Verzoek om te kijken naar mijn logs.

MarcelJnl

25-03-2013 22:04

Ik heb behoorlijk wat problemen gehad met mijn Acer laptop, die lijken nu opgelost vandaar mijn verzoek weer eens te kijken.
lleen mijn IE8 doet nog wat vreemd qua afsluiten, langzaam. Ook Vista afsluiten duurt lang.
dank jullie wel voor de moeite.
info.txt logfile of random's system information tool 1.09 2013-03-25 21:54:07
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe” -uninstall
–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe” -uninstall
32 Bit HP CIO Components Installer–>MsiExec.exe /I{A80FA752-C491-4ED9-ABF0-4278563160B2}
Acer Arcade Deluxe–>“C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe” /z-uninstall
Acer Crystal Eye Webcam 2.0.8–>C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x0009 -removeonly
Acer eDataSecurity Management–>C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL
Acer Empowering Technology–>“C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe” -runfromtemp -l0x0013 -removeonly
Acer ePower Management–>“C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe” -runfromtemp -l0x0013 -removeonly
Acer eRecovery Management–>“C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe” -runfromtemp -l0x0013 -removeonly
Acer eSettings Management–>“C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe” -runfromtemp -l0x0013 -removeonly
Acer GameZone Console 2.0.1.1–>“C:\Program Files\Acer GameZone\GameConsole\unins000.exe”
Acer GridVista–>C:\Windows\GVUni.exe GridV.UNI
Acer Mobility Center Plug-In–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe” -l0x13 -removeonly
Acer ScreenSaver–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe” -l0x9 -removeonly
Adobe AIR–>c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR–>MsiExec.exe /I{5AF4B3C4-C393-48D7-AC7E-8E7615579548}
Adobe Flash Player 11 ActiveX–>C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin–>C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin
Adobe Reader X (10.1.6) - Nederlands–>MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AA1000000001}
Adobe Shockwave Player 11.6–>“C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe”
Agere Systems HDA Modem–>agrsmdel
Any Video Converter 3.2.7–>“D:\Any Video Converter\unins000.exe”
Apple Application Support–>MsiExec.exe /I{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}
Apple Mobile Device Support–>MsiExec.exe /I{E14ADE0E-75F3-4A46-87E5-26692DD626EC}
Apple Software Update–>MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
AVG 2013–>“C:\Program Files\AVG\AVG2013\avgmfapx.exe” /AppMode=SETUP /Uninstall
AVG 2013–>MsiExec.exe /I{2C9099E2-D6CA-49AF-AA6F-CD75EF3D4C6E}
AVG 2013–>MsiExec.exe /I{34D54E98-A8FA-4970-A625-2EC73F91FAB3}
BearShare–>“C:\ProgramData\{13DE8C74-66E1-4E45-9B6C-0C9D98FE41B9}\BearShare_V10_nl_Setup.exe” REMOVE=TRUE MODIFY=FALSE
BearShare–>C:\ProgramData\{13DE8C74-66E1-4E45-9B6C-0C9D98FE41B9}\BearShare_V10_nl_Setup.exe
Bonjour–>MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}
CCleaner–>“C:\Program Files\CCleaner\uninst.exe”
D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=“”
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=“”
inSSIDer–>MsiExec.exe /I{F8A10A25-D8DD-4661-9A1E-7F6DBAAA3C5E}
Intel(R) Graphics Media Accelerator Driver–>C:\Windows\system32\igxpun.exe -uninstall
iTunes–>MsiExec.exe /I{47C6C88F-FA95-49C8-B57D-5C5F093738E1}
Java 7 Update 17–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217017FF}
Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
K-Lite Codec Pack 4.5.8 (Full) BETA–>“D:\K-Lite Codec Pack\unins000.exe”
Launch Manager–>C:\Windows\UNINST32.EXE LManager.UNI
Malwarebytes Anti-Malware versie 1.70.0.1100–>“D:\Software\Malwarebytes' Anti-Malware\unins000.exe”
Marvell Miniport Driver–>C:\Program Files\Marvell\Miniport Driver\Uninst.exe
Mesh Runtime–>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Messenger Companion–>MsiExec.exe /I{8142D25E-028A-4563-86ED-5755783C8029}
Microsoft .NET Framework 3.5 Language Pack SP1 - nld–>MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}
Microsoft .NET Framework 3.5 SP1–>c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1–>MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile NLD Language Pack–>MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}
Microsoft .NET Framework 4 Client Profile–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile–>MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office Access MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office Outlook Connector–>MsiExec.exe /X{95140000-007A-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007–>MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007–>“C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007–>MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007–>MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
Microsoft Office Publisher MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007–>MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007–>MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition –>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219–>MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Works–>MsiExec.exe /I{A2A0A82F-025F-458D-A0CD-9BB2320804B5}
MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)–>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MyTomTom 3.2.0.802–>C:\Program Files\MyTomTom 3\Uninstall MyTomTom3.exe
NTI Backup Now 5–>C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0413
NTI Media Maker 8–>C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0413
Numa's Wereld versie 2.1–>“C:\Users\Macel\AppData\Roaming\Numa's Wereld\unins000.exe”
PhotoNow!–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe” -uninstall
QuickTime–>MsiExec.exe /I{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}
Realtek High Definition Audio Driver–>RtlUpd.exe -r -m -nrg2709
Realtek USB 2.0 Card Reader–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe” -l0x9 -removeonly
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=“”
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=“”
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {939AF4BC-EC42-38D1-AE82-91D4A7ED8911} /qb+ REBOOTPROMPT=“”
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)–>c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)–>c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Segoe UI–>MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
Skype™ 5.10–>MsiExec.exe /X{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
swMSM–>MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver–>rundll32.exe “C:\Program Files\Synaptics\SynTP\SynISDLL.dll”,standAloneUninstall
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL–>c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP
TomTom HOME Visual Studio Merge Modules–>MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
TomTom HOME–>MsiExec.exe /I{26CE484D-2E8E-40D5-B251-158133114C69}
Twonky 7–>C:\Program Files\Twonky\TwonkyServer\UninstallTwonkyServer.exe
Update for 2007 Microsoft Office System (KB967642)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)–>C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=“”
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {525A4A44-8940-40AD-ABA0-14501199D2F0}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition–>msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F5F9C863-59A7-40CA-8D86-E27D6B1D2617}
Update voor Microsoft Office Excel 2007 Help (KB963678)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
Visual Studio C++ 10.0 Runtime–>MsiExec.exe /I{4412F224-3849-4461-A3E9-DEEF8D252790}
Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials–>C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials–>MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Family Safety–>MsiExec.exe /I{DF33FDAF-22DE-4E3E-AFF7-A8648B473596}
Windows Live Family Safety–>MsiExec.exe /X{2D6E3D97-1FDF-4993-AC75-72F59EC445C5}
Windows Live ID Sign-in Assistant–>MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail–>MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen–>MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Mesh–>MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh–>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Messenger Companion Core–>MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
Windows Live Messenger–>MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}
Windows Live Messenger–>MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live MIME IFilter–>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker–>MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Photo Common–>MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery–>MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform–>MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live Remote Client Resources–>MsiExec.exe /I{F0CCBE54-9132-44E9-82DF-CD364AD5C22D}
Windows Live Remote Client–>MsiExec.exe /I{19A4A990-5343-4FF7-B3B5-6F046C091EDF}
Windows Live Remote Service Resources–>MsiExec.exe /I{845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}
Windows Live Remote Service–>MsiExec.exe /I{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources–>MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer–>MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
