Ga naar inhoud

loetbons

Lid
  • Items

    11
  • Registratiedatum

  • Laatst bezocht

loetbons's prestaties

  1. hallo Bedankt voor alle moeite.Het probleem is nu opgelost via Microsoft dmv tddskiller van Kaspersky.
  2. ja,kan nog steeds niet updaten.meldingen blijven hetzelfde. Misschien moet ik alles maar opnieuw installeren.
  3. [ATTACH]5758[/ATTACH] Is nu gelukt. Ik heb de combofix gezipped hier toegevoegd. ComboFix.zip
  4. als ik het logje van combofix hier in plak krijg ik melding verbindingsproblemen
  5. Logfile of random's system information tool 1.08 (written by random/random) Run by Loet at 2010-07-22 11:31:28 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 205 GB (67%) free of 305 GB Total RAM: 2046 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:31:41, on 22-7-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\RTHDCPL.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Loet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9U0JC3QC\RSIT[1].exe C:\Program Files\trend micro\Loet.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.ziggo.nl/f-secure/ols/fscax.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1c9daf56f322610) (gupdate1c9daf56f322610) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- End of file - 8691 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000UA.job C:\Windows\tasks\User_Feed_Synchronization-{2083E536-0F16-4A8C-807B-F95E2A396555}.job C:\Windows\tasks\User_Feed_Synchronization-{44AD6497-E86E-4FEE-9923-9751DE1BC652}.job C:\Windows\tasks\User_Feed_Synchronization-{C41E66D5-43C4-426E-A03D-8880F1C4B312}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 853672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-26 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 1037736] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624] "RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-06-28 16248320] "SoundMan"=C:\Windows\SOUNDMAN.EXE [2006-05-04 86016] "AlcWzrd"=C:\Windows\ALCWZRD.EXE [2006-05-04 2808832] "Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-03 69632] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-01 2065760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-08 68856] "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "Google Update"=C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-22 133104] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="avgrsstx.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-07-22 11:31:28 ----D---- C:\rsit 2010-07-05 20:16:07 ----D---- C:\Users\Loet\AppData\Roaming\Malwarebytes 2010-07-05 20:15:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-07-05 20:15:57 ----D---- C:\ProgramData\Malwarebytes 2010-07-05 20:15:57 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-07-05 20:15:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-07-04 11:50:19 ----D---- C:\Program Files\Trend Micro 2010-07-03 18:47:14 ----D---- C:\Users\Loet\AppData\Roaming\AVG9 2010-07-01 18:41:56 ----A---- C:\Windows\system32\avgrsstx.dll 2010-07-01 18:41:55 ----A---- C:\Windows\system32\drivers\avgrkx86.sys 2010-07-01 18:41:54 ----A---- C:\Windows\system32\drivers\avgtdix.sys 2010-07-01 18:41:48 ----A---- C:\Windows\system32\drivers\avgldx86.sys 2010-07-01 18:41:47 ----A---- C:\Windows\system32\drivers\avgmfx86.sys 2010-07-01 18:41:42 ----D---- C:\Windows\system32\drivers\Avg 2010-07-01 18:39:04 ----D---- C:\ProgramData\avg9 2010-07-01 18:13:29 ----R---- C:\Windows\system32\RtlCPAPI.dll 2010-07-01 18:13:29 ----R---- C:\Windows\SkyTel.exe 2010-07-01 18:13:09 ----R---- C:\Windows\SoundMan.exe 2010-07-01 18:13:06 ----R---- C:\Windows\RtlUpd.exe 2010-07-01 18:13:03 ----R---- C:\Windows\RTLCPL.exe 2010-07-01 18:12:57 ----R---- C:\Windows\system32\drivers\RtkHDAud.Sys 2010-07-01 18:12:48 ----R---- C:\Windows\RTHDCPL.exe 2010-07-01 18:12:44 ----R---- C:\Windows\MicCal.exe 2010-07-01 18:12:41 ----R---- C:\Windows\Alcmtr.exe 2010-07-01 18:12:40 ----R---- C:\Windows\alcwzrd.exe 2010-07-01 18:12:15 ----R---- C:\Windows\RtlExUpd.dll 2010-07-01 11:18:07 ----A---- C:\Windows\DIFxAPI.dll 2010-07-01 11:17:57 ----HD---- C:\Program Files\Temp 2010-07-01 10:07:08 ----D---- C:\Program Files\iPod 2010-07-01 10:07:07 ----D---- C:\Program Files\iTunes 2010-07-01 10:02:13 ----D---- C:\Windows\system32\catroot2 2010-07-01 10:01:54 ----D---- C:\Program Files\Bonjour 2010-06-30 13:10:10 ----D---- C:\Windows\system32\catroot2(830) 2010-06-30 13:09:59 ----D---- C:\Program Files\Microsoft Security Essentials 2010-06-29 20:15:36 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor 2010-06-28 13:52:12 ----D---- C:\Program Files\iPod(115) 2010-06-28 13:52:11 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-28 13:52:10 ----D---- C:\Program Files\iTunes(116) 2010-06-28 13:47:03 ----D---- C:\Program Files\Bonjour(23) ======List of files/folders modified in the last 1 months====== 2010-07-22 11:31:41 ----D---- C:\Windows\Prefetch 2010-07-22 11:31:29 ----D---- C:\Windows\Temp 2010-07-22 11:20:13 ----D---- C:\Program Files\Hitman Pro 2010-07-22 11:14:26 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-07-22 09:48:01 ----AD---- C:\ProgramData\TEMP 2010-07-22 09:39:54 ----D---- C:\Program Files\SpywareBlaster 2010-07-22 09:24:16 ----D---- C:\Windows\System32 2010-07-22 09:24:16 ----D---- C:\Windows\inf 2010-07-22 09:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-07-22 01:35:10 ----D---- C:\Windows 2010-07-21 22:16:44 ----D---- C:\ProgramData\Google Updater 2010-07-20 22:42:29 ----RD---- C:\Users 2010-07-19 15:58:15 ----SHD---- C:\System Volume Information 2010-07-11 20:06:31 ----D---- C:\Windows\system32\drivers 2010-07-08 13:35:13 ----D---- C:\Users\Loet\AppData\Roaming\Vso 2010-07-05 20:15:57 ----HD---- C:\ProgramData 2010-07-05 20:15:56 ----RD---- C:\Program Files 2010-07-04 11:50:20 ----SHD---- C:\Windows\Installer 2010-07-04 11:50:20 ----SD---- C:\Users\Loet\AppData\Roaming\Microsoft 2010-07-01 18:13:29 ----D---- C:\Windows\system32\RTCOM 2010-07-01 18:13:21 ----D---- C:\Windows\system32\catroot 2010-07-01 18:12:37 ----D---- C:\Program