Ga naar inhoud

Welkom op PC Helpforum!
PC Helpforum helpt GRATIS computergebruikers sinds 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!


    Aanbevolen berichten

    Download RSIT.

    Sla het op je Bureaublad op.

    Dubbelklik op RSIT om het te starten.

    Klik op Continue in het disclaimer venster.

    Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

  • Topicstarter
  •    0

    Logfile of random's system information tool 1.08 (written by random/random)

    Run by Loet at 2010-07-22 11:31:28

    Microsoft® Windows Vista™ Home Premium Service Pack 2

    System drive C: has 205 GB (67%) free of 305 GB

    Total RAM: 2046 MB (44% free)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 11:31:41, on 22-7-2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18904)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Microsoft IntelliPoint\ipoint.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\Windows\RTHDCPL.exe

    C:\Program Files\AVG\AVG9\avgtray.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Windows Mail\WinMail.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Users\Loet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9U0JC3QC\RSIT[1].exe

    C:\Program Files\trend micro\Loet.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

    O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [Google Update] "C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

    O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live

    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.ziggo.nl/f-secure/ols/fscax.cab

    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

    O20 - AppInit_DLLs: avgrsstx.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Google Updateservice (gupdate1c9daf56f322610) (gupdate1c9daf56f322610) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

    --

    End of file - 8691 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Google Software Updater.job

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000Core.job

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000UA.job

    C:\Windows\tasks\User_Feed_Synchronization-{2083E536-0F16-4A8C-807B-F95E2A396555}.job

    C:\Windows\tasks\User_Feed_Synchronization-{44AD6497-E86E-4FEE-9923-9751DE1BC652}.job

    C:\Windows\tasks\User_Feed_Synchronization-{C41E66D5-43C4-426E-A03D-8880F1C4B312}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

    AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

    C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 853672]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-26 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

    Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

    "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 1037736]

    "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]

    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]

    "RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-06-28 16248320]

    "SoundMan"=C:\Windows\SOUNDMAN.EXE [2006-05-04 86016]

    "AlcWzrd"=C:\Windows\ALCWZRD.EXE [2006-05-04 2808832]

    "Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-03 69632]

    "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-01 2065760]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-08 68856]

    "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2009-04-11 1233920]

    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    "Google Update"=C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-22 133104]

    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "AppInit_DLLs"="avgrsstx.dll"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "BindDirectlyToPropertySetStorage"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-07-22 11:31:28 ----D---- C:\rsit

    2010-07-05 20:16:07 ----D---- C:\Users\Loet\AppData\Roaming\Malwarebytes

    2010-07-05 20:15:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

    2010-07-05 20:15:57 ----D---- C:\ProgramData\Malwarebytes

    2010-07-05 20:15:57 ----A---- C:\Windows\system32\drivers\mbam.sys

    2010-07-05 20:15:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

    2010-07-04 11:50:19 ----D---- C:\Program Files\Trend Micro

    2010-07-03 18:47:14 ----D---- C:\Users\Loet\AppData\Roaming\AVG9

    2010-07-01 18:41:56 ----A---- C:\Windows\system32\avgrsstx.dll

    2010-07-01 18:41:55 ----A---- C:\Windows\system32\drivers\avgrkx86.sys

    2010-07-01 18:41:54 ----A---- C:\Windows\system32\drivers\avgtdix.sys

    2010-07-01 18:41:48 ----A---- C:\Windows\system32\drivers\avgldx86.sys

    2010-07-01 18:41:47 ----A---- C:\Windows\system32\drivers\avgmfx86.sys

    2010-07-01 18:41:42 ----D---- C:\Windows\system32\drivers\Avg

    2010-07-01 18:39:04 ----D---- C:\ProgramData\avg9

    2010-07-01 18:13:29 ----R---- C:\Windows\system32\RtlCPAPI.dll

    2010-07-01 18:13:29 ----R---- C:\Windows\SkyTel.exe

    2010-07-01 18:13:09 ----R---- C:\Windows\SoundMan.exe

    2010-07-01 18:13:06 ----R---- C:\Windows\RtlUpd.exe

    2010-07-01 18:13:03 ----R---- C:\Windows\RTLCPL.exe

    2010-07-01 18:12:57 ----R---- C:\Windows\system32\drivers\RtkHDAud.Sys

    2010-07-01 18:12:48 ----R---- C:\Windows\RTHDCPL.exe

    2010-07-01 18:12:44 ----R---- C:\Windows\MicCal.exe

    2010-07-01 18:12:41 ----R---- C:\Windows\Alcmtr.exe

    2010-07-01 18:12:40 ----R---- C:\Windows\alcwzrd.exe

    2010-07-01 18:12:15 ----R---- C:\Windows\RtlExUpd.dll

    2010-07-01 11:18:07 ----A---- C:\Windows\DIFxAPI.dll

    2010-07-01 11:17:57 ----HD---- C:\Program Files\Temp

    2010-07-01 10:07:08 ----D---- C:\Program Files\iPod

    2010-07-01 10:07:07 ----D---- C:\Program Files\iTunes

    2010-07-01 10:02:13 ----D---- C:\Windows\system32\catroot2

    2010-07-01 10:01:54 ----D---- C:\Program Files\Bonjour

    2010-06-30 13:10:10 ----D---- C:\Windows\system32\catroot2(830)

    2010-06-30 13:09:59 ----D---- C:\Program Files\Microsoft Security Essentials

    2010-06-29 20:15:36 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor

    2010-06-28 13:52:12 ----D---- C:\Program Files\iPod(115)

    2010-06-28 13:52:11 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

    2010-06-28 13:52:10 ----D---- C:\Program Files\iTunes(116)

    2010-06-28 13:47:03 ----D---- C:\Program Files\Bonjour(23)