======Security center information======
AS: Windows Defender
======System event log======
Computer Name: PC_van_Marcel.Marcel
Event Code: 7036
Message: De TPM Base Services-service heeft nu de status gestopt.
Record Number: 266974
Source Name: Service Control Manager
Time Written: 20121225092521.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 7036
Message: De KtmRm for Distributed Transaction Coordinator-service heeft nu de status wordt uitgevoerd.
Record Number: 266973
Source Name: Service Control Manager
Time Written: 20121225092521.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 7036
Message: De Microsoft .NET Framework NGEN v4.0.30319_X86-service heeft nu de status gestopt.
Record Number: 266972
Source Name: Service Control Manager
Time Written: 20121225092520.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 7036
Message: De Microsoft .NET Framework NGEN v4.0.30319_X86-service heeft nu de status wordt uitgevoerd.
Record Number: 266971
Source Name: Service Control Manager
Time Written: 20121225092520.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 7036
Message: De Background Intelligent Transfer Service-service heeft nu de status wordt uitgevoerd.
Record Number: 266970
Source Name: Service Control Manager
Time Written: 20121225092520.000000-000
Event Type: Informatie
User:
=====Application event log=====
Computer Name: PC_van_Marcel.Marcel
Event Code: 1033
Message: Deze beleidsinstellingen zijn uitgesloten omdat ze alleen zijn gedefinieerd met het kenmerk ‘alleen overschrijven’.
Beleidsnamen=(IIS-W3SVC-MaxConcurrentRequests) (Telnet-Client-EnableTelnetClient) (Telnet-Client-EnableTelnetClient_w) (Telnet-Server-EnableTelnetServer) (Telnet-Server-EnableTelnetServer_w)
Id van toepassing=55c92734-d682-4d71-983e-d6ec3f16059f
Id van SKU=bffdc375-bbd5-499d-8ef1-4f37b61c895f
Record Number: 31801
Source Name: Microsoft-Windows-Security-Licensing-SLC
Time Written: 20120126142540.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 6000
Message: De kennisgevingssubscriber van winlogon was niet beschikbaar om een kennisgevingsgebeurtenis te verwerken.
Record Number: 31800
Source Name: Microsoft-Windows-Winlogon
Time Written: 20120126142539.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 4101
Message: De licentie van Windows is gevalideerd.
Record Number: 31799
Source Name: Microsoft-Windows-Winlogon
Time Written: 20120126142539.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 4625
Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 31798
Source Name: Microsoft-Windows-EventSystem
Time Written: 20120126142536.000000-000
Event Type: Informatie
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 1531
Message: De User Profile-service is gestart.
Record Number: 31797
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20120126142536.000000-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEEM
=====Security event log=====
Computer Name: PC_van_Marcel.Marcel
Event Code: 4907
Message: De controle-instellingen voor een object zijn gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_MARCEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Object:
Objectserver: Security
Objecttype: File
Objectnaam: C:\Windows\System32\jsproxy.dll
Ingangs-id: 0x14
Procesgegevens:
Proces-id: 0xf24
Procesnaam: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Controle-instellingen:
Oorspronkelijke security descriptor:
Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 71285
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120817071730.783776-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 4907
Message: De controle-instellingen voor een object zijn gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_MARCEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Object:
Objectserver: Security
Objecttype: File
Objectnaam: C:\Windows\System32\ieUnatt.exe
Ingangs-id: 0x14
Procesgegevens:
Proces-id: 0xf24
Procesnaam: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Controle-instellingen:
Oorspronkelijke security descriptor:
Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 71284
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120817071730.768176-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 4907
Message: De controle-instellingen voor een object zijn gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_MARCEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Object:
Objectserver: Security
Objecttype: File
Objectnaam: C:\Windows\System32\ieframe.dll
Ingangs-id: 0x14
Procesgegevens:
Proces-id: 0xf24
Procesnaam: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Controle-instellingen:
Oorspronkelijke security descriptor:
Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 71283
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120817071730.768176-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 4907
Message: De controle-instellingen voor een object zijn gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_MARCEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Object:
Objectserver: Security
Objecttype: File
Objectnaam: C:\Windows\System32\mshtml.dll
Ingangs-id: 0x14
Procesgegevens:
Proces-id: 0xf24
Procesnaam: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Controle-instellingen:
Oorspronkelijke security descriptor:
Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 71282
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120817071730.752576-000
Event Type: Controle geslaagd
User:
Computer Name: PC_van_Marcel.Marcel
Event Code: 4907
Message: De controle-instellingen voor een object zijn gewijzigd.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: PC_VAN_MARCEL$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Object:
Objectserver: Security
Objecttype: File
Objectnaam: C:\Windows\System32\iertutil.dll
Ingangs-id: 0x14
Procesgegevens:
Proces-id: 0xf24
Procesnaam: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.0.6002.18005_none_0b4ada54c46c45b0\poqexec.exe
Controle-instellingen:
Oorspronkelijke security descriptor:
Nieuwe security descriptor: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 71281
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120817071730.752576-000
Event Type: Controle geslaagd
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“Path”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Acer\Empowering Technology\eDataSecurity;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Windows Live\Shared;D:\QTSystem;D:\QTSystem\
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
“PROCESSOR_ARCHITECTURE”=x86
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“USERNAME”=SYSTEM
“windir”=%SystemRoot%
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 15 Stepping 13, GenuineIntel
“PROCESSOR_REVISION”=0f0d
“NUMBER_OF_PROCESSORS”=2
“TRACE_FORMAT_SEARCH_PATH”=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
“DFSTRACINGON”=FALSE
“Pathtem”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
“NTIPath”=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;
“PSModulePath”=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
“asl.log”=Destination=file
“CLASSPATH”=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
“QTJAVA”=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
—————–EOF—————–
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Databaseversie: v2013.03.22.12
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19401
Macel :: PC_VAN_MARCEL
25-3-2013 21:39:06
mbam-log-2013-03-25 (21-39-06).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 214598
Verstreken tijd: 10 minuut/minuten, 19 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
# AdwCleaner v2.115 - Verslag gemaakt op 25/03/2013 om 21:32:56
# Geactualiseerd op 17/03/2013 door Xplode
# Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Gebruiker : Macel - PC_VAN_MARCEL
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Marcel\Desktop\adwcleaner.exe
# Optie
***** *****
***** *****
Map Verwijdert : C:\ProgramData\Babylon
Map Verwijdert : C:\ProgramData\Browser Manager
Map Verwijdert : C:\Users\Macel\AppData\Local\PackageAware
Map Verwijdert : C:\Users\Macel\AppData\LocalLow\BabylonToolbar
Verwijdert bij het opstarten : C:\Program Files\Common Files\AVG Secure Search
***** *****
Data Verwijdert : HKLM\..\Windows = D:\Muziek\BEARSH~2\BEARSH~1\Mediabar\Datamngr\datamngr.dll
Data Verwijdert : HKLM\..\Windows = D:\Muziek\BEARSH~2\BEARSH~1\Mediabar\Datamngr\IEBHO.dll
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\InstallCore
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijdert : HKCU\Software\Softonic
Sleutel Verwijdert : HKLM\Software\AVG Security Toolbar
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B939CF93-F2CB-443D-956C-DC523D85C9DB}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
***** *****
-\\ Internet Explorer v8.0.6001.19401
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v
File : C:\Users\Macel\AppData\Local\Google\Chrome\User Data\Default\Preferences
De file bevat geen enkele ongeoorloofde invoer.
-\\ Opera v
File : C:\Users\Macel\AppData\Roaming\Opera\Opera\operaprefs.ini
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
fazantje