Files\Realtek 2010-07-01 18:12:35 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-01 10:07:07 ----D---- C:\ProgramData\Apple Computer 2010-07-01 10:07:07 ----D---- C:\Program Files\Common Files\Apple 2010-07-01 10:06:15 ----D---- C:\Program Files\QuickTime 2010-07-01 00:55:12 ----D---- C:\Windows\Debug 2010-06-30 20:08:01 ----D---- C:\Windows\SoftwareDistribution 2010-06-30 19:41:33 ----D---- C:\Windows\system32\catroot2.bak 2010-06-30 19:39:59 ----D---- C:\Windows\system32\Msdtc 2010-06-30 19:39:59 ----D---- C:\Program Files\TomTom HOME 2 2010-06-30 19:39:56 ----D---- C:\Windows\system32\wbem 2010-06-30 19:34:54 ----D---- C:\Windows\system32\config 2010-06-30 19:34:04 ----D---- C:\Windows\winsxs 2010-06-30 19:34:03 ----D---- C:\Windows\Tasks 2010-06-30 19:34:03 ----D---- C:\Windows\system32\Tasks 2010-06-30 19:34:03 ----D---- C:\Windows\system32\spool 2010-06-30 19:34:02 ----D---- C:\Windows\rescache 2010-06-30 19:34:01 ----D---- C:\Users\Loet\AppData\Roaming\IrfanView 2010-06-30 19:33:43 ----D---- C:\Program Files\NVIDIA Corporation 2010-06-30 19:33:31 ----D---- C:\Windows\registration 2010-06-30 13:10:08 ----SD---- C:\ProgramData\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-07-01 52872] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2006-04-02 42368] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-01 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-07-01 29584] R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-01 243024] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-09-15 5632] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2007-08-21 24064] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 IKFileSec;File Security Driver; C:\Windows\system32\drivers\ikfilesec.sys [2008-06-02 42376] S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952] S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-01 308136] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472] S2 gupdate1c9daf56f322610;Google Updateservice (gupdate1c9daf56f322610); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008] S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2010-07-22 11:31:43 ======Uninstall list====== Aangifte inkomstenbelasting 2008-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2008\ib2008u.exe Aangifte inkomstenbelasting 2009-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2009\ib2009u.exe Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3.3 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A93000000001} Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E} Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} AVG 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL Bicycle Board Games-->"C:\Program Files\Microsoft Games\Bicycle Board Games\UNINSTAL.EXE" /runtemp /addremove Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" DX-Ball 1.09-->C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x13 -UnInstall EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x13 UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x13 UNINST EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x13 -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON-printersoftware-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R ESDX4000_4050_CX3900-->C:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE Extensie voor Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{91897B2C-B407-48C2-A76C-E6AC47A9B6A0} Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hitman Pro-->"C:\Program Files\Hitman Pro\unins000.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Huur- en zorgtoeslag 2008-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2008\hz2008u.exe Huur- en zorgtoeslag 2009-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2009\hz2009u.exe IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503} Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Jewel Quest-->C:\PROGRA~1\GAMEHO~1\JEWELQ~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\JEWELQ~1\INSTALL.LOG Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} King's Mahjongg-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{357E7551-C1D9-11D7-B63B-00C04F4351FF}\setup.exe" -l0x13 Kyodai 4.34-->"C:\Windows\kyoun.exe" "C:\Program Files\Kyodai 4.34" "C:\Users\tineke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Markeringviewer (Windows Live Toolbar)-->MsiExec.exe /X{1509FC50-85B6-4F17-8223-423B86BF7FE3} Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2000 Premium-->MsiExec.exe /I{00000413-78E1-11D2-B60F-006097C998E7} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nannoid 1.0-->"C:\Program Files\Nannoid\unins000.exe" NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI PIF DESIGNER-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x13 anything PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A} QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x13 -removeonly REALTEK GbE & FE Ethernet PCI NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe" -l0x13 -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x13 -removeonly SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe SAMSUNG PC Share Manager-->"C:\Program Files\InstallShield Installation Information\{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}\setup.exe" -runfromtemp -l0x0413 -removeonly SAMSUNG PC Share Manager-->MsiExec.exe /I{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139} Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x13 -removeonly Scale2Scale -->"C:\Windows\th_inst2.exe" -u "C:\Program Files\Scale2Scale\Uninstall0" Smart Menu's (Windows Live Toolbar)-->MsiExec.exe /X{DC54F2F8-C26F-4D22-B92D-7075BC626106} Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Spybot - Search & Destroy 1.5.2.20-->"C:\Windows\unins000.exe" Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VideoLAN VLC media player 0.8.6h-->C:\Program Files\VLC\uninstall.exe Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe VSO Image Resizer 2.0.1.11b-->"C:\Program Files\VSO\Image Resizer\unins000.exe" Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live