    ======List of files/folders modified in the last 1 months======

    2010-07-22 11:31:41 ----D---- C:\Windows\Prefetch

    2010-07-22 11:31:29 ----D---- C:\Windows\Temp

    2010-07-22 11:20:13 ----D---- C:\Program Files\Hitman Pro

    2010-07-22 11:14:26 ----D---- C:\ProgramData\Spybot - Search & Destroy

    2010-07-22 09:48:01 ----AD---- C:\ProgramData\TEMP

    2010-07-22 09:39:54 ----D---- C:\Program Files\SpywareBlaster

    2010-07-22 09:24:16 ----D---- C:\Windows\System32

    2010-07-22 09:24:16 ----D---- C:\Windows\inf

    2010-07-22 09:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI

    2010-07-22 01:35:10 ----D---- C:\Windows

    2010-07-21 22:16:44 ----D---- C:\ProgramData\Google Updater

    2010-07-20 22:42:29 ----RD---- C:\Users

    2010-07-19 15:58:15 ----SHD---- C:\System Volume Information

    2010-07-11 20:06:31 ----D---- C:\Windows\system32\drivers

    2010-07-08 13:35:13 ----D---- C:\Users\Loet\AppData\Roaming\Vso

    2010-07-05 20:15:57 ----HD---- C:\ProgramData

    2010-07-05 20:15:56 ----RD---- C:\Program Files

    2010-07-04 11:50:20 ----SHD---- C:\Windows\Installer

    2010-07-04 11:50:20 ----SD---- C:\Users\Loet\AppData\Roaming\Microsoft

    2010-07-01 18:13:29 ----D---- C:\Windows\system32\RTCOM

    2010-07-01 18:13:21 ----D---- C:\Windows\system32\catroot

    2010-07-01 18:12:37 ----D---- C:\Program Files\Realtek

    2010-07-01 18:12:35 ----HD---- C:\Program Files\InstallShield Installation Information

    2010-07-01 10:07:07 ----D---- C:\ProgramData\Apple Computer

    2010-07-01 10:07:07 ----D---- C:\Program Files\Common Files\Apple

    2010-07-01 10:06:15 ----D---- C:\Program Files\QuickTime

    2010-07-01 00:55:12 ----D---- C:\Windows\Debug

    2010-06-30 20:08:01 ----D---- C:\Windows\SoftwareDistribution

    2010-06-30 19:41:33 ----D---- C:\Windows\system32\catroot2.bak

    2010-06-30 19:39:59 ----D---- C:\Windows\system32\Msdtc

    2010-06-30 19:39:59 ----D---- C:\Program Files\TomTom HOME 2

    2010-06-30 19:39:56 ----D---- C:\Windows\system32\wbem

    2010-06-30 19:34:54 ----D---- C:\Windows\system32\config

    2010-06-30 19:34:04 ----D---- C:\Windows\winsxs

    2010-06-30 19:34:03 ----D---- C:\Windows\Tasks

    2010-06-30 19:34:03 ----D---- C:\Windows\system32\Tasks

    2010-06-30 19:34:03 ----D---- C:\Windows\system32\spool

    2010-06-30 19:34:02 ----D---- C:\Windows\rescache

    2010-06-30 19:34:01 ----D---- C:\Users\Loet\AppData\Roaming\IrfanView

    2010-06-30 19:33:43 ----D---- C:\Program Files\NVIDIA Corporation

    2010-06-30 19:33:31 ----D---- C:\Windows\registration

    2010-06-30 13:10:08 ----SD---- C:\ProgramData\Microsoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-07-01 52872]

    R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2006-04-02 42368]

    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-01 216400]

    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-07-01 29584]

    R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-01 243024]

    R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-09-15 5632]

    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]

    R3 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]

    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]

    R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2007-08-21 24064]

    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016]

    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

    S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

    S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

    S3 IKFileSec;File Security Driver; C:\Windows\system32\drivers\ikfilesec.sys [2008-06-02 42376]

    S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]

    S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]

    S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

    S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

    S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

    S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]

    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]

    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]

    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]

    S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]

    R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-01 308136]

    R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]

    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]

    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]

    R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]

    S2 gupdate1c9daf56f322610;Google Updateservice (gupdate1c9daf56f322610); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]

    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]

    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

    S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]

    S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]

    S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960]

    -----------------EOF-----------------

    info.txt logfile of random's system information tool 1.08 2010-07-22 11:31:43

    ======Uninstall list======

    Aangifte inkomstenbelasting 2008-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2008\ib2008u.exe

    Aangifte inkomstenbelasting 2009-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2009\ib2009u.exe

    Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG

    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex

    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

    Adobe Reader 9.3.3 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A93000000001}

    Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log

    Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}

    Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}

    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

    AVG 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL

    Bicycle Board Games-->"C:\Program Files\Microsoft Games\Bicycle Board Games\UNINSTAL.EXE" /runtemp /addremove

    Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}

    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

    DX-Ball 1.09-->C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG

    EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG

    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x13 -UnInstall

    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x13 UNINST

    EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x13 UNINST

    EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x13 -u

    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

    EPSON-printersoftware-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

    ESDX4000_4050_CX3900-->C:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE

    Extensie voor Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{91897B2C-B407-48C2-A76C-E6AC47A9B6A0}

    Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}

    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall

    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

    HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

    Hitman Pro-->"C:\Program Files\Hitman Pro\unins000.exe"

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

    Huur- en zorgtoeslag 2008-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2008\hz2008u.exe

    Huur- en zorgtoeslag 2009-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2009\hz2009u.exe

    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

    iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503}

    Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

    Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

    Jewel Quest-->C:\PROGRA~1\GAMEHO~1\JEWELQ~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\JEWELQ~1\INSTALL.LOG

    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

    King's Mahjongg-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{357E7551-C1D9-11D7-B63B-00C04F4351FF}\setup.exe" -l0x13

    Kyodai 4.34-->"C:\Windows\kyoun.exe" "C:\Program Files\Kyodai 4.34" "C:\Users\tineke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\"

    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

    Markeringviewer (Windows Live Toolbar)-->MsiExec.exe /X{1509FC50-85B6-4F17-8223-423B86BF7FE3}

    Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

    Microsoft Office 2000 Premium-->MsiExec.exe /I{00000413-78E1-11D2-B60F-006097C998E7}

    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

    Nannoid 1.0-->"C:\Program Files\Nannoid\unins000.exe"

    NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel

    NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI

    PIF DESIGNER-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x13 anything

    PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}

    QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D}

    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x13 -removeonly

    REALTEK GbE & FE Ethernet PCI NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe" -l0x13 -removeonly

    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x13 -removeonly

    SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

    SAMSUNG PC Share Manager-->"C:\Program Files\InstallShield Installation Information\{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}\setup.exe" -runfromtemp -l0x0413 -removeonly

    SAMSUNG PC Share Manager-->MsiExec.exe /I{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}

    Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x13 -removeonly

    Scale2Scale -->"C:\Windows\th_inst2.exe" -u "C:\Program Files\Scale2Scale\Uninstall0"

    Smart Menu's (Windows Live Toolbar)-->MsiExec.exe /X{DC54F2F8-C26F-4D22-B92D-7075BC626106}

    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

    Spybot - Search & Destroy 1.5.2.20-->"C:\Windows\unins000.exe"

    Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG

    SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"

    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

    Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

    TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe

    TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

    VideoLAN VLC media player 0.8.6h-->C:\Program Files\VLC\uninstall.exe

    Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe

    VSO Image Resizer 2.0.1.11b-->"C:\Program Files\VSO\Image Resizer\unins000.exe"

    Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

    Windows Live aanmeldhulp-->MsiExec.exe /I{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}

    Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}

    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

    Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

    Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}

    Windows Live Favorites voor Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}

    Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}

    Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646}

    Windows Live Photo Gallery-->MsiExec.exe /X{11005483-57F9-400C-BF9F-CBC47540705A}

    Windows Live Sync-->MsiExec.exe /X{CD19EDD9-1632-4002-9212-7478E4BA0423}

    Windows Live Toolbar-->MsiExec.exe /X{E51109E7-3818-4BC2-B3FD-A59AC2378A2B}

    Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}

    ======Security center information======

    AV: AVG Anti-Virus Free

    AS: Spyware Doctor (disabled) (outdated)

    AS: AVG Anti-Virus Free (disabled)

    AS: Windows Defender

    ======System event log======

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-23_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141401

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-22_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141400

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-21_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141399

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-20_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141398

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-19_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141397

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    =====Application event log=====

    Computer Name: 26L2233B2-11

    Event Code: 1003

    Message: De Windows Search-service is gestart.

    Record Number: 5

    Source Name: Microsoft-Windows-Search

    Time Written: 20080629121357.000000-000

    Event Type: Informatie

    User:

    Computer Name: 26L2233B2-11

    Event Code: 5615

    Message: De Windows Management Instrumentation-service is gestart

    Record Number: 4

    Source Name: Microsoft-Windows-WMI

    Time Written: 20080629121356.000000-000

    Event Type: Informatie

    User:

    Computer Name: LH-HG2NIAUCTXNV

    Event Code: 4625

    Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.

    Record Number: 3

    Source Name: Microsoft-Windows-EventSystem

    Time Written: 20080629121349.000000-000

    Event Type: Informatie

    User:

    Computer Name: LH-HG2NIAUCTXNV

    Event Code: 900

    Message: De Software Licensing-service wordt gestart.

    Record Number: 2

    Source Name: Microsoft-Windows-Security-Licensing-SLC

    Time Written: 20080629121348.000000-000

    Event Type: Informatie

    User:

    Computer Name: LH-HG2NIAUCTXNV

    Event Code: 1531

    Message: De User Profile-service is gestart.

    Record Number: 1

    Source Name: Microsoft-Windows-User Profiles Service

    Time Written: 20080629121348.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    =====Security event log=====

    Computer Name: Bons

    Event Code: 4648

    Message: Poging tot aanmelden met expliciete referenties.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: BONS$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Account waarvan de referenties zijn gebruikt:

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Doelserver:

    Naam van doelserver: localhost

    Aanvullende gegevens: localhost

    Procesgegevens:

    Proces-id: 0x274

    Procesnaam: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Netwerkadres: -

    Poort: -

    Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

    Record Number: 24265

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091505.494800-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4672

    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Bevoegdheden: SeAssignPrimaryTokenPrivilege

    SeTcbPrivilege

    SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeAuditPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    Record Number: 24264

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091456.275200-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4624

    Message: Er is een account aangemeld.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: BONS$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldingstype: 5

    Nieuwe aanmelding:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Procesgegevens:

    Proces-id: 0x274

    Naam proces: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Naam van werkstation:

    Netwerkadres van bron: -

    Poort van bron: -

    Gedetailleerde verificatiegegevens:

    Aanmeldingsproces: Advapi

    Verificatiepakket: Negotiate

    Doorgezette services: -

    Pakketnaam (alleen NTLM): -

    Sleutellengte: 0

    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

    De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

    Record Number: 24263

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091456.275200-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4648

    Message: Poging tot aanmelden met expliciete referenties.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: BONS$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Account waarvan de referenties zijn gebruikt:

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Doelserver:

    Naam van doelserver: localhost

    Aanvullende gegevens: localhost

    Procesgegevens:

    Proces-id: 0x274

    Procesnaam: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Netwerkadres: -

    Poort: -

    Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

    Record Number: 24262

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091456.275200-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4672

    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Bevoegdheden: SeAssignPrimaryTokenPrivilege

    SeTcbPrivilege

    SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeAuditPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    Record Number: 24261

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091402.654400-000

    Event Type: Controle geslaagd

    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe

    "FP_NO_HOST_CHECK"=NO

    "OS"=Windows_NT

    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Users\karin\Desktop;C:\Users\karin\Desktop\Samsung PC Studio;C:\Program Files\QuickTime\QTSystem\

    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

    "PROCESSOR_ARCHITECTURE"=x86

    "TEMP"=%SystemRoot%\TEMP

    "TMP"=%SystemRoot%\TEMP

    "USERNAME"=SYSTEM

    "windir"=%SystemRoot%

    "PROCESSOR_LEVEL"=6

    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

    "PROCESSOR_REVISION"=0f0d

    "NUMBER_OF_PROCESSORS"=2

    "asl.log"=Destination=file;OnFirstLog=command,environment,parent

    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------

    ---------- Post toegevoegd om 09:40 ---------- Vorige post was om 09:38 ----------