25-03-2013 22:19

Hoi Marcel,
Zou je even het goeie logje van RSIT willen plaatsen.
Je hebt nu de infomap geplaatst.
Ga naar C - RSIT en open het bestand “log”.
Kopieer en plak deze even hier.
Groetjes Huib;)
MarcelJnl

25-03-2013 22:23

Logfile of random's system information tool 1.09 (written by random/random)
Run by Macel at 2013-03-25 21:54:00
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 57 GB (50%) free of 114 GB
Total RAM: 3000 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:54:04, on 25-3-2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19401)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\conime.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Macel\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Marcel\Desktop\RSIT.exe
C:\Program Files\trend micro\Macel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0811&m=aspire_5735
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2013\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: “C:\Program Files\AVG SafeGuard toolbar\vprot.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Marcel
O17 - HKLM\Software\..\Telephony: DomainName = Marcel
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Marcel
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TwonkyProxy - Unknown owner - C:\Program Files\Twonky\TwonkyServer\twonkyproxy.exe
O23 - Service: TwonkyServer - PacketVideo - C:\Program Files\Twonky\TwonkyServer\twonkystarter.exe
O23 - Service: TwonkyWebDav - Unknown owner - C:\Program Files\Twonky\TwonkyServer\twonkywebdav.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe (file missing)
–
End of file - 8435 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\User_Feed_Synchronization-{F1268727-C864-48D0-B2B4-06EE4C51843E}.job
======Registry dump======
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll
ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Windows Live Messenger Companion Helper - C:\Program Files\Windows Live\Companion\companioncore.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
“RtHDVCpl”=C:\Windows\RtHDVCpl.exe
“LManager”=C:\PROGRA~1\LAUNCH~1\LManager.exe
“ePower_DMC”=C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
“IgfxTray”=C:\Windows\system32\igfxtray.exe
“HotKeysCmds”=C:\Windows\system32\hkcmd.exe
“Persistence”=C:\Windows\system32\igfxpers.exe
“Adobe ARM”=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“APSDaemon”=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
“SunJavaUpdateSched”=C:\Program Files\Common Files\Java\Java Update\jusched.exe
“AVG_UI”=C:\Program Files\AVG\AVG2013\avgui.exe
“vProt”=C:\Program Files\AVG SafeGuard toolbar\vprot.exe
“WMPNSCFG”=C:\Program Files\Windows Media Player\WMPNSCFG.exe
“ehTray.exe”=C:\Windows\ehome\ehTray.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
D:\Software\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
C:\Users\Macel\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\MyTomTom 3\MyTomTomSA.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\PLFSetI.exe
D:\QTTask.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Windows Defender\MSASCui.exe
0
C:\PROGRA~1\Twonky\TWONKY~1\TWONKY~4.EXE
C:\Users\Macel\AppData\Roaming\Dropbox\bin\Dropbox.exe
“AppInit_DLLs”=“ C:\PROGRA~2\Wincert\WIN32C~1.DLL”
C:\Windows\system32\igfxdev.dll
“EnableLUA”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“EnableUIADesktopToggle”=0
“NoDriveTypeAutoRun”=255
“NoDrives”=0
“BindDirectlyToPropertySetStorage”=0
“NoDrives”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“VIDC.UYVY”=msyuv.dll
“VIDC.YUY2”=msyuv.dll
“VIDC.YVYU”=msyuv.dll
“VIDC.IYUV”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“VIDC.YVU9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“MSVideo8”=VfWWDM32.dll
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“msacm.siren”=sirenacm.dll
“VIDC.DIVX”=divx.dll
“VIDC.XVID”=xvidvfw.dll
“VIDC.YV12”=yv12vfw.dll
“msacm.ac3acm”=ac3acm.acm
“msacm.lameacm”=lameACM.acm
“VIDC.FFDS”=ff_vfw.dll
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“aux2”=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-03-25 21:54:00 —-D—- C:\rsit
2013-03-25 21:32:56 —-A—- C:\AdwCleaner.txt
2013-03-23 06:41:14 —-SHD—- C:\Config.Msi
2013-03-22 18:48:48 —-D—- C:\ProgramData\AVG SafeGuard toolbar
2013-03-22 18:44:22 —-D—- C:\Users\Macel\AppData\Roaming\AVG2013
2013-03-22 18:43:00 —-D—- C:\Users\Macel\AppData\Roaming\TuneUp Software
2013-03-22 18:42:38 —-A—- C:\Windows\system32\drivers\avgtpx86.sys
2013-03-22 18:42:27 —-D—- C:\Program Files\AVG SafeGuard toolbar
2013-03-22 18:40:34 —-HD—- C:\$AVG
2013-03-22 18:40:34 —-D—- C:\ProgramData\AVG2013
2013-03-22 18:38:36 —-D—- C:\Program Files\AVG
2013-03-22 18:35:38 —-HD—- C:\ProgramData\Common Files
2013-03-22 18:35:38 —-D—- C:\ProgramData\MFAData
2013-03-22 17:28:53 —-D—- C:\Program Files\Probit Software
2013-03-22 12:27:38 —-A—- C:\Windows\system32\drivers\usb8023x.sys
2013-03-22 12:27:38 —-A—- C:\Windows\system32\drivers\usb8023.sys
2013-03-22 12:26:09 —-D—- C:\7f152c0366f027f61103579d3cce727f
2013-03-21 12:10:01 —-D—- C:\Users\Macel\AppData\Roaming\KSafe
2013-03-21 12:10:01 —-D—- C:\ProgramData\KSafe
2013-03-21 12:09:52 —-HD—- C:\KSafeRecycle
2013-03-21 12:09:46 —-D—- C:\Users\Macel\AppData\Roaming\kingsoft
2013-03-21 12:09:43 —-D—- C:\ProgramData\Kingsoft
2013-03-21 12:09:35 —-D—- C:\Program Files\Kingsoft
2013-03-21 10:34:16 —-D—- C:\Users\Macel\AppData\Roaming\Fighters
2013-03-21 10:33:25 —-D—- C:\ProgramData\Fighters
2013-03-20 17:22:12 —-D—- C:\Users\Macel\AppData\Roaming\Windows Live Writer
2013-03-19 22:20:30 —-D—- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2013-03-18 09:21:12 —-A—- C:\Windows\system32\wininet.dll
2013-03-18 09:21:12 —-A—- C:\Windows\system32\urlmon.dll
2013-03-18 09:21:12 —-A—- C:\Windows\system32\msfeedsbs.dll
2013-03-18 09:21:12 —-A—- C:\Windows\system32\licmgr10.dll
2013-03-18 09:21:12 —-A—- C:\Windows\system32\ieUnatt.exe
2013-03-18 09:21:12 —-A—- C:\Windows\system32\iernonce.dll
2013-03-18 09:21:12 —-A—- C:\Windows\system32\iedkcs32.dll
2013-03-18 09:21:11 —-A—- C:\Windows\system32\occache.dll
2013-03-18 09:21:11 —-A—- C:\Windows\system32\msfeeds.dll
2013-03-18 09:21:11 —-A—- C:\Windows\system32\iesysprep.dll
2013-03-18 09:21:11 —-A—- C:\Windows\system32\iesetup.dll
2013-03-18 09:21:09 —-A—- C:\Windows\system32\ieframe.dll
2013-03-18 09:21:07 —-A—- C:\Windows\system32\url.dll
2013-03-18 09:21:07 —-A—- C:\Windows\system32\mstime.dll
2013-03-18 09:21:07 —-A—- C:\Windows\system32\mshtmled.dll