aanmeldhulp-->MsiExec.exe /I{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B} Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0} Windows Live Favorites voor Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91} Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646} Windows Live Photo Gallery-->MsiExec.exe /X{11005483-57F9-400C-BF9F-CBC47540705A} Windows Live Sync-->MsiExec.exe /X{CD19EDD9-1632-4002-9212-7478E4BA0423} Windows Live Toolbar-->MsiExec.exe /X{E51109E7-3818-4BC2-B3FD-A59AC2378A2B} Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE} ======Security center information====== AV: AVG Anti-Virus Free AS: Spyware Doctor (disabled) (outdated) AS: AVG Anti-Virus Free (disabled) AS: Windows Defender ======System event log====== Computer Name: Bons Event Code: 4383 Message: Update 976325-23_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141401 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-22_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141400 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-21_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141399 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-20_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141398 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-19_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141397 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM =====Application event log===== Computer Name: 26L2233B2-11 Event Code: 1003 Message: De Windows Search-service is gestart. Record Number: 5 Source Name: Microsoft-Windows-Search Time Written: 20080629121357.000000-000 Event Type: Informatie User: Computer Name: 26L2233B2-11 Event Code: 5615 Message: De Windows Management Instrumentation-service is gestart Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20080629121356.000000-000 Event Type: Informatie User: Computer Name: LH-HG2NIAUCTXNV Event Code: 4625 Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 3 Source Name: Microsoft-Windows-EventSystem Time Written: 20080629121349.000000-000 Event Type: Informatie User: Computer Name: LH-HG2NIAUCTXNV Event Code: 900 Message: De Software Licensing-service wordt gestart. Record Number: 2 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20080629121348.000000-000 Event Type: Informatie User: Computer Name: LH-HG2NIAUCTXNV Event Code: 1531 Message: De User Profile-service is gestart. Record Number: 1 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20080629121348.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM =====Security event log===== Computer Name: Bons Event Code: 4648 Message: Poging tot aanmelden met expliciete referenties. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: BONS$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Account waarvan de referenties zijn gebruikt: Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Doelserver: Naam van doelserver: localhost Aanvullende gegevens: localhost Procesgegevens: Proces-id: 0x274 Procesnaam: C:\Windows\System32\services.exe Netwerkgegevens: Netwerkadres: - Poort: - Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als. Record Number: 24265 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091505.494800-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 24264 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091456.275200-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: BONS$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x274 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 24263 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091456.275200-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4648 Message: Poging tot aanmelden met expliciete referenties. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: BONS$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Account waarvan de referenties zijn gebruikt: Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Doelserver: Naam van doelserver: localhost Aanvullende gegevens: localhost Procesgegevens: Proces-id: 0x274 Procesnaam: C:\Windows\System32\services.exe Netwerkgegevens: Netwerkadres: - Poort: - Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als. Record Number: 24262 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091456.275200-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 24261 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091402.654400-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Users\karin\Desktop;C:\Users\karin\Desktop\Samsung PC Studio;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "asl.log"=Destination=file;OnFirstLog=command,environment,parent "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- ---------- Post toegevoegd om 09:40 ---------- Vorige post was om 09:38 ---------- Logfile of random's system information tool 1.08 (written by random/random) Run by Loet at 2010-07-22 11:31:28 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 205 GB (67%) free of 305 GB Total RAM: 2046 MB (44% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:31:41, on 22-7-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\RTHDCPL.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\taskeng.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Loet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9U0JC3QC\RSIT[1].exe C:\Program Files\trend micro\Loet.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.ziggo.nl/f-secure/ols/fscax.