    Logfile of random's system information tool 1.08 (written by random/random)

    Run by Loet at 2010-07-22 11:31:28

    Microsoft® Windows Vista™ Home Premium Service Pack 2

    System drive C: has 205 GB (67%) free of 305 GB

    Total RAM: 2046 MB (44% free)

    Logfile of Trend Micro HijackThis v2.0.4

    Scan saved at 11:31:41, on 22-7-2010

    Platform: Windows Vista SP2 (WinNT 6.00.1906)

    MSIE: Internet Explorer v8.00 (8.00.6001.18904)

    Boot mode: Normal

    Running processes:

    C:\Windows\system32\Dwm.exe

    C:\Windows\Explorer.EXE

    C:\Program Files\Microsoft IntelliPoint\ipoint.exe

    C:\Program Files\Common Files\Java\Java Update\jusched.exe

    C:\Program Files\iTunes\iTunesHelper.exe

    C:\Windows\RTHDCPL.exe

    C:\Program Files\AVG\AVG9\avgtray.exe

    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\ehome\ehtray.exe

    C:\Program Files\Windows Media Player\wmpnscfg.exe

    C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

    C:\Windows\ehome\ehmsas.exe

    C:\Program Files\Windows Sidebar\sidebar.exe

    C:\Windows\System32\mobsync.exe

    C:\Windows\system32\wbem\unsecapp.exe

    C:\Windows\system32\taskeng.exe

    C:\Program Files\Windows Mail\WinMail.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe

    C:\Program Files\Internet Explorer\iexplore.exe

    C:\Users\Loet\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9U0JC3QC\RSIT[1].exe

    C:\Program Files\trend micro\Loet.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ziggo.nl/

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

    O1 - Hosts: ::1 localhost

    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

    O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

    O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

    O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

    O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

    O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

    O4 - HKCU\..\Run: [sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun

    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

    O4 - HKCU\..\Run: [Google Update] "C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe" /c

    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s

    O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

    O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

    O8 - Extra context menu item: Add to Windows &Live Favorites - Welcome to Windows Live

    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

    O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab3.cab

    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldnl-nl.cab

    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab

    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://www.ziggo.nl/f-secure/ols/fscax.cab

    O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game04.zylom.com/activex/zylomgamesplayer.cab

    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

    O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

    O20 - AppInit_DLLs: avgrsstx.dll

    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

    O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

    O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

    O23 - Service: Google Updateservice (gupdate1c9daf56f322610) (gupdate1c9daf56f322610) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

    O23 - Service: SAMSUNG WiselinkPro Service (WiselinkPro) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe

    --

    End of file - 8691 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\Google Software Updater.job

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000Core.job

    C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-839889018-2924812836-2156126128-1000UA.job

    C:\Windows\tasks\User_Feed_Synchronization-{2083E536-0F16-4A8C-807B-F95E2A396555}.job

    C:\Windows\tasks\User_Feed_Synchronization-{44AD6497-E86E-4FEE-9923-9751DE1BC652}.job

    C:\Windows\tasks\User_Feed_Synchronization-{C41E66D5-43C4-426E-A03D-8880F1C4B312}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

    Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

    AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-07-21 1619296]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

    C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2005-05-31 853672]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

    Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

    Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-26 764912]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

    Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

    Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

    Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

    "IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-08-31 1037736]

    "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

    "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]

    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]

    "RTHDCPL"=C:\Windows\RTHDCPL.EXE [2006-06-28 16248320]

    "SoundMan"=C:\Windows\SOUNDMAN.EXE [2006-05-04 86016]

    "AlcWzrd"=C:\Windows\ALCWZRD.EXE [2006-05-04 2808832]

    "Alcmtr"=C:\Windows\ALCMTR.EXE [2005-05-03 69632]

    "AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-07-01 2065760]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-09-08 68856]

    "Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2009-04-11 1233920]

    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

    "Google Update"=C:\Users\Loet\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-22 133104]

    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    "TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2009-11-13 247144]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

    "AppInit_DLLs"="avgrsstx.dll"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

    "dontdisplaylastusername"=0

    "legalnoticecaption"=

    "legalnoticetext"=

    "shutdownwithoutlogon"=1

    "undockwithoutlogon"=1

    "EnableUIADesktopToggle"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

    "BindDirectlyToPropertySetStorage"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-07-22 11:31:28 ----D---- C:\rsit