2013-03-18 09:21:07 —-A—- C:\Windows\system32\jsproxy.dll
2013-03-18 09:21:07 —-A—- C:\Windows\system32\ieui.dll
2013-03-18 09:21:07 —-A—- C:\Windows\system32\iepeers.dll
2013-03-18 09:21:06 —-A—- C:\Windows\system32\mshtml.dll
2013-03-18 09:21:05 —-A—- C:\Windows\system32\msfeedssync.exe
2013-03-18 09:21:05 —-A—- C:\Windows\system32\ie4uinit.exe
2013-03-18 09:21:04 —-A—- C:\Windows\system32\iertutil.dll
2013-03-16 09:30:36 —-D—- C:\Program Files\Common Files\Java
2013-03-16 09:30:20 —-A—- C:\Windows\system32\javaws.exe
2013-03-16 09:30:06 —-A—- C:\Windows\system32\WindowsAccessBridge.dll
2013-03-16 09:30:06 —-A—- C:\Windows\system32\javaw.exe
2013-03-16 09:30:06 —-A—- C:\Windows\system32\java.exe
2013-03-10 21:11:44 —-D—- C:\ProgramData\WindowsSearch
2013-03-10 12:38:12 —-D—- C:\ProgramData\TwonkyServer
2013-03-10 12:38:10 —-D—- C:\Users\Macel\AppData\Roaming\TwonkyServer
2013-03-10 12:38:02 —-D—- C:\Program Files\Twonky
2013-03-09 18:33:59 —-A—- C:\Windows\system32\npdeployJava1.dll
2013-03-01 10:32:20 —-A—- C:\Windows\system32\drivers\avgidsshimx.sys
2013-03-01 07:57:02 —-D—- C:\Users\Macel\AppData\Roaming\DriverCure
2013-03-01 07:57:01 —-D—- C:\Users\Macel\AppData\Roaming\ParetoLogic
2013-03-01 07:56:50 —-D—- C:\ProgramData\ParetoLogic
2013-03-01 07:56:50 —-D—- C:\Program Files\ParetoLogic
2013-02-26 23:40:46 —-A—- C:\Windows\system32\drivers\avgidsdriverx.sys
======List of files/folders modified in the last 1 month======
2013-03-25 21:54:04 —-D—- C:\Program Files\Trend Micro
2013-03-25 21:51:05 —-D—- C:\Windows\temp
2013-03-25 21:50:51 —-D—- C:\Windows\system32\drivers
2013-03-25 21:36:45 —-D—- C:\Windows
2013-03-25 21:36:18 —-D—- C:\Program Files\Common Files
2013-03-25 21:33:03 —-D—- C:\ProgramData
2013-03-25 17:29:31 —-SHD—- C:\System Volume Information
2013-03-25 07:54:35 —-D—- C:\Windows\System32
2013-03-25 07:54:35 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-03-23 07:13:52 —-D—- C:\Users\Macel\AppData\Roaming\Apple Computer
2013-03-23 06:41:32 —-SHD—- C:\Windows\Installer
2013-03-22 18:42:27 —-RD—- C:\Program Files
2013-03-22 18:32:46 —-D—- C:\ProgramData\AVAST Software
2013-03-22 18:30:09 —-SD—- C:\Windows\system32\Microsoft
2013-03-22 18:13:50 —-D—- C:\Windows\pss
2013-03-22 13:43:58 —-D—- C:\Windows\inf
2013-03-22 12:36:48 —-D—- C:\Windows\winsxs
2013-03-22 12:26:09 —-D—- C:\Windows\system32\catroot2
2013-03-22 12:25:14 —-D—- C:\Windows\system32\catroot
2013-03-22 12:22:22 —-D—- C:\Windows\Tasks
2013-03-22 12:11:23 —-D—- C:\Windows\system32\Tasks
2013-03-22 12:11:17 —-D—- C:\Windows\system32\wbem
2013-03-22 12:10:26 —-D—- C:\Windows\system32\config
2013-03-22 12:09:26 —-D—- C:\Windows\system32\spool
2013-03-22 12:09:26 —-D—- C:\Windows\system32\Msdtc
2013-03-22 12:09:25 —-SD—- C:\Windows\Downloaded Program Files
2013-03-22 12:09:25 —-RSD—- C:\Windows\Media
2013-03-22 12:09:25 —-RD—- C:\Windows\Offline Web Pages
2013-03-22 12:09:25 —-D—- C:\Windows\system32\drivers\UMDF
2013-03-22 12:09:25 —-D—- C:\Windows\system32\CodeIntegrity
2013-03-22 12:09:25 —-D—- C:\Windows\rescache
2013-03-22 12:09:04 —-HD—- C:\ProgramData\{13DE8C74-66E1-4E45-9B6C-0C9D98FE41B9}
2013-03-22 12:09:02 —-HD—- C:\Program Files\InstallShield Installation Information
2013-03-22 12:09:02 —-D—- C:\Program Files\NewTech Infosystems
2013-03-22 12:09:01 —-D—- C:\Program Files\CCleaner
2013-03-22 12:08:59 —-RD—- C:\MSOCache
2013-03-22 12:08:28 —-D—- C:\Windows\registration
2013-03-22 12:07:32 —-D—- C:\Windows\PolicyDefinitions
2013-03-22 12:07:32 —-D—- C:\Program Files\Internet Explorer
2013-03-22 11:46:10 —-RSD—- C:\Windows\assembly
2013-03-22 11:40:27 —-D—- C:\Program Files\Intel
2013-03-22 11:38:20 —-D—- C:\Intel
2013-03-22 09:19:09 —-D—- C:\Windows\system32\LogFiles
2013-03-22 08:58:39 —-D—- C:\Windows\AppPatch
2013-03-21 12:11:34 —-D—- C:\Windows\Debug
2013-03-19 12:17:58 —-D—- C:\Acer
2013-03-19 11:55:55 —-D—- C:\Windows\Logs
2013-03-19 08:01:08 —-D—- C:\Program Files\Common Files\Apple
2013-03-18 10:57:07 —-D—- C:\Windows\system32\migration
2013-03-18 09:01:47 —-D—- C:\Windows\system32\nl-NL
2013-03-18 09:01:46 —-D—- C:\Windows\system32\en-US
2013-03-18 08:34:00 —-D—- C:\Windows\Panther
2013-03-16 09:33:09 —-D—- C:\Program Files\Common Files\Adobe AIR
2013-03-16 09:29:32 —-A—- C:\Windows\system32\deployJava1.dll
2013-03-16 09:29:25 —-D—- C:\Program Files\Java
2013-03-13 10:59:32 —-A—- C:\Windows\system32\FlashPlayerApp.exe
2013-03-13 09:34:01 —-D—- C:\Program Files\Microsoft Silverlight
2013-03-13 09:14:41 —-A—- C:\Windows\system32\mrt.exe
2013-03-13 09:14:26 —-D—- C:\ProgramData\Microsoft Help
2013-03-07 00:32:42 —-A—- C:\Windows\system32\aswBoot.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys
R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys
R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl
R2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys
R2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys
R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys
R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys
R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys
S3 BthAvrcp;Bluetooth AVRCP-profiel; C:\Windows\system32\DRIVERS\BthAvrcp.sys
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\DRIVERS\BthEnum.sys
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys
S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys
S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys
S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys
S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys
S3 NSCIRDA;NSC Infrared Device Driver; C:\Windows\system32\DRIVERS\nscirda.sys
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys
S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2013\avgwdsvc.exe
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe
R2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
R2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
R2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
R2 TwonkyProxy;TwonkyProxy; C:\Program Files\Twonky\TwonkyServer\twonkyproxy.exe
R2 TwonkyServer;TwonkyServer; C:\Program Files\Twonky\TwonkyServer\twonkystarter.exe
R2 TwonkyWebDav;TwonkyWebDav; C:\Program Files\Twonky\TwonkyServer\twonkywebdav.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
S2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe
S2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe
S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–
fazantje