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1c9daf56f322610) (gupdate1c9daf56f322610) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- End of file - 8691 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Google Software Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000UA.job C:\Windows\tasks\User_Feed_Synchronization-{2083E536-0F16-4A8C-807B-F95E2A396555}.job C:\Windows\tasks\User_Feed_Synchronization-{44AD6497-E86E-4FEE-9923-9751DE1BC652}.job C:\Windows\tasks\User_Feed_Synchronization-{C41E66D5-43C4-426E-A03D-8880F1C4B312}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 853672] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}] Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}] Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-26 764912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}] Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184] "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 1037736] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624] "RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-06-28 16248320] "SoundMan"=C:\Windows\SOUNDMAN.EXE [2006-05-04 86016] "AlcWzrd"=C:\Windows\ALCWZRD.EXE [2006-05-04 2808832] "Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-03 69632] "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-01 2065760] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-08 68856] "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2009-04-11 1233920] "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952] "Google Update"=C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-22 133104] "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240] "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="avgrsstx.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 months====== 2010-07-22 11:31:28 ----D---- C:\rsit 2010-07-05 20:16:07 ----D---- C:\Users\Loet\AppData\Roaming\Malwarebytes 2010-07-05 20:15:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys 2010-07-05 20:15:57 ----D---- C:\ProgramData\Malwarebytes 2010-07-05 20:15:57 ----A---- C:\Windows\system32\drivers\mbam.sys 2010-07-05 20:15:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-07-04 11:50:19 ----D---- C:\Program Files\Trend Micro 2010-07-03 18:47:14 ----D---- C:\Users\Loet\AppData\Roaming\AVG9 2010-07-01 18:41:56 ----A---- C:\Windows\system32\avgrsstx.dll 2010-07-01 18:41:55 ----A---- C:\Windows\system32\drivers\avgrkx86.sys 2010-07-01 18:41:54 ----A---- C:\Windows\system32\drivers\avgtdix.sys 2010-07-01 18:41:48 ----A---- C:\Windows\system32\drivers\avgldx86.sys 2010-07-01 18:41:47 ----A---- C:\Windows\system32\drivers\avgmfx86.sys 2010-07-01 18:41:42 ----D---- C:\Windows\system32\drivers\Avg 2010-07-01 18:39:04 ----D---- C:\ProgramData\avg9 2010-07-01 18:13:29 ----R---- C:\Windows\system32\RtlCPAPI.dll 2010-07-01 18:13:29 ----R---- C:\Windows\SkyTel.exe 2010-07-01 18:13:09 ----R---- C:\Windows\SoundMan.exe 2010-07-01 18:13:06 ----R---- C:\Windows\RtlUpd.exe 2010-07-01 18:13:03 ----R---- C:\Windows\RTLCPL.exe 2010-07-01 18:12:57 ----R---- C:\Windows\system32\drivers\RtkHDAud.Sys 2010-07-01 18:12:48 ----R---- C:\Windows\RTHDCPL.exe 2010-07-01 18:12:44 ----R---- C:\Windows\MicCal.exe 2010-07-01 18:12:41 ----R---- C:\Windows\Alcmtr.exe 2010-07-01 18:12:40 ----R---- C:\Windows\alcwzrd.exe 2010-07-01 18:12:15 ----R---- C:\Windows\RtlExUpd.dll 2010-07-01 11:18:07 ----A---- C:\Windows\DIFxAPI.dll 2010-07-01 11:17:57 ----HD---- C:\Program Files\Temp 2010-07-01 10:07:08 ----D---- C:\Program Files\iPod 2010-07-01 10:07:07 ----D---- C:\Program Files\iTunes 2010-07-01 10:02:13 ----D---- C:\Windows\system32\catroot2 2010-07-01 10:01:54 ----D---- C:\Program Files\Bonjour 2010-06-30 13:10:10 ----D---- C:\Windows\system32\catroot2(830) 2010-06-30 13:09:59 ----D---- C:\Program Files\Microsoft Security Essentials 2010-06-29 20:15:36 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor 2010-06-28 13:52:12 ----D---- C:\Program Files\iPod(115) 2010-06-28 13:52:11 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-06-28 13:52:10 ----D---- C:\Program Files\iTunes(116) 2010-06-28 13:47:03 ----D---- C:\Program Files\Bonjour(23) ======List of files/folders modified in the last 1 months====== 2010-07-22 11:31:41 ----D---- C:\Windows\Prefetch 2010-07-22 11:31:29 ----D---- C:\Windows\Temp 2010-07-22 11:20:13 ----D---- C:\Program Files\Hitman Pro 2010-07-22 11:14:26 ----D---- C:\ProgramData\Spybot - Search & Destroy 2010-07-22 09:48:01 ----AD---- C:\ProgramData\TEMP 2010-07-22 09:39:54 ----D---- C:\Program Files\SpywareBlaster 2010-07-22 09:24:16 ----D---- C:\Windows\System32 2010-07-22 09:24:16 ----D---- C:\Windows\inf 2010-07-22 09:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-07-22 01:35:10 ----D---- C:\Windows 2010-07-21 22:16:44 ----D---- C:\ProgramData\Google Updater 2010-07-20 22:42:29 ----RD---- C:\Users 2010-07-19 15:58:15 ----SHD---- C:\System Volume Information 2010-07-11 20:06:31 ----D---- C:\Windows\system32\drivers 2010-07-08 13:35:13 ----D---- C:\Users\Loet\AppData\Roaming\Vso 2010-07-05 20:15:57 ----HD---- C:\ProgramData 2010-07-05 20:15:56 ----RD---- C:\Program Files 2010-07-04 11:50:20 ----SHD---- C:\Windows\Installer 2010-07-04 11:50:20 ----SD---- C:\Users\Loet\AppData\Roaming\Microsoft 2010-07-01 18:13:29 ----D---- C:\Windows\system32\RTCOM 2010-07-01 18:13:21 ----D---- C:\Windows\system32\catroot 2010-07-01 18:12:37 ----D---- C:\Program Files\Realtek 2010-07-01 18:12:35 ----HD---- C:\Program Files\InstallShield Installation Information 2010-07-01 10:07:07 ----D---- C:\ProgramData\Apple Computer 2010-07-01 10:07:07 ----D---- C:\Program Files\Common Files\Apple 2010-07-01 10:06:15 ----D---- C:\Program Files\QuickTime 2010-07-01 00:55:12 ----D---- C:\Windows\Debug 2010-06-30 20:08:01 ----D---- C:\Windows\SoftwareDistribution 2010-06-30 19:41:33 ----D---- C:\Windows\system32\catroot2.bak 2010-06-30 19:39:59 ----D---- C:\Windows\system32\Msdtc 2010-06-30 19:39:59 ----D---- C:\Program Files\TomTom HOME 2 2010-06-30 19:39:56 ----D---- C:\Windows\system32\wbem 2010-06-30 19:34:54 ----D---- C:\Windows\system32\config 2010-06-30 19:34:04 ----D---- C:\Windows\winsxs 2010-06-30 19:34:03 ----D---- C:\Windows\Tasks 2010-06-30 19:34:03 ----D---- C:\Windows\system32\Tasks 2010-06-30 19:34:03 ----D---- C:\Windows\system32\spool 2010-06-30 19:34:02 ----D---- C:\Windows\rescache 2010-06-30 19:34:01 ----D---- C:\Users\Loet\AppData\Roaming\IrfanView 2010-06-30 19:33:43 ----D---- C:\Program Files\NVIDIA Corporation 2010-06-30 19:33:31 ----D---- C:\Windows\registration 2010-06-30 13:10:08 ----SD---- C:\ProgramData\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-07-01 52872] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2006-04-02 