    2010-07-05 20:16:07 ----D---- C:\Users\Loet\AppData\Roaming\Malwarebytes

    2010-07-05 20:15:58 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys

    2010-07-05 20:15:57 ----D---- C:\ProgramData\Malwarebytes

    2010-07-05 20:15:57 ----A---- C:\Windows\system32\drivers\mbam.sys

    2010-07-05 20:15:56 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

    2010-07-04 11:50:19 ----D---- C:\Program Files\Trend Micro

    2010-07-03 18:47:14 ----D---- C:\Users\Loet\AppData\Roaming\AVG9

    2010-07-01 18:41:56 ----A---- C:\Windows\system32\avgrsstx.dll

    2010-07-01 18:41:55 ----A---- C:\Windows\system32\drivers\avgrkx86.sys

    2010-07-01 18:41:54 ----A---- C:\Windows\system32\drivers\avgtdix.sys

    2010-07-01 18:41:48 ----A---- C:\Windows\system32\drivers\avgldx86.sys

    2010-07-01 18:41:47 ----A---- C:\Windows\system32\drivers\avgmfx86.sys

    2010-07-01 18:41:42 ----D---- C:\Windows\system32\drivers\Avg

    2010-07-01 18:39:04 ----D---- C:\ProgramData\avg9

    2010-07-01 18:13:29 ----R---- C:\Windows\system32\RtlCPAPI.dll

    2010-07-01 18:13:29 ----R---- C:\Windows\SkyTel.exe

    2010-07-01 18:13:09 ----R---- C:\Windows\SoundMan.exe

    2010-07-01 18:13:06 ----R---- C:\Windows\RtlUpd.exe

    2010-07-01 18:13:03 ----R---- C:\Windows\RTLCPL.exe

    2010-07-01 18:12:57 ----R---- C:\Windows\system32\drivers\RtkHDAud.Sys

    2010-07-01 18:12:48 ----R---- C:\Windows\RTHDCPL.exe

    2010-07-01 18:12:44 ----R---- C:\Windows\MicCal.exe

    2010-07-01 18:12:41 ----R---- C:\Windows\Alcmtr.exe

    2010-07-01 18:12:40 ----R---- C:\Windows\alcwzrd.exe

    2010-07-01 18:12:15 ----R---- C:\Windows\RtlExUpd.dll

    2010-07-01 11:18:07 ----A---- C:\Windows\DIFxAPI.dll

    2010-07-01 11:17:57 ----HD---- C:\Program Files\Temp

    2010-07-01 10:07:08 ----D---- C:\Program Files\iPod

    2010-07-01 10:07:07 ----D---- C:\Program Files\iTunes

    2010-07-01 10:02:13 ----D---- C:\Windows\system32\catroot2

    2010-07-01 10:01:54 ----D---- C:\Program Files\Bonjour

    2010-06-30 13:10:10 ----D---- C:\Windows\system32\catroot2(830)

    2010-06-30 13:09:59 ----D---- C:\Program Files\Microsoft Security Essentials

    2010-06-29 20:15:36 ----D---- C:\Program Files\Microsoft Windows 7 Upgrade Advisor

    2010-06-28 13:52:12 ----D---- C:\Program Files\iPod(115)

    2010-06-28 13:52:11 ----D---- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

    2010-06-28 13:52:10 ----D---- C:\Program Files\iTunes(116)

    2010-06-28 13:47:03 ----D---- C:\Program Files\Bonjour(23)

    ======List of files/folders modified in the last 1 months======

    2010-07-22 11:31:41 ----D---- C:\Windows\Prefetch

    2010-07-22 11:31:29 ----D---- C:\Windows\Temp

    2010-07-22 11:20:13 ----D---- C:\Program Files\Hitman Pro

    2010-07-22 11:14:26 ----D---- C:\ProgramData\Spybot - Search & Destroy

    2010-07-22 09:48:01 ----AD---- C:\ProgramData\TEMP

    2010-07-22 09:39:54 ----D---- C:\Program Files\SpywareBlaster

    2010-07-22 09:24:16 ----D---- C:\Windows\System32

    2010-07-22 09:24:16 ----D---- C:\Windows\inf

    2010-07-22 09:24:16 ----A---- C:\Windows\system32\PerfStringBackup.INI

    2010-07-22 01:35:10 ----D---- C:\Windows

    2010-07-21 22:16:44 ----D---- C:\ProgramData\Google Updater

    2010-07-20 22:42:29 ----RD---- C:\Users

    2010-07-19 15:58:15 ----SHD---- C:\System Volume Information

    2010-07-11 20:06:31 ----D---- C:\Windows\system32\drivers

    2010-07-08 13:35:13 ----D---- C:\Users\Loet\AppData\Roaming\Vso

    2010-07-05 20:15:57 ----HD---- C:\ProgramData

    2010-07-05 20:15:56 ----RD---- C:\Program Files

    2010-07-04 11:50:20 ----SHD---- C:\Windows\Installer

    2010-07-04 11:50:20 ----SD---- C:\Users\Loet\AppData\Roaming\Microsoft

    2010-07-01 18:13:29 ----D---- C:\Windows\system32\RTCOM

    2010-07-01 18:13:21 ----D---- C:\Windows\system32\catroot

    2010-07-01 18:12:37 ----D---- C:\Program Files\Realtek

    2010-07-01 18:12:35 ----HD---- C:\Program Files\InstallShield Installation Information

    2010-07-01 10:07:07 ----D---- C:\ProgramData\Apple Computer

    2010-07-01 10:07:07 ----D---- C:\Program Files\Common Files\Apple

    2010-07-01 10:06:15 ----D---- C:\Program Files\QuickTime

    2010-07-01 00:55:12 ----D---- C:\Windows\Debug

    2010-06-30 20:08:01 ----D---- C:\Windows\SoftwareDistribution

    2010-06-30 19:41:33 ----D---- C:\Windows\system32\catroot2.bak

    2010-06-30 19:39:59 ----D---- C:\Windows\system32\Msdtc

    2010-06-30 19:39:59 ----D---- C:\Program Files\TomTom HOME 2

    2010-06-30 19:39:56 ----D---- C:\Windows\system32\wbem

    2010-06-30 19:34:54 ----D---- C:\Windows\system32\config

    2010-06-30 19:34:04 ----D---- C:\Windows\winsxs

    2010-06-30 19:34:03 ----D---- C:\Windows\Tasks

    2010-06-30 19:34:03 ----D---- C:\Windows\system32\Tasks

    2010-06-30 19:34:03 ----D---- C:\Windows\system32\spool

    2010-06-30 19:34:02 ----D---- C:\Windows\rescache

    2010-06-30 19:34:01 ----D---- C:\Users\Loet\AppData\Roaming\IrfanView

    2010-06-30 19:33:43 ----D---- C:\Program Files\NVIDIA Corporation

    2010-06-30 19:33:31 ----D---- C:\Windows\registration

    2010-06-30 13:10:08 ----SD---- C:\ProgramData\Microsoft

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-07-01 52872]

    R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2006-04-02 42368]

    R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-07-01 216400]

    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-07-01 29584]

    R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-07-01 243024]

    R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2008-09-15 5632]

    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RtkHDAud.sys [2006-06-28 4304384]

    R3 JGOGO;JMicron Hot-Plug Driver; C:\Windows\system32\DRIVERS\JGOGO.sys [2006-02-07 6912]

    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]

    R3 Point32;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point32k.sys [2007-08-21 24064]

    R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-12-20 234016]

    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

    S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]