25-03-2013 22:42

Hoi Marcel,
Download Combofix hier en plaats het op jou bureaublad.
Schakel nu eerst jou virusscanner uit.
Deze gaat weer aan nadat computer opnieuw is opgestart.
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt
van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
De scan kan, afhankelijk van de besmetting 40 tot wel 100 minuten duren, dus denk niet van hij zit vast.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats in jou volgende bericht het logje van Combofix.
Succes,
Huib;)
MarcelJnl

26-03-2013 08:31

Alsjeblieft Huib;
ComboFix 13-03-25.01 - Macel 26-03-2013 8:08.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.31.1043.18.3000.2011
Gestart vanuit: c:\users\Marcel\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Public\sdelevURL.tmp
c:\windows\IsUn0413.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-02-26 to 2013-03-26 ))))))))))))))))))))))))))))))
.
.
2013-03-26 07:18 . 2013-03-26 07:19 ——– d—–w- c:\users\Macel\AppData\Local\temp
2013-03-26 07:18 . 2013-03-26 07:18 ——– d—–w- c:\users\Default\AppData\Local\temp
2013-03-25 20:54 . 2013-03-25 20:59 ——– d—–w- C:\rsit
2013-03-25 20:37 . 2013-03-25 20:37 ——– d—–w- c:\users\Macel\AppData\Local\AVG Secure Search
2013-03-22 17:48 . 2013-03-22 17:48 ——– d—–w- c:\programdata\AVG SafeGuard toolbar
2013-03-22 17:44 . 2013-03-22 17:44 ——– d—–w- c:\users\Macel\AppData\Roaming\AVG2013
2013-03-22 17:44 . 2013-03-22 17:44 ——– d—–w- c:\users\Macel\AppData\Local\AVG SafeGuard toolbar
2013-03-22 17:43 . 2013-03-22 17:43 ——– d—–w- c:\users\Macel\AppData\Roaming\TuneUp Software
2013-03-22 17:42 . 2013-03-22 17:41 33112 —-a-w- c:\windows\system32\drivers\avgtpx86.sys
2013-03-22 17:42 . 2013-03-22 17:42 ——– d—–w- c:\program files\AVG SafeGuard toolbar
2013-03-22 17:40 . 2013-03-22 17:43 ——– d—–w- c:\programdata\AVG2013
2013-03-22 17:40 . 2013-03-22 17:40 ——– d—–w- C:\$AVG
2013-03-22 17:38 . 2013-03-22 17:38 ——– d—–w- c:\program files\AVG
2013-03-22 17:35 . 2013-03-25 16:25 ——– d—–w- c:\programdata\MFAData
2013-03-22 17:35 . 2013-03-23 05:41 ——– d—–w- c:\users\Macel\AppData\Local\Avg2013
2013-03-22 17:35 . 2013-03-22 17:35 ——– d–h–w- c:\programdata\Common Files
2013-03-22 17:35 . 2013-03-22 17:35 ——– d—–w- c:\users\Macel\AppData\Local\MFAData
2013-03-22 16:57 . 2013-03-15 07:21 7108640 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{34B1F528-D749-40C3-88E5-8892D9BA26BE}\mpengine.dll
2013-03-22 16:28 . 2013-03-22 16:28 ——– d—–w- c:\program files\Probit Software
2013-03-22 13:08 . 2013-03-22 13:09 ——– d—–w- c:\users\Macel\Backup vista
2013-03-22 11:27 . 2013-02-12 01:57 15872 —-a-w- c:\windows\system32\drivers\usb8023x.sys
2013-03-22 11:27 . 2013-02-12 01:57 15872 —-a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-22 11:26 . 2013-03-22 11:28 ——– d—–w- C:\7f152c0366f027f61103579d3cce727f
2013-03-22 07:57 . 2013-03-22 07:57 ——– d—–w- c:\users\Macel\AppData\Local\ElevatedDiagnostics
2013-03-21 11:11 . 2013-03-21 11:11 ——– d—–w- c:\users\Macel\AppData\Local\KSafe
2013-03-21 11:10 . 2013-03-21 11:10 ——– d—–w- c:\users\Macel\AppData\Roaming\KSafe
2013-03-21 11:10 . 2013-03-21 11:10 ——– d—–w- c:\programdata\KSafe
2013-03-21 11:09 . 2013-03-21 11:09 ——– d—–w- C:\KSafeRecycle
2013-03-21 11:09 . 2013-03-21 11:09 ——– d—–w- c:\users\Macel\AppData\Roaming\kingsoft
2013-03-21 11:09 . 2013-03-21 19:31 ——– d—–w- c:\programdata\Kingsoft
2013-03-21 11:09 . 2013-03-21 11:09 ——– d—–w- c:\program files\Kingsoft
2013-03-21 09:34 . 2013-03-21 09:34 ——– d—–w- c:\users\Macel\AppData\Roaming\Fighters
2013-03-21 09:33 . 2013-03-21 09:33 ——– d—–w- c:\programdata\Fighters
2013-03-20 16:22 . 2013-03-20 16:22 ——– d—–w- c:\users\Macel\AppData\Roaming\Windows Live Writer
2013-03-20 16:22 . 2013-03-20 16:22 ——– d—–w- c:\users\Macel\AppData\Local\Windows Live Writer
2013-03-19 21:21 . 2013-03-19 21:21 ——– d—–w- c:\users\Macel\AppData\Local\Microsoft Corporation
2013-03-19 21:20 . 2013-03-19 21:20 ——– d—–w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2013-03-16 08:30 . 2013-03-16 08:30 ——– d—–w- c:\program files\Common Files\Java
2013-03-16 08:30 . 2013-03-16 08:29 94112 —-a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-03-10 20:11 . 2013-03-10 20:11 ——– d—–w- c:\programdata\WindowsSearch
2013-03-10 11:38 . 2013-03-26 06:51 ——– d—–w- c:\programdata\TwonkyServer
2013-03-10 11:38 . 2013-03-10 11:38 ——– d—–w- c:\users\Macel\AppData\Roaming\TwonkyServer
2013-03-10 11:38 . 2013-03-10 11:38 ——– d—–w- c:\program files\Twonky
2013-03-09 17:33 . 2013-03-16 08:29 861088 —-a-w- c:\windows\system32\npdeployJava1.dll
2013-03-01 09:32 . 2013-03-01 09:32 22328 —-a-w- c:\windows\system32\drivers\avgidsshimx.sys
2013-03-01 06:57 . 2013-03-01 06:57 ——– d—–w- c:\users\Macel\AppData\Roaming\DriverCure
2013-03-01 06:57 . 2013-03-01 06:57 ——– d—–w- c:\users\Macel\AppData\Roaming\ParetoLogic
2013-03-01 06:56 . 2013-03-01 06:58 ——– d—–w- c:\programdata\ParetoLogic
2013-03-01 06:56 . 2013-03-01 06:56 ——– d—–w- c:\program files\ParetoLogic
2013-02-26 22:40 . 2013-02-26 22:40 208184 —-a-w- c:\windows\system32\drivers\avgidsdriverx.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-16 08:29 . 2011-08-23 16:14 782240 —-a-w- c:\windows\system32\deployJava1.dll
2013-03-13 09:59 . 2012-03-29 20:19 693976 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 09:59 . 2011-08-09 08:04 73432 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:32 . 2013-02-07 07:29 228600 —-a-w- c:\windows\system32\aswBoot.exe