42368] R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-01 216400] R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-07-01 29584] R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-01 243024] R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-09-15 5632] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-06-28 4304384] R3 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280] R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2007-08-21 24064] R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016] R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] S3 IKFileSec;File Security Driver; C:\Windows\system32\drivers\ikfilesec.sys [2008-06-02 42376] S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952] S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888] S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016] S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176] R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-01 308136] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640] R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512] R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472] S2 gupdate1c9daf56f322610;Google Updateservice (gupdate1c9daf56f322610); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104] S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280] S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504] S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920] S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008] S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2010-07-22 11:31:43 ======Uninstall list====== Aangifte inkomstenbelasting 2008-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2008\ib2008u.exe Aangifte inkomstenbelasting 2009-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2009\ib2009u.exe Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.3.3 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A93000000001} Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E} Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} AVG 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL Bicycle Board Games-->"C:\Program Files\Microsoft Games\Bicycle Board Games\UNINSTAL.EXE" /runtemp /addremove Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" DX-Ball 1.09-->C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x13 -UnInstall EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x13 UNINST EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x13 UNINST EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x13 -u EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r EPSON-printersoftware-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R ESDX4000_4050_CX3900-->C:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE Extensie voor Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{91897B2C-B407-48C2-A76C-E6AC47A9B6A0} Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466} Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hitman Pro-->"C:\Program Files\Hitman Pro\unins000.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Huur- en zorgtoeslag 2008-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2008\hz2008u.exe Huur- en zorgtoeslag 2009-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2009\hz2009u.exe IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503} Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF} Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070} Jewel Quest-->C:\PROGRA~1\GAMEHO~1\JEWELQ~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\JEWELQ~1\INSTALL.LOG Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5} King's Mahjongg-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{357E7551-C1D9-11D7-B63B-00C04F4351FF}\setup.exe" -l0x13 Kyodai 4.34-->"C:\Windows\kyoun.exe" "C:\Program Files\Kyodai 4.34" "C:\Users\tineke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\" Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Markeringviewer (Windows Live Toolbar)-->MsiExec.exe /X{1509FC50-85B6-4F17-8223-423B86BF7FE3} Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF} Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office 2000 Premium-->MsiExec.exe /I{00000413-78E1-11D2-B60F-006097C998E7} Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7} Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5} Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} Nannoid 1.0-->"C:\Program Files\Nannoid\unins000.exe" NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI PIF DESIGNER-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x13 anything PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A} QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D} Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x13 -removeonly REALTEK GbE & FE Ethernet PCI NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe" -l0x13 -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x13 -removeonly SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe SAMSUNG PC Share Manager-->"C:\Program Files\InstallShield Installation Information\{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}\setup.exe" -runfromtemp -l0x0413 -removeonly SAMSUNG PC Share Manager-->MsiExec.exe /I{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139} Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x13 -removeonly Scale2Scale -->"C:\Windows\th_inst2.exe" -u "C:\Program Files\Scale2Scale\Uninstall0" Smart Menu's (Windows Live Toolbar)-->MsiExec.exe /X{DC54F2F8-C26F-4D22-B92D-7075BC626106} Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003} Spybot - Search & Destroy 1.5.2.20-->"C:\Windows\unins000.exe" Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe" System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" VideoLAN VLC media player 0.8.6h-->C:\Program Files\VLC\uninstall.exe Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe VSO Image Resizer 2.0.1.11b-->"C:\Program Files\VSO\Image Resizer\unins000.exe" Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Live aanmeldhulp-->MsiExec.exe /I{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B} Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0} Windows Live Favorites voor Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66} Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91} Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646} Windows Live Photo Gallery-->MsiExec.exe /X{11005483-57F9-400C-BF9F-CBC47540705A} Windows Live Sync-->MsiExec.exe /X{CD19EDD9-1632-4002-9212-7478E4BA0423} Windows Live Toolbar-->MsiExec.exe /X{E51109E7-3818-4BC2-B3FD-A59AC2378A2B} Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE} ======Security center information====== AV: AVG Anti-Virus Free AS: Spyware Doctor (disabled) (outdated) AS: AVG Anti-Virus Free (disabled) AS: Windows Defender ======System event log====== Computer Name: Bons Event Code: 4383 Message: Update 976325-23_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141401 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-22_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141400 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-21_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141399 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-20_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141398 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM Computer Name: Bons Event Code: 4383 Message: Update 976325-19_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving) Record Number: 141397 Source Name: Microsoft-Windows-Servicing Time Written: 20091209084741.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM =====Application event log===== Computer Name: 26L2233B2-11 Event Code: 1003 Message: De Windows Search-service is gestart. Record Number: 5 Source Name: Microsoft-Windows-Search Time Written: 20080629121357.000000-000 Event Type: Informatie User: Computer Name: 26L2233B2-11 Event Code: 5615 Message: De Windows Management Instrumentation-service is gestart Record Number: 4 Source Name: Microsoft-Windows-WMI Time Written: 20080629121356.000000-000 Event Type: Informatie User: Computer Name: LH-HG2NIAUCTXNV Event Code: 4625 Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog. Record Number: 3 Source Name: Microsoft-Windows-EventSystem Time Written: 20080629121349.000000-000 Event Type: Informatie User: Computer Name: LH-HG2NIAUCTXNV Event Code: 900 Message: De Software Licensing-service wordt gestart. Record Number: 2 Source Name: Microsoft-Windows-Security-Licensing-SLC Time Written: 20080629121348.000000-000 Event Type: Informatie User: Computer Name: LH-HG2NIAUCTXNV Event Code: 1531 Message: De User Profile-service is gestart. Record Number: 1 Source Name: Microsoft-Windows-User Profiles Service Time Written: 20080629121348.000000-000 Event Type: Informatie User: NT AUTHORITY\SYSTEEM =====Security event log===== Computer Name: Bons Event Code: 4648 Message: Poging tot aanmelden met expliciete referenties. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: BONS$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Account waarvan de referenties zijn gebruikt: Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Doelserver: Naam van doelserver: localhost Aanvullende gegevens: localhost Procesgegevens: Proces-id: 0x274 Procesnaam: C:\Windows\System32\services.exe Netwerkgegevens: Netwerkadres: - Poort: - Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als. Record Number: 24265 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091505.494800-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 24264 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091456.275200-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4624 Message: Er is een account aangemeld. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: BONS$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldingstype: 5 Nieuwe aanmelding: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Procesgegevens: Proces-id: 0x274 Naam proces: C:\Windows\System32\services.exe Netwerkgegevens: Naam van werkstation: Netwerkadres van bron: - Poort van bron: - Gedetailleerde verificatiegegevens: Aanmeldingsproces: Advapi Verificatiepakket: Negotiate Doorgezette services: - Pakketnaam (alleen NTLM): - Sleutellengte: 0 Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen. De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe. In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk). Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld. In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn. De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag. - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis. - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt. - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt. - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd. Record Number: 24263 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091456.275200-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4648 Message: Poging tot aanmelden met expliciete referenties. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: BONS$ Accountdomein: WORKGROUP Aanmeldings-id: 0x3e7 Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Account waarvan de referenties zijn gebruikt: Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000} Doelserver: Naam van doelserver: localhost Aanvullende gegevens: localhost Procesgegevens: Proces-id: 0x274 Procesnaam: C:\Windows\System32\services.exe Netwerkgegevens: Netwerkadres: - Poort: - Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als. Record Number: 24262 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091456.275200-000 Event Type: Controle geslaagd User: Computer Name: Bons Event Code: 4672 Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding. Onderwerp: Beveiligings-id: S-1-5-18 Accountnaam: SYSTEEM Accountdomein: NT AUTHORITY Aanmeldings-id: 0x3e7 Bevoegdheden: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 24261 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20090109091402.654400-000 Event Type: Controle geslaagd User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Users\karin\Desktop;C:\Users\karin\Desktop\Samsung PC Studio;C:\Program Files\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=x86 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel "PROCESSOR_REVISION"=0f0d "NUMBER_OF_PROCESSORS"=2 "asl.log"=Destination=file;OnFirstLog=command,environment,parent "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  6. Lukt niet logje te maken.Kan nog steeds niet updaten Krijg wel een melding:Hostproces voor Windows-services werkt niet meer