    S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

    S3 IKFileSec;File Security Driver; C:\Windows\system32\drivers\ikfilesec.sys [2008-06-02 42376]

    S3 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-06-02 66952]

    S3 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-06-10 81288]

    S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]

    S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]

    S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]

    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]

    S3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-02-26 81408]

    S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]

    S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]

    S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]

    S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]

    R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-07-01 308136]

    R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]

    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-11 129640]

    R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2009-11-13 92008]

    R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]

    S2 gupdate1c9daf56f322610;Google Updateservice (gupdate1c9daf56f322610); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-22 133104]

    S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]

    S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]

    S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]

    S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]

    S3 WiselinkPro;SAMSUNG WiselinkPro Service; C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe [2009-01-08 4136960]

    -----------------EOF-----------------

    info.txt logfile of random's system information tool 1.08 2010-07-22 11:31:43

    ======Uninstall list======

    Aangifte inkomstenbelasting 2008-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2008\ib2008u.exe

    Aangifte inkomstenbelasting 2009-->C:\Program Files\Belastingdienst\Aangifte inkomstenbelasting\2009\ib2009u.exe

    Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG

    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex

    Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

    Adobe Reader 9.3.3 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A93000000001}

    Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log

    Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}

    Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}

    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

    AVG 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL

    Bicycle Board Games-->"C:\Program Files\Microsoft Games\Bicycle Board Games\UNINSTAL.EXE" /runtemp /addremove

    Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}

    CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

    DX-Ball 1.09-->C:\PROGRA~1\DX-Ball\UNWISE.EXE C:\PROGRA~1\DX-Ball\INSTALL.LOG

    EPSON Attach To Email-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{20C45B32-5AB6-46A4-94EF-58950CAF05E5} /l1033 ADDREMOVEDLG

    EPSON Copy Utility 3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67EDD823-135A-4D59-87BD-950616D6E857}\SETUP.EXE" -l0x13 -UnInstall

    EPSON Easy Photo Print-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}\SETUP.EXE" -l0x13 UNINST

    EPSON File Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E86BC406-944E-41F6-ADE6-2C136734C96B}\Setup.exe" -l0x13 UNINST

    EPSON Scan Assistant-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}\Setup.exe" -l0x13 -u

    EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

    EPSON-printersoftware-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R

    ESDX4000_4050_CX3900-->C:\Program Files\EPSON\TPMANUAL\ESDX4000_4050_CX3900\USE_G\DOCUNINS.EXE

    Extensie voor Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{91897B2C-B407-48C2-A76C-E6AC47A9B6A0}

    Google Earth-->MsiExec.exe /X{F7B0939E-58DF-11DF-B3A6-005056806466}

    Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall

    Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

    Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

    Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall

    HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

    Hitman Pro-->"C:\Program Files\Hitman Pro\unins000.exe"

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

    Huur- en zorgtoeslag 2008-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2008\hz2008u.exe

    Huur- en zorgtoeslag 2009-->C:\Program Files\Belastingdienst\Huur- en zorgtoeslag\2009\hz2009u.exe

    IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe

    iTunes-->MsiExec.exe /I{7AB3A249-FB81-416B-917A-A2A10E74C503}

    Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}

    Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

    Jewel Quest-->C:\PROGRA~1\GAMEHO~1\JEWELQ~1\UNWISE.EXE /U C:\PROGRA~1\GAMEHO~1\JEWELQ~1\INSTALL.LOG

    Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

    King's Mahjongg-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{357E7551-C1D9-11D7-B63B-00C04F4351FF}\setup.exe" -l0x13

    Kyodai 4.34-->"C:\Windows\kyoun.exe" "C:\Program Files\Kyodai 4.34" "C:\Users\tineke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\"

    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

    Markeringviewer (Windows Live Toolbar)-->MsiExec.exe /X{1509FC50-85B6-4F17-8223-423B86BF7FE3}

    Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

    Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

    Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

    Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

    Microsoft Office 2000 Premium-->MsiExec.exe /I{00000413-78E1-11D2-B60F-006097C998E7}

    Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

    Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

    Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

    MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

    MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

    Nannoid 1.0-->"C:\Program Files\Nannoid\unins000.exe"

    NVIDIA Display Control Panel-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe DisplayControlPanel

    NVIDIA Drivers-->C:\Program Files\NVIDIA Corporation\Uninstall\nvuninst.exe UninstallGUI

    PIF DESIGNER-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B90450DF-E781-46FD-B1F1-0C86DA40E443}\SETUP.EXE" -l0x13 anything

    PVSonyDll-->MsiExec.exe /I{3D3E663D-4E7E-4577-A560-7ECDDD45548A}

    QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D}

    Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x13 -removeonly

    REALTEK GbE & FE Ethernet PCI NIC Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\Setup.exe" -l0x13 -removeonly

    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x13 -removeonly

    SAMSUNG CDMA Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

    SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

    SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

    SAMSUNG PC Share Manager-->"C:\Program Files\InstallShield Installation Information\{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}\setup.exe" -runfromtemp -l0x0413 -removeonly

    SAMSUNG PC Share Manager-->MsiExec.exe /I{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}

    Samsung PC Studio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x13 -removeonly

    Scale2Scale -->"C:\Windows\th_inst2.exe" -u "C:\Program Files\Scale2Scale\Uninstall0"

    Smart Menu's (Windows Live Toolbar)-->MsiExec.exe /X{DC54F2F8-C26F-4D22-B92D-7075BC626106}

    Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

    Spybot - Search & Destroy 1.5.2.20-->"C:\Windows\unins000.exe"

    Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG

    SpywareBlaster 4.1-->"C:\Program Files\SpywareBlaster\unins000.exe"

    System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe

    Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

    TomTom HOME 2.7.3.1894-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe

    TomTom HOME Visual Studio Merge Modules-->MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

    VideoLAN VLC media player 0.8.6h-->C:\Program Files\VLC\uninstall.exe

    Vodafone WCDMA Composite Device Drive Software-->C:\Windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe

    VSO Image Resizer 2.0.1.11b-->"C:\Program Files\VSO\Image Resizer\unins000.exe"

    Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

    Windows Live aanmeldhulp-->MsiExec.exe /I{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}

    Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}

    Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

    Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

    Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}

    Windows Live Favorites voor Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}

    Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}

    Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646}

    Windows Live Photo Gallery-->MsiExec.exe /X{11005483-57F9-400C-BF9F-CBC47540705A}

    Windows Live Sync-->MsiExec.exe /X{CD19EDD9-1632-4002-9212-7478E4BA0423}

    Windows Live Toolbar-->MsiExec.exe /X{E51109E7-3818-4BC2-B3FD-A59AC2378A2B}

    Windows Resource Kit Tools - SubInAcl.exe-->MsiExec.exe /X{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}

    ======Security center information======

    AV: AVG Anti-Virus Free

    AS: Spyware Doctor (disabled) (outdated)

    AS: AVG Anti-Virus Free (disabled)

    AS: Windows Defender

    ======System event log======

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-23_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141401

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-22_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141400

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-21_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141399

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-20_neutral_GDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141398

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    Computer Name: Bons

    Event Code: 4383

    Message: Update 976325-19_neutral_LDR van pakket KB976325 (Security Update) is ingesteld op status Oplossen(Resolving)

    Record Number: 141397

    Source Name: Microsoft-Windows-Servicing

    Time Written: 20091209084741.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    =====Application event log=====

    Computer Name: 26L2233B2-11

    Event Code: 1003

    Message: De Windows Search-service is gestart.

    Record Number: 5

    Source Name: Microsoft-Windows-Search

    Time Written: 20080629121357.000000-000

    Event Type: Informatie

    User:

    Computer Name: 26L2233B2-11

    Event Code: 5615

    Message: De Windows Management Instrumentation-service is gestart

    Record Number: 4

    Source Name: Microsoft-Windows-WMI

    Time Written: 20080629121356.000000-000

    Event Type: Informatie

    User:

    Computer Name: LH-HG2NIAUCTXNV

    Event Code: 4625

    Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.

    Record Number: 3

    Source Name: Microsoft-Windows-EventSystem

    Time Written: 20080629121349.000000-000

    Event Type: Informatie

    User:

    Computer Name: LH-HG2NIAUCTXNV

    Event Code: 900

    Message: De Software Licensing-service wordt gestart.

    Record Number: 2

    Source Name: Microsoft-Windows-Security-Licensing-SLC

    Time Written: 20080629121348.000000-000

    Event Type: Informatie

    User:

    Computer Name: LH-HG2NIAUCTXNV

    Event Code: 1531

    Message: De User Profile-service is gestart.

    Record Number: 1

    Source Name: Microsoft-Windows-User Profiles Service

    Time Written: 20080629121348.000000-000

    Event Type: Informatie

    User: NT AUTHORITY\SYSTEEM

    =====Security event log=====

    Computer Name: Bons

    Event Code: 4648

    Message: Poging tot aanmelden met expliciete referenties.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: BONS$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Account waarvan de referenties zijn gebruikt:

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Doelserver:

    Naam van doelserver: localhost

    Aanvullende gegevens: localhost

    Procesgegevens:

    Proces-id: 0x274

    Procesnaam: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Netwerkadres: -

    Poort: -

    Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

    Record Number: 24265

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091505.494800-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4672

    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Bevoegdheden: SeAssignPrimaryTokenPrivilege

    SeTcbPrivilege

    SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeAuditPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    Record Number: 24264

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091456.275200-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4624

    Message: Er is een account aangemeld.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: BONS$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldingstype: 5

    Nieuwe aanmelding:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Procesgegevens:

    Proces-id: 0x274

    Naam proces: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Naam van werkstation:

    Netwerkadres van bron: -

    Poort van bron: -

    Gedetailleerde verificatiegegevens:

    Aanmeldingsproces: Advapi

    Verificatiepakket: Negotiate

    Doorgezette services: -

    Pakketnaam (alleen NTLM): -

    Sleutellengte: 0

    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

    De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

    Record Number: 24263

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091456.275200-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4648

    Message: Poging tot aanmelden met expliciete referenties.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: BONS$

    Accountdomein: WORKGROUP

    Aanmeldings-id: 0x3e7

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Account waarvan de referenties zijn gebruikt:

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Doelserver:

    Naam van doelserver: localhost

    Aanvullende gegevens: localhost

    Procesgegevens:

    Proces-id: 0x274

    Procesnaam: C:\Windows\System32\services.exe

    Netwerkgegevens:

    Netwerkadres: -

    Poort: -

    Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

    Record Number: 24262

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091456.275200-000

    Event Type: Controle geslaagd

    User:

    Computer Name: Bons

    Event Code: 4672

    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

    Onderwerp:

    Beveiligings-id: S-1-5-18

    Accountnaam: SYSTEEM

    Accountdomein: NT AUTHORITY

    Aanmeldings-id: 0x3e7

    Bevoegdheden: SeAssignPrimaryTokenPrivilege

    SeTcbPrivilege

    SeSecurityPrivilege

    SeTakeOwnershipPrivilege

    SeLoadDriverPrivilege

    SeBackupPrivilege

    SeRestorePrivilege

    SeDebugPrivilege

    SeAuditPrivilege

    SeSystemEnvironmentPrivilege

    SeImpersonatePrivilege

    Record Number: 24261

    Source Name: Microsoft-Windows-Security-Auditing

    Time Written: 20090109091402.654400-000

    Event Type: Controle geslaagd

    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe

    "FP_NO_HOST_CHECK"=NO

    "OS"=Windows_NT

    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Users\karin\Desktop;C:\Users\karin\Desktop\Samsung PC Studio;C:\Program Files\QuickTime\QTSystem\

    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

    "PROCESSOR_ARCHITECTURE"=x86

    "TEMP"=%SystemRoot%\TEMP

    "TMP"=%SystemRoot%\TEMP

    "USERNAME"=SYSTEM

    "windir"=%SystemRoot%

    "PROCESSOR_LEVEL"=6

    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

    "PROCESSOR_REVISION"=0f0d

    "NUMBER_OF_PROCESSORS"=2

    "asl.log"=Destination=file;OnFirstLog=command,environment,parent

    "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

    -----------------EOF-----------------

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

    Download ComboFix van één van deze locaties:

    Link 1

    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

    Lees hier meer over correct gebruik van Combofix.

    Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen: Klik hier Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

    • Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.
    • ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd. Als deze Recovery Console al is geïnstalleerd zal ComboFix automatisch verder gaan met het scannen naar malware
    • Volg anders de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren. Wanneer de Recovery Console succesvol is geïnstalleerd, klik je op “JA” om verder te gaan met het scannen naar malware.

    NOTA: Wanneer ComboFix start, kan het zijn dat je een foutmelding krijgt dat “De inhoud van het ComboFix pakket werd gewijzigd”. Ga dan niet verder met de instructies, maar download ComboFix opnieuw. Deze melding kan verschijnen wanneer een file-infector (Virut) actief is op de computer. Blijf je die melding krijgen dan meld je dit.

    Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites

    Malware mag je nu wel uitsluiten als oorzaak van je problemen. Verwijder zeker Combofix via Start -> Uitvoeren en typ: ComboFix /Uninstall

    Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

    Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

    Deel dit bericht


    Link naar bericht
    Delen op andere sites
    Gast
    Dit topic is nu gesloten voor nieuwe reacties.
    Log in om dit te volgen  

    • Welkom op PC Helpforum

    • Leden statistieken

      • Aantal leden
        39.347
      • Meeste online
        1.765

      Nieuwste lid
      maxke
      Registratiedatum
    • Gerelateerde inhoud

      • Door bennieboef
        Hallo Allemaal,

        Mijn macro zoekt in een windows map op de volgende manier : "prd." + <cell value> + ".dld"
        Het probleem is dat er niet wordt gezocht in inderliggende bmappen

        Hier de macro :

        Option Explicit

        Sub Find_DLD()
        Dim AckTime As Integer, InfoBox As Object
        Dim iRow As Integer ' ROW COUNTER.
        Dim sSourcePath As String, currentpath As String
        Dim sDestinationPath As String
        Dim sFileType As String
        Dim sFileType1 As String

        Dim bContinue As Boolean

        bContinue = True
        iRow = 2

        ' THE SOURCE AND DESTINATION FOLDER WITH PATH.
        sSourcePath = "S:"
        sFileType = ".dld" ' TRY WITH OTHER FILE TYPES LIKE ".pdf".
        sFileType1 = "prd."


        ' LOOP THROUGH COLUMN "B" TO PICK THE FILES.
        While bContinue

        If Len(Range("E" & CStr(iRow)).Value) = 0 Then ' DO NOTHING IF THE COLUMN IS BLANK.
        Set InfoBox = CreateObject("WScript.Shell")
        AckTime = 1
        Select Case InfoBox.Popup("Klaar.", _
        AckTime, "Hieperdepiep", 0)
        Case 1, -1
        Exit Sub
        End Select
        Else
        ' CHECK IF FILES EXISTS.

        If Len(Dir(sSourcePath & sFileType1 & Range("E" & CStr(iRow)).Value & sFileType)) = 0 Then
        Range("F" & CStr(iRow)).Value = "Geen kantprogramma"
        Range("F" & CStr(iRow)).Font.Bold = True
        Else
        Range("F" & CStr(iRow)).Value = "Kantprogramma bestaat!"
        Range("F" & CStr(iRow)).Font.Bold = False

        End If
        End If
        iRow = iRow + 1 ' INCREMENT ROW COUNTER.
        Wend
        End Sub

        Het zou fantastisch zijn al iemand deze code zo kan aanpassen dat de macro ook in de onderliggende mappen van s:\ gaat zoeken.

        Alvast bedankt voor jullie hulp.
         
        Bijlage :  bestand met macro.
        Controle dxf + kantprogramma.xlsm
      • Door SAHAT
        Hallo allemaal, ik ben nieuw hier.
         
        Ik zou graag mijn contextmenu willen opschonen (zie bijlagen), alleen weet ik niet hoe ik dit moet doen.
        Zo zou ik bijvoorbeeld graag "Kopiëren naar", "Snelkoppeling maken",  "Verwijderen" en "Op apparaat weergeven" uit mijn file context menu willen halen. Niet alleen de locaties die de pijltjes weergeven, maar de kopjes zelf ook.
        Uit mijn explorer context menu zou ik graag "Delen met" wilen verwijderen.
        Ook, indien mogelijk, dat een nieuw tekstdocument aanmaken (via explorer context menu) niet via "Nieuw --> Tekstdocument" gaat maar dat "Tekstdocument" gewoon in (explorer) contextmenu staat onder de andere opties.
         
        Ik weet bijna zeker dat dit mogelijk is, maar hoe weet ik niet..
         

         

         

      • Door JDAV
        Ik weet niet of dit ermee te maken heeft maar sinds ik mijn laptop op mijn stagebedrijf heb gebruikt (met de wifi daar) heb ik dit probleem. Ik probeer de scannen, en krijg dan de melding dat het programma is uitgeschakeld. Hopelijk kunnen jullie helpen en wordt het niet erger. Ik gebruik Windows 8.1, 64.
      • Door Frans van wessel
        Geachte heer Karel ,
        Ik heb wimdows 7 ultimate 64 bits geinstalleerd en Systeem herstel en backup wekt niet.
        Heeft u daar een oplossing voor ?
        Met vriendelijke groet,
        Frans v. Wessel
      • Door gwnAndy
        I am going to build a new pc verry soon, my old pc just has all of the files on one 1T hdd but i want to try an (M.2) ssd. I would like to only have the Windows folder on an ssd but not my other folders in the 'C:' drive letter (users, program files, program files (x86), ...) those i would like to have on an 2T hdd but still being in the same 'C:' drive letter, while i have tried many tutorials i can't find anything appropriate for what i would like to achieve. If you know how ik could achieve this please let me know.
         
        tanks in advance
    Logo

    OVER ONS

    PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

    ×
    ×
    • Nieuwe aanmaken...

    Belangrijke informatie

    We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.