2013-02-14 02:52 . 2013-02-14 02:52 182072 —-a-w- c:\windows\system32\drivers\avgtdix.sys
2013-02-08 03:37 . 2013-02-08 03:37 96568 —-a-w- c:\windows\system32\drivers\avgmfx86.sys
2013-02-08 03:37 . 2013-02-08 03:37 245048 —-a-w- c:\windows\system32\drivers\avglogx.sys
2013-02-08 03:37 . 2013-02-08 03:37 60216 —-a-w- c:\windows\system32\drivers\avgidshx.sys
2013-02-08 03:37 . 2013-02-08 03:37 170808 —-a-w- c:\windows\system32\drivers\avgldx86.sys
2013-02-08 03:37 . 2013-02-08 03:37 39224 —-a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-01-17 00:28 . 2012-02-10 20:45 232336 ——w- c:\windows\system32\MpSigStub.exe
2013-01-05 05:26 . 2013-02-13 16:07 3602808 —-a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-05 05:26 . 2013-02-13 16:07 3550072 —-a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 11:28 . 2013-02-13 16:07 905576 —-a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-04 01:38 . 2013-02-13 16:07 2048512 —-a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
@=“{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}”
2012-06-30 04:19 94208 —-a-w- c:\users\Macel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
@=“{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}”
2012-06-30 04:19 94208 —-a-w- c:\users\Macel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
@=“{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}”
2012-06-30 04:19 94208 —-a-w- c:\users\Macel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
@=“{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}”
2012-06-30 04:19 94208 —-a-w- c:\users\Macel\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
@=“{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}”
2008-05-14 15:05 121392 —-a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe”
“ehTray.exe”=“c:\windows\ehome\ehTray.exe”
.
“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe”
“RtHDVCpl”=“RtHDVCpl.exe”
“LManager”=“c:\progra~1\LAUNCH~1\LManager.exe”
“ePower_DMC”=“c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe”
“IgfxTray”=“c:\windows\system32\igfxtray.exe”
“HotKeysCmds”=“c:\windows\system32\hkcmd.exe”
“Persistence”=“c:\windows\system32\igfxpers.exe”
“Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“APSDaemon”=“c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“AVG_UI”=“c:\program files\AVG\AVG2013\avgui.exe”
“vProt”=“c:\program files\AVG SafeGuard toolbar\vprot.exe”
.
“EnableLUA”= 0 (0x0)
“EnableUIADesktopToggle”= 0 (0x0)
.
@=“”
.
@=“”
.
@=“”
.
@=“”
.
@=“”
.
@=“Service”
.
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyServer.lnk
backup=c:\windows\pss\TwonkyServer.lnk.CommonStartup
backupExtension=.CommonStartup
.
path=c:\users\Macel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
backup=c:\windows\pss\Dropbox.lnk.Startup
backupExtension=.Startup
.
0
.
2012-12-03 07:35 946352 —-a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
2013-01-28 12:08 59720 —-a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
2008-04-10 14:30 147456 ——w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
.
2008-04-06 20:42 34040 —-a-w- c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
.
2008-04-10 14:30 167936 ——w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
.
2008-05-14 15:05 526896 —-a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
.
2013-02-18 15:01 152392 —-a-w- c:\program files\iTunes\iTunesHelper.exe
.
2012-09-10 08:17 436728 —-a-w- c:\program files\MyTomTom 3\MyTomTomSA.exe
.
2008-04-18 13:18 167936 —-a-w- c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
.
2007-10-23 08:56 200704 —-a-w- c:\windows\PLFSetI.exe
.
2012-10-25 02:12 421888 —-a-w- D:\QTTask.exe
.
2012-06-21 03:01 247768 —-a-w- c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
2008-01-29 07:03 303104 —-a-w- c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe
.
2008-01-21 02:23 1008184 —-a-w- c:\program files\Windows Defender\MSASCui.exe
.
“DisableMonitoring”=dword:00000001
.
“EnableNotificationsRef”=dword:00000001
.
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Inhoud van de ‘Gedeelde Taken’ map
.
2013-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
.
2013-03-25 c:\windows\Tasks\User_Feed_Synchronization-{F1268727-C864-48D0-B2B4-06EE4C51843E}.job
- c:\windows\system32\msfeedssync.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.startpagina.nl/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0811&m=aspire_5735
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Advanced SystemCare 4 - d:\software\Advanced SystemCare 4\ASCTray.exe
MSConfigStartUp-Google Update - c:\users\Macel\AppData\Local\Google\Update\GoogleUpdate.exe
MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-26 08:19
Windows 6.0.6002 Service Pack 2 NTFS
.
scannen van verborgen processen …
.
scannen van verborgen autostart items …
.
scannen van verborgen bestanden …
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
“ImagePath”=“\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl”
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
“MSCurrentCountry”=dword:000000b5
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
“BlindDial”=dword:00000000
.
Voltooingstijd: 2013-03-26 08:27:34
ComboFix-quarantined-files.txt 2013-03-26 07:27
.
Pre-Run: 66.247.327.744 bytes beschikbaar
Post-Run: 66.523.140.096 bytes beschikbaar
.
- - End Of File - - 89DE3B40B9EFEF5E06BE4DC5F0CEC869
fazantje