  7. * Trend Micro HijackThis v2.0.4 * See bottom for version history. The different sections of hijacking possibilities have been separated into the following groups. You can get more detailed information about an item by selecting it from the list of found items OR highlighting the relevant line below, and clicking 'Info on selected item'. R - Registry, StartPage/SearchPage changes R0 - Changed registry value R1 - Created registry value R2 - Created registry key R3 - Created extra registry value where only one should be F - IniFiles, autoloading entries F0 - Changed inifile value F1 - Created inifile value F2 - Changed inifile value, mapped to Registry F3 - Created inifile value, mapped to Registry N - Netscape/Mozilla StartPage/SearchPage changes N1 - Change in prefs.js of Netscape 4.x N2 - Change in prefs.js of Netscape 6 N3 - Change in prefs.js of Netscape 7 N4 - Change in prefs.js of Mozilla O - Other, several sections which represent: O1 - Hijack of auto.search.msn.com with Hosts file O2 - Enumeration of existing MSIE BHO's O3 - Enumeration of existing MSIE toolbars O4 - Enumeration of suspicious autoloading Registry entries O5 - Blocking of loading Internet Options in Control Panel O6 - Disabling of 'Internet Options' Main tab with Policies O7 - Disabling of Regedit with Policies O8 - Extra MSIE context menu items O9 - Extra 'Tools' menuitems and buttons O10 - Breaking of Internet access by New.Net or WebHancer O11 - Extra options in MSIE 'Advanced' settings tab O12 - MSIE plugins for file extensions or MIME types O13 - Hijack of default URL prefixes O14 - Changing of IERESET.INF O15 - Trusted Zone Autoadd O16 - Download Program Files item O17 - Domain hijack O18 - Enumeration of existing protocols and filters O19 - User stylesheet hijack O20 - AppInit_DLLs autorun Registry value, Winlogon Notify Registry keys O21 - ShellServiceObjectDelayLoad (SSODL) autorun Registry key O22 - SharedTaskScheduler autorun Registry key O23 - Enumeration of NT Services O24 - Enumeration of ActiveX Desktop Components Command-line parameters: * /autolog - automatically scan the system, save a logfile and open it * /ihatewhitelists - ignore all internal whitelists * /uninstall - remove all HijackThis Registry entries, backups and quit * /silentautuolog - the same as /autolog, except with no required user intervention * Version history * [v2.0.4] * Fixed parser issues on winlogon notify * Fixed issues to handle certain environment variables * Rename HJT generates complete scan log [v2.00.0] * AnalyzeThis added for log file statistics * Recognizes Windows Vista and IE7 * Fixed a few bugs in the O23 method * Fixed a bug in the O22 method (SharedTaskScheduler) * Did a few tweaks on the log format * Fixed and improved ADS Spy * Improved Itty Bitty Procman (processes are frozen before they are killed) * Added listing of O4 autoruns from other users * Added listing of the Policies Run items in O4 method, used by SmitFraud trojan * Added /silentautolog parameter for system admins * Added /deleteonreboot [file] parameter for system admins * Added O24 - ActiveX Desktop Components enumeration * Added Enhanced Security Confirguration (ESC) Zones to O15 Trusted Sites check [v1.99.1] * Added Winlogon Notify keys to O20 listing * Fixed crashing bug on certain Win2000 and WinXP systems at O23 listing * Fixed lots and lots of 'unexpected error' bugs * Fixed lots of inproper functioning bugs (i.e. stuff that didn't work) * Added 'Delete NT Service' function in Misc Tools section * Added ProtocolDefaults to O15 listing * Fixed MD5 hashing not working * Fixed 'ISTSVC' autorun entries with garbage data not being fixed * Fixed HijackThis uninstall entry not being updated/created on new versions * Added Uninstall Manager in Misc Tools to manage 'Add/Remove Software' list * Added option to scan the system at startup, then show results or quit if nothing found [v1.99] * Added O23 (NT Services) in light of newer trojans * Integrated ADS Spy into Misc Tools section * Added 'Action taken' to info in 'More info on this item' [v1.98] * Definitive support for Japanese/Chinese/Korean systems * Added O20 (AppInit_DLLs) in light of newer trojans * Added O21 (ShellServiceObjectDelayLoad, SSODL) in light of newer trojans * Added O22 (SharedTaskScheduler) in light of newer trojans * Backups of fixed items are now saved in separate folder * HijackThis now checks if it was started from a temp folder * Added a small process manager (Misc Tools section) [v1.96] * Lots of bugfixes and small enhancements! Among others: * Fix for Japanese IE toolbars * Fix for searchwww.com fake CLSID trick in IE toolbars and BHO's * Attributes on Hosts file will now be restored when scanning/fixing/restoring it. * Added several files to the LSP whitelist * Fixed some issues with incorrectly re-encrypting data, making R0/R1 go undetected until a restart * All sites in the Trusted Zone are now shown, with the exception of those on the nonstandard but safe domain list [v1.95] * Added a new regval to check for from Whazit hijack (Start Page_bak). * Excluded IE logo change tweak from toolbar detection (BrandBitmap and SmBrandBitmap). * New in logfile: Running processes at time of scan. * Checkmarks for running StartupList with /full and /complete in HijackThis UI. * New O19 method to check for Datanotary hijack of user stylesheet. * Google.com IP added to whitelist for Hosts file check. [v1.94] * Fixed a bug in the Check for Updates function that could cause corrupt downloads on certain systems. * Fixed a bug in enumeration of toolbars (Lop toolbars are now listed!). * Added imon.dll, drwhook.dll and wspirda.dll to LSP safelist. * Fixed a bug where DPF could not be deleted. * Fixed a stupid bug in enumeration of autostarting shortcuts. * Fixed info on Netscape 6/7 and Mozilla saying '%shitbrowser%' (oops). * Fixed bug where logfile would not auto-open on systems that don't have .log filetype registered. * Added support for backing up F0 and F1 items (d'oh!). [v1.93] * Added mclsp.dll (McAfee), WPS.DLL (Sygate Firewall), zklspr.dll (Zero Knowledge) and mxavlsp.dll (OnTrack) to LSP safelist. * Fixed a bug in LSP routine for Win95. * Made taborder nicer. * Fixed a bug in backup/restore of IE plugins. * Added UltimateSearch hijack in O17 method (I think). * Fixed a bug with detecting/removing BHO's disabled by BHODemon. * Also fixed a bug in StartupList (now version 1.52.1). [v1.92] * Fixed two stupid bugs in backup restore function. * Added DiamondCS file to LSP files safelist. * Added a few more items to the protocol safelist. * Log is now opened immediately after saving. * Removed rd.yahoo.com from NSBSD list (spammers are starting to use this, no doubt spyware authors will follow). * Updated integrated StartupList to v1.52. * In light of SpywareNuker/BPS Spyware Remover, any strings relevant to reverse-engineers are now encrypted. * Rudimentary proxy support for the Check for Updates function. [v1.91] * Added rd.yahoo.com to the Nonstandard But Safe Domains list. * Added 8 new protocols to the protocol check safelist, as well as showing the file that handles the protocol in the log (O18). * Added listing of programs/links in Startup folders (O4). * Fixed 'Check for Update' not detecting new versions. [v1.9] * Added check for Lop.com 'Domain' hijack (O17). * Bugfix in URLSearchHook (R3) fix. * Improved O1 (Hosts file) check. * Rewrote code to delete BHO's, fixing a really nasty bug with orphaned BHO keys. * Added AutoConfigURL and proxyserver checks (R1). * IE Extensions (Button/Tools menuitem) in HKEY_CURRENT_USER are now also detected. * Added check for extra protocols (O18). [v1.81] * Added 'ignore non-standard but safe domains' option. * Improved Winsock LSP hijackers detection. * Integrated StartupList updated to v1.4. [v1.8] * Fixed a few bugs. * Adds detecting of free.aol.com in Trusted Zone. * Adds checking of URLSearchHooks key, which should have only one value. * Adds listing/deleting of Download Program Files. * Integrated StartupList into the new 'Misc Tools' section of the Config screen! [v1.71] * Improves detecting of O6. * Some internal changes/improvements. [v1.7] * Adds backup function! Yay! * Added check for default URL prefix * Added check for changing of IERESET.INF * Added check for changing of Netscape/Mozilla homepage and default search engine. [v1.61] * Fixes Runtime Error when Hosts file is empty. [v1.6] * Added enumerating of MSIE plugins * Added check for extra options in 'Advanced' tab of 'Internet Options'. [v1.5] * Adds 'Uninstall & Exit' and 'Check for update online' functions. * Expands enumeration of autoloading Registry entries (now also scans for .vbs, .js, .dll, rundll32 and service) [v1.4] * Adds repairing of broken Internet access (aka Winsock or LSP fix) by New.Net/WebHancer * A few bugfixes/enhancements [v1.3] * Adds detecting of extra MSIE context menu items * Added detecting of extra 'Tools' menu items and extra buttons * Added 'Confirm deleting/ignoring items' checkbox [v1.2] * Adds 'Ignorelist' and 'Info' functions [v1.1] * Supports BHO's, some default URL changes [v1.0] * Original release A good thing to do after version updates is clear your Ignore list and re-add them, as the format of detected items sometimes changes.
  8. Please help us improve HijackThis by reporting this error Click 'Yes' to submit Error Details: An unexpected error has occurred at procedure: modBackup_MakeBackup(sItem=O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)) Error #5 - Invalid procedure call or argument Windows version: Windows NT 6.00.1906 MSIE version: 8.0.6001.18904 HijackThis version: 2.0.4 Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Databaseversie: 4279 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 5-7-2010 20:46:55 mbam-log-2010-07-05 (20-46-55).txt Scantype: Snelle scan Objecten gescand: 147413 Verstreken tijd: 5 minuut/minuten, 42 seconde(n) Geheugenprocessen geïnfecteerd: 0 Geheugenmodulen geïnfecteerd: 0 Registersleutels geïnfecteerd: 0 Registerwaarden geïnfecteerd: 0 Registerdata geïnfecteerd: 0 Mappen geïnfecteerd: 0 Bestanden geïnfecteerd: 0 Geheugenprocessen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registersleutels geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerwaarden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Registerdata geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Mappen geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd) Bestanden geïnfecteerd: (Geen kwaadaardige objecten gedetecteerd)
  9. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:56:55, on 4-7-2010 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.18904) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\RTHDCPL.exe C:\Program Files\AVG\AVG9\avgtray.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Mail\WinMail.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Loet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXPWUG4V\HijackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [Google Update] "C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file) O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.ziggo.nl/f-secure/ols/fscax.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll O20 - AppInit_DLLs: avgrsstx.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate1c9daf56f322610) (gupdate1c9daf56f322610) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- End of file - 8517 bytes
  10. hallo System is vista . Staat op automatisch upgraden maar krijg melding:kan niet upgraden- fout 8072EFE. Iemand die een oplssing heeft?
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.