}

Adobe Reader 9.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A92000000001}

Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}

Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}

Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}

Adobe Shockwave Player 11-->C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log

Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}

Adobe Type Support CS4-->MsiExec.exe /I{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}

Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}

Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}

Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}

AdobeColorCommonSetRGB-->MsiExec.exe /I{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}

Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9

Avanquest update-->C:\Program Files (x86)\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\setup.exe -runfromtemp -l0x0013 -removeonly

AviSynth 2.5-->"C:\Program Files (x86)\AviSynth 2.5\Uninstall.exe"

Canon Utilities Easy-PhotoPrint EX-->C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\uninst.exe uninst.ini

Canon Utilities Solution Menu-->C:\Program Files (x86)\Canon\SolutionMenu\uninst.exe uninst.ini

CCleaner (remove only)-->"C:\Program Files (x86)\CCleaner\uninst.exe"

De Sims™ 3-->"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\Sims3Setup.exe" -runfromtemp -l0x0013 -removeonly

Demigod-->C:\ProgramData\{67C33A62-5B1D-43D1-9600-16006F36EB2B}\setup.exe

DivX Converter-->C:\Program Files (x86)\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Player-->C:\Program Files (x86)\DivX\DivXPlayerUninstall.exe /PLAYER

DivX Plus DirectShow Filters-->C:\Program Files (x86)\DivX\DivXDSFiltersUninstall.exe /DSFILTERS

DivX Web Player-->C:\Program Files (x86)\DivX\DivXWebPlayerUninstall.exe /PLUGIN

eMindMaps-->C:\PROGRA~2\MindJET\EMINDM~1\UNWISE.EXE C:\PROGRA~2\MindJET\EMINDM~1\INSTALL.LOG

Energy Saver Advance B9.0316.1-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{7ED169D4-5053-4166-93DF-53B12AE6C539}\setup.exe" -l0x9 -removeonly

EVEREST Home Edition v2.20-->"C:\Program Files (x86)\Lavalys\EVEREST Home Edition\unins000.exe"

Football Manager 2010-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/34000

Gebruikersregistratie voor Canon iP2600 series-->C:\Program Files (x86)\Canon\IJEREG\iP2600 series\UNINST.EXE

Gebruikersregistratie voor Canon MP970 series-->C:\Program Files (x86)\Canon\IJEREG\MP970 series\UNINST.EXE

HijackThis 2.0.2-->"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=""

Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}

K-Lite Codec Pack 4.7.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"

LiveUpdate 3.3 (Symantec Corporation)-->"C:\Program Files (x86)\Symantec\LiveUpdate\LSETUP.EXE" /U

Malwarebytes' Anti-Malware-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft LifeCam-->MsiExec.exe /X{63AFACBC-4795-4A1B-8037-5085DC03FC54}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0100-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0101-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}

Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Groove MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office Language Pack 2007 - Dutch/Nederlands-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall OMUI.NL-NL /dll OSETUP.DLL

Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}

Microsoft Office O MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0100-0413-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}

Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0017-0413-0000-0000000FF1CE} /uninstall {2E9BD56A-2290-46DA-869F-2EDCF0A24E8B}

Microsoft Office SharePoint Designer MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0017-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Office X MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0101-0413-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}

Mozilla Firefox (3.5.7)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

PDF Settings CS4-->MsiExec.exe /I{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}

PIXMA Extended Survey Program-->C:\Program Files (x86)\Canon\IJPLM\SETUP.EXE -R

PIXresizer 2.0.2-->"C:\Program Files (x86)\PIXresizer\unins000.exe"

QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}

RealPlayer-->C:\Program Files (x86)\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|12.0

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\SETUP.EXE -runfromtemp -l0x0013 -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -removeonly

ScanSoft OmniPage SE 4-->MsiExec.exe /X{DEE88727-779B-47A9-ACEF-F87CA5F92A65}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}

Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}

Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office Publisher 2007 (KB969693)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7BE67088-1EB3-4569-8E75-DDAFBF61BC4E}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Skype™ 4.1-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}

Sony Ericsson PC Suite 4.010.00-->C:\Program Files (x86)\InstallShield Installation Information\{2FFE93F0-BB72-4E52-8761-354D1AAA9387}\ISAdmin.exe -runfromtemp -l0x0013 -removeonly

SoulSeek 157 NS 13d-->"C:\Program Files (x86)\SoulseekNS\uninstall.exe"

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

Subtitle Workshop 2.51-->"C:\Program Files (x86)\URUSoft\Subtitle Workshop\uninstall.exe"

Switch Sound File Converter-->C:\Program Files (x86)\NCH Swift Sound\Switch\uninst.exe

TomTom HOME 2.7.0.1785-->C:\Program Files (x86)\TomTom HOME 2\Uninstall TomTom HOME.exe

TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->c:\Windows\SysWOW64\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}

Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}

Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}

Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}

Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}

Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}

Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}

Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}

Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}

Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}

Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}

Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}

Update for Outlook 2007 Junk Email Filter (kb976884)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FB60F280-C70F-4174-BADB-471412AA42F0}

Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}

Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}

Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}

Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646}

Windows Live OneCare safety scanner-->"C:\Program Files (x86)\Windows Live Safety Center\UnInstall.exe"

Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WinRAR archiver-->C:\Program Files (x86)\WinRAR\uninstall.exe

YouTube Downloader 2.5.3-->"C:\Program Files (x86)\YouTube Downloader\uninstall.exe"

=====HijackThis Backups=====

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = [2009-12-30]

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) [2009-12-30]

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = [2009-12-30]

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Config\csrss.exe [2009-12-30]

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = [2009-12-30]

======Hosts File======

85.10.209.11 breakz.be

85.10.209.11 www.breakz.be

======Security center information======

AV: Symantec Endpoint Protection

FW: Symantec Endpoint Protection

AS: Symantec Endpoint Protection

AS: Windows Defender

======System event log======

Computer Name: PC_van_Joey

Event Code: 7036

Message: De Windows Media Center Service Launcher-service heeft nu de status gestopt.

Record Number: 1471016

Source Name: Service Control Manager

Time Written: 20100108090707.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Joey

Event Code: 537

Message: Kan geen compatibel TPM (Trusted Platform Module)-beveiligingsapparaat op deze computer vinden. Kan TBS niet starten.

Record Number: 1471017

Source Name: Microsoft-Windows-TBS

Time Written: 20100108090706.543014-000

Event Type: Informatie

User: NT AUTHORITY\LOCAL SERVICE

Computer Name: PC_van_Joey

Event Code: 7036

Message: De Windows Update-service heeft nu de status wordt uitgevoerd.

Record Number: 1471018

Source Name: Service Control Manager

Time Written: 20100108090718.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Joey

Event Code: 7036

Message: De Application Information-service heeft nu de status wordt uitgevoerd.

Record Number: 1471019

Source Name: Service Control Manager

Time Written: 20100108092933.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Joey

Event Code: 7036

Message: De WinHTTP Web Proxy Auto-Discovery-service-service heeft nu de status wordt uitgevoerd.

Record Number: 1471020

Source Name: Service Control Manager

Time Written: 20100108093142.000000-000

Event Type: Informatie

User:

=====Application event log=====

Computer Name: PC_van_Joey

Event Code: 1

Message: Client van Certificate Services is gestart.

Record Number: 34982

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20100108090553.642214-000

Event Type: Informatie

User: PC_van_Joey\Joey

Computer Name: PC_van_Joey

Event Code: 1

Message: De Windows Security Center-service is gestart.

Record Number: 34983

Source Name: SecurityCenter

Time Written: 20100108090706.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Joey

Event Code: 1001

Message: Fault bucket 407419358, type 5

Naam van gebeurtenis: AppHangB1

Antwoord: Geen

Id van CAB-bestand: 0

Handtekening van probleem:

P1: Explorer.EXE

P2: 6.0.6001.18164

P3: 4907e791

P4: 1f42

P5: 4

P6:

P7:

P8:

P9:

P10:

Ingevoegde bestanden:

C:\Users\Joey\AppData\Local\Temp\WER10F1.tmp.version.txt

C:\Users\Joey\AppData\Local\Temp\WER2694.tmp.appcompat.txt

Deze bestanden zijn mogelijk hier beschikbaar:

C:\Users\Joey\AppData\Local\Microsoft\Windows\WER\ReportArchive\Report108d2970

Record Number: 34984

Source Name: Windows Error Reporting

Time Written: 20100108093142.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Joey

Event Code: 1002

Message: De shell is onverwacht beëindigd en explorer.exe is opnieuw gestart.

Record Number: 34985

Source Name: Microsoft-Windows-Winlogon

Time Written: 20100108093142.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Joey

Event Code: 1002

Message: Programma Explorer.EXE, versie 6.0.6001.18164 reageert niet meer op Windows en is afgesloten. Als u wilt zien of meer informatie over het probleem beschikbaar is, kunt u de probleemgeschiedenis in onderdeel Probleemrapporten en -oplossingen in het Configuratiescherm controleren. Proces-id: 4b4 Starttijd: 01ca9041a453419f Eindtijd: 14

Record Number: 34986

Source Name: Application Hang

Time Written: 20100108093142.000000-000

Event Type: Fout

User:

=====Security event log=====

Computer Name: PC_van_Joey

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_JOEY$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x2a4

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 48944

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100108090502.082214-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Joey

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 48945

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100108090502.082214-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Joey

Event Code: 4648

Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_JOEY$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:

Naam van doelserver: localhost

Aanvullende gegevens: localhost

Procesgegevens:

Proces-id: 0x2a4

Procesnaam: C:\Windows\System32\services.exe

Netwerkgegevens:

Netwerkadres: -

Poort: -

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

Record Number: 48946

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100108090502.378614-000