26-03-2013 09:38

Hoi Marcel,
Download zoek.exe hier en plaats het op jou bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, deze kunnen in conflict komen met zoek.exe.
Dubbelklik op Zoek.exe om de tool te starten.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
firefoxlook;
chromelook;
;r
“AppInit_DLLs”=-;r
C:\PROGRA~2\Wincert;fs
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop “Run script”.
Wacht nu geduldig af tot er een logje opent, dit kan na een herstart zijn als deze nodig is.
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht.
Succes,
Huib;)
MarcelJnl

26-03-2013 11:06

Hoi Huib,
Daar is t'ie;
Zoek.exe Version 4.0.0.2 Updated 23-03-2013
Tool run by Macel on di 26-03-2013 at 10:56:21,99.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG SafeGuard toolbar\vprot.exe
C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Acer\Mobility Center\MobilityService.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Twonky\TwonkyServer\twonkyproxy.exe
C:\Program Files\Twonky\TwonkyServer\twonkystarter.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Macel\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Twonky\TwonkyServer\twonkywebdav.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\conime.exe
C:\Users\Marcel\Desktop\zoek.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
“AppInit_DLLs”=-
==== Deleting Files \ Folders ======================
“C:\PROGRA~2\Wincert” deleted
“C:\ProgramData\Wincert” deleted
==== System Specs ======================
Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002)
Internet Explorer: 8.0.6001.19401
Memory (RAM): 3001 MB
CPU Info: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz
CPU Speed: 306,7 MHz
Sound Card: Luidsprekers (Realtek High Defi |
Display Adapters: Mobile Intel(R) 4 Series Express Chipset Family | Mobile Intel(R) 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B91 Wireless Network Adapter | Generic Marvell Yukon 88E8071 based Ethernet Controller
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633A
Ports: COM3 LPT Port NOT Present.
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C: 111,6GB | D: 111,6GB
Hard Disks - Free: C: 60,6GB | D: 66,4GB
Manufacturer *: Phoenix Technologies LTD
BIOS Info: AT/AT COMPATIBLE | 08/27/08 | ACRSYS - 6040000
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer CathedralPeak
Sun Java version: 1.7.0_17
Country: Nederland
Language: NLD
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-03-26 07:06:35 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2013-03-26 07:06:35 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2013-03-26 07:06:35 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2013-03-26 07:06:35 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2013-03-26 07:06:35 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
====== C:\Users\Macel\AppData\Local\Temp ====
2013-03-26 07:34:06 B2994EC6452DBD04E57828EEFEDFB93C 204800 —-a-w- C:\Users\Macel\AppData\Local\Temp\RtkBtMnt.exe
====== C:\Windows\system32 =====
2013-03-18 08:21:12 E145388E75DCDF227F7AFA4C4C3D80D6 55296 —-a-w- C:\Windows\System32\msfeedsbs.dll
2013-03-18 08:21:12 D89E8DED2C33FFE2ABCFD2CD8D80A84F 43520 —-a-w- C:\Windows\System32\licmgr10.dll
2013-03-18 08:21:12 D77B49519C94B311EFEC79AB5289F684 55808 —-a-w- C:\Windows\System32\iernonce.dll
2013-03-18 08:21:12 BA22D7F28C0F2CDF91634B239B7A0FF6 1212928 —-a-w- C:\Windows\System32\urlmon.dll
2013-03-18 08:21:12 9E726329B5EB63F607B2B3D7B58C72DE 387584 —-a-w- C:\Windows\System32\iedkcs32.dll
2013-03-18 08:21:12 8E2EBCD935EA8D60E4CBCE07F20824E4 916480 —-a-w- C:\Windows\System32\wininet.dll
2013-03-18 08:21:12 0CDAA7E6BAC5AC524CB33784BD23FE86 133632 —-a-w- C:\Windows\System32\ieUnatt.exe
2013-03-18 08:21:11 FC3CE11060FEA597FF9519816EB35698 1638912 —-a-w- C:\Windows\System32\mshtml.tlb
2013-03-18 08:21:11 DFE68745601D44FF0AC4288C7BFF4EC4 1469440 —-a-w- C:\Windows\System32\inetcpl.cpl
2013-03-18 08:21:11 9B8A5EDF26D42AD93F245B23C2BFD077 71680 —-a-w- C:\Windows\System32\iesetup.dll
2013-03-18 08:21:11 6B5E125BAE8FFC8E0D125C1C61858D66 206848 —-a-w- C:\Windows\System32\occache.dll
2013-03-18 08:21:11 5B67C0900C67EF6B4DE7DD4FA499600F 630272 —-a-w- C:\Windows\System32\msfeeds.dll
2013-03-18 08:21:11 315467E70558C1E8E4091C3B7479DEC7 109056 —-a-w- C:\Windows\System32\iesysprep.dll
2013-03-18 08:21:09 F325BE9BF7B8B5C443784BC954757391 11111424 —-a-w- C:\Windows\System32\ieframe.dll
2013-03-18 08:21:07 B255A0DF178F1E00709B596505653030 164352 —-a-w- C:\Windows\System32\ieui.dll
2013-03-18 08:21:07 8D2C55057EA94409AA8BBB8E1E1C44ED 611840 —-a-w- C:\Windows\System32\mstime.dll
2013-03-18 08:21:07 7435D0809D75B5DBE431697CFF060739 385024 —-a-w- C:\Windows\System32\html.iec
2013-03-18 08:21:07 7131C33FA507999C92C3BCBD8AA250AD 105984 —-a-w- C:\Windows\System32\url.dll
2013-03-18 08:21:07 5964FC275AF3D3D68B6DA8196970EE3D 184320 —-a-w- C:\Windows\System32\iepeers.dll
2013-03-18 08:21:07 382038FDBF88C0642E308A1E16706E06 25600 —-a-w- C:\Windows\System32\jsproxy.dll
2013-03-18 08:21:07 24F562A7D01936570088422FA42D4486 67072 —-a-w- C:\Windows\System32\mshtmled.dll
2013-03-18 08:21:06 9DD03B005D7F3294C14FD76242B1E22D 6011392 —-a-w- C:\Windows\System32\mshtml.dll
2013-03-18 08:21:05 A669C1B40E5D23F5EBE7EF498631B7D1 174080 —-a-w- C:\Windows\System32\ie4uinit.exe
2013-03-18 08:21:05 19EFB0EC56DF0DE1BC4315E16181325B 13312 —-a-w- C:\Windows\System32\msfeedssync.exe
2013-03-18 08:21:04 A22EF74A3DE86B32E1BD7AD3F93F4B93 2004992 —-a-w- C:\Windows\System32\iertutil.dll
2013-03-16 08:30:06 350C713C2D9B9F5549C50A8D3924E789 94112 —-a-w- C:\Windows\System32\WindowsAccessBridge.dll
====== C:\Windows\system32\drivers =====
2013-03-22 17:42:38 DB61A6ECACD9D84405D2F3E411B25409 33112 —-a-w- C:\Windows\System32\drivers\avgtpx86.sys
2013-03-22 11:27:38 8D31A140B55021BBD3A608F5A7AA2E18 15872 —-a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-22 11:27:38 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 —-a-w- C:\Windows\System32\drivers\usb8023x.sys
2013-03-01 09:32:20 A426B2DC795531D99E2EE1952AEC051A 22328 —-a-w- C:\Windows\System32\drivers\avgidsshimx.sys
2013-02-26 22:40:46 1A2213B7D94944861449CB07BF2D099E 208184 —-a-w- C:\Windows\System32\drivers\avgidsdriverx.sys
====== C:\Windows\Tasks ======
2013-03-22 11:22:22 7ACA66824C3D8D7A5BFB8CF4F75B9852 424 —ha-w- C:\Windows\Tasks\User_Feed_Synchronization-{F1268727-C864-48D0-B2B4-06EE4C51843E}.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-03-22 17:42:27 ——– d—–w- C:\Program Files\AVG SafeGuard toolbar
2013-03-22 17:38:36 ——– d—–w- C:\Program Files\AVG
2013-03-22 16:28:53 ——– d—–w- C:\Program Files\Probit Software
2013-03-21 11:09:35 ——– d—–w- C:\Program Files\Kingsoft
2013-03-19 21:20:30 ——– d—–w- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2013-03-10 11:38:02 ——– d—–w- C:\Program Files\Twonky
======= C: =====
2013-03-25 20:32:56 AE82E4136A64EF5464228232F870F868 9705 —-a-w- C:\AdwCleaner.txt
====== C:\Users\Macel\AppData\Roaming ======
2013-03-26 07:27:48 ——– d—–w- C:\users\Public\AppData\Local\temp
2013-03-26 07:27:48 ——– d—–w- C:\users\Marcel\AppData\Local\temp
2013-03-26 07:27:48 ——– d—–w- C:\users\Macel\AppData\Local\temp
2013-03-26 07:27:48 ——– d—–w- C:\users\Default\AppData\Local\temp
2013-03-26 07:27:48 ——– d—–w- C:\users\Default User\AppData\Local\temp
2013-03-25 20:37:22 ——– d—–w- C:\users\Macel\AppData\Local\AVG Secure Search
2013-03-22 17:44:22 ——– d—–w- C:\users\Macel\AppData\Roaming\AVG2013
2013-03-22 17:44:00 ——– d—–w- C:\users\Macel\AppData\Local\AVG SafeGuard toolbar
2013-03-22 17:43:00 ——– d—–w- C:\users\Macel\AppData\Roaming\TuneUp Software
2013-03-22 17:42:42 ——– d—–w- C:\users\Macel\AppData\Locallow\AVG SafeGuard toolbar
2013-03-22 17:35:38 ——– d—–w- C:\users\Macel\AppData\Local\MFAData
2013-03-22 17:35:38 ——– d—–w- C:\users\Macel\AppData\Local\Avg2013
2013-03-22 07:57:49 ——– d—–w- C:\users\Macel\AppData\Local\ElevatedDiagnostics
2013-03-21 11:11:29 ——– d—–w- C:\users\Macel\AppData\Local\KSafe
2013-03-21 11:10:01 ——– d—–w- C:\users\Macel\AppData\Roaming\KSafe
2013-03-21 11:09:46 ——– d—–w- C:\users\Macel\AppData\Roaming\kingsoft
2013-03-21 09:34:16 ——– d—–w- C:\users\Macel\AppData\Roaming\Fighters
2013-03-20 16:22:12 ——– d—–w- C:\users\Macel\AppData\Roaming\Windows Live Writer
2013-03-20 16:22:12 ——– d—–w- C:\users\Macel\AppData\Local\Windows Live Writer
2013-03-19 21:21:55 ——– d—–w- C:\users\Macel\AppData\Local\Microsoft Corporation
2013-03-19 21:04:23 2818A174511F8002A171730F4C5F95CF 38451 —-a-w- C:\users\Macel\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (Windows).ADR
2013-03-10 11:38:10 ——– d—–w- C:\users\Macel\AppData\Roaming\TwonkyServer
2013-03-01 07:12:21 2D3030F02AED43FB82279CCCE1D8FD29 302344 —-a-w- C:\users\Macel\AppData\Local\census.cache
2013-03-01 07:12:02 548BE29AE6994EB5F3203ABA6F1CE7D2 203967 —-a-w- C:\users\Macel\AppData\Local\ars.cache
2013-03-01 07:03:02 2B5DA0EC6D27A09C5BFF391438293F5A 36 —-a-w- C:\users\Macel\AppData\Local\housecall.guid.cache
2013-03-01 06:57:02 ——– d—–w- C:\users\Macel\AppData\Roaming\DriverCure
====== C:\Users\Macel ======
2013-03-26 07:27:48 ——– d—–w- C:\Users\Public\AppData
2013-03-26 07:27:48 ——– d—–w- C:\Users\Marcel\AppData
2013-03-22 17:48:48 ——– d—–w- C:\ProgramData\AVG SafeGuard toolbar
2013-03-22 17:40:34 ——– d—–w- C:\ProgramData\AVG2013
2013-03-22 17:35:38 ——– d–h–w- C:\ProgramData\Common Files
2013-03-22 17:35:38 ——– d—–w- C:\ProgramData\MFAData
2013-03-22 13:08:54 ——– d—–w- C:\Users\Macel\Backup vista
2013-03-21 11:10:01 ——– d—–w- C:\ProgramData\KSafe
2013-03-21 11:09:43 ——– d—–w- C:\ProgramData\Kingsoft
2013-03-21 09:33:25 ——– d—–w- C:\ProgramData\Fighters
2013-03-10 20:11:44 ——– d—–w- C:\ProgramData\WindowsSearch
2013-03-10 11:38:12 ——– d—–w- C:\ProgramData\TwonkyServer
====== C: exe-files ==
2013-03-26 07:34:06 B2994EC6452DBD04E57828EEFEDFB93C 204800 —-a-w- C:\Users\Macel\AppData\Local\temp\RtkBtMnt.exe
2013-03-26 07:06:35 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2013-03-26 07:06:35 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2013-03-26 07:06:35 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2013-03-26 07:06:35 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2013-03-26 07:06:35 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
2013-03-25 20:54:01 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\Trend Micro\Macel.exe
2013-03-25 20:53:52 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Marcel\Desktop\RSIT.exe
2013-03-25 20:32:11 EC4961D7E0F6ACEF4E8446E062048D88 609993 —-a-w- C:\Users\Marcel\Desktop\adwcleaner.exe
2013-03-23 10:34:02 74BE70BA3F0C3E3CA3BD57256FE753F9 4790904 —-a-w- C:\Program Files\AVG\AVG2013\avgcremx.exe
2013-03-22 17:42:27 6E4F82218F1B1DD439364383910BF014 1151152 —-a-w- C:\Program Files\AVG SafeGuard toolbar\vprot.exe
2013-03-22 17:42:27 58DC1DD006BE9F0C6EAB7763F0F48CE3 1042096 —-a-w- C:\Program Files\AVG SafeGuard toolbar\Uninstall.exe
2013-03-22 17:42:27 4DD305C6B5F79AB430F18B4B9609CF62 659632 —-a-w- C:\Program Files\AVG SafeGuard toolbar\lip.exe
2013-03-22 17:42:27 078E71A31BF29B7E267FC57BC6205AB7 510128 —-a-w- C:\Program Files\AVG SafeGuard toolbar\PostInstall.exe
=== C: other files ==
2013-03-22 17:43:42 A024E6A14F2DB7B937B54D19F7297E1F 1394398 —-a-w- C:\Program Files\AVG\AVG2013\banners\banners.zip
2013-03-22 17:43:23 6FC17B023996BF156385BEF0EB135986 323 —-a-w- C:\ProgramData\AVG2013\IDS\config\quarantinedList.zip
2013-03-22 17:42:38 DB61A6ECACD9D84405D2F3E411B25409 33112 —-a-w- C:\Windows\System32\drivers\avgtpx86.sys
2013-03-22 11:27:38 8D31A140B55021BBD3A608F5A7AA2E18 15872 —-a-w- C:\Windows\System32\drivers\usb8023.sys
2013-03-22 11:27:38 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 —-a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_f705a06e\usb8023x.sys
2013-03-22 11:27:38 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 —-a-w- C:\Windows\System32\drivers\usb8023x.sys
==== Startup Registry Enabled ======================
“WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
“SynTPEnh”=“C:\Program Files\Synaptics\SynTP\SynTPEnh.exe”
“RtHDVCpl”=“RtHDVCpl.exe”
“LManager”=“C:\PROGRA~1\LAUNCH~1\LManager.exe”
“ePower_DMC”=“C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe”
“IgfxTray”=“C:\Windows\system32\igfxtray.exe”
“HotKeysCmds”=“C:\Windows\system32\hkcmd.exe”
“Persistence”=“C:\Windows\system32\igfxpers.exe”
“Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“APSDaemon”=“C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
“SunJavaUpdateSched”=“C:\Program Files\Common Files\Java\Java Update\jusched.exe”
“AVG_UI”=“C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY”
“vProt”=“C:\Program Files\AVG SafeGuard toolbar\vprot.exe”
“WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe”
“ehTray.exe”=“C:\Windows\ehome\ehTray.exe”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Adobe ARM”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“APSDaemon”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“ArcadeDeluxeAgent”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\ArcadeDeluxeAgent.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“BkupTray”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BkupTray.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“CLMLServer”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Acer Arcade Deluxe\\Acer Arcade Deluxe\\Kernel\\CLML\\CLMLSvc.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“eDataSecurity Loader”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Acer\\Empowering Technology\\eDataSecurity\\x86\\eDSloader.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“MyTomTomSA.exe”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\MyTomTom 3\\MyTomTomSA.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“PlayMovie”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Acer Arcade Deluxe\\PlayMovie\\PMVService.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“PLFSetI”
“hkey”=“HKLM”
“command”=“C:\\Windows\\PLFSetI.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“QuickTime Task”
“hkey”=“HKLM”
“command”=“\”D:\\QTTask.exe\“ -atboottime”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“TomTomHOME.exe”
“hkey”=“HKCU”
“command”=“\”C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“WarReg_PopUp”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\Acer\\WR_PopUp\\WarReg_PopUp.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Windows Defender”
“hkey”=“HKLM”
“command”=“%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Wisdom-soft ScreenHunter 5.1 Pro”
“hkey”=“HKCU”
“command”=“0”
“path”=“C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\TwonkyServer.lnk”
“backup”=“C:\\Windows\\pss\\TwonkyServer.lnk.CommonStartup”
“backupExtension”=“.CommonStartup”
“command”=“C:\\PROGRA~1\\Twonky\\TWONKY~1\\TWONKY~4.EXE ”
“item”=“TwonkyServer”
“path”=“C:\\Users\\Macel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk”
“backup”=“C:\\Windows\\pss\\Dropbox.lnk.Startup”
“backupExtension”=“.Startup”
“command”=“C:\\Users\\Macel\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup”
“item”=“Dropbox”
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a——
C:\Windows\tasks\User_Feed_Synchronization-{F1268727-C864-48D0-B2B4-06EE4C51843E}.job –ah—– C:\Windows\system32\msfeedssync.exe
==== Chrome Look ======================
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
“Start Page”=“http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0811&m=aspire_5735”
@=“http://www.google.com/search/?q=%s”
New Values:
“Start Page”=“http://www.startpagina.nl/”
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“(Default)”=“http://search.msn.com/results.asp?q=%s”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url=“http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC”
{4D535E6E-8F97-465E-8DC7-3DF2D44F3147} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
==== HijackThis Entries ======================
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: RtHDVCpl.exe
O4 - HKLM\..\Run: C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files\AVG\AVG2013\avgui.exe” /TRAYONLY
O4 - HKLM\..\Run: “C:\Program Files\AVG SafeGuard toolbar\vprot.exe”
O4 - HKCU\..\Run: C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: C:\Windows\ehome\ehTray.exe
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Marcel
O17 - HKLM\Software\..\Telephony: DomainName = Marcel
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = Marcel
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: TwonkyProxy - Unknown owner - C:\Program Files\Twonky\TwonkyServer\twonkyproxy.exe
O23 - Service: TwonkyServer - PacketVideo - C:\Program Files\Twonky\TwonkyServer\twonkystarter.exe
O23 - Service: TwonkyWebDav - Unknown owner - C:\Program Files\Twonky\TwonkyServer\twonkywebdav.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe (file missing)
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Macel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Macel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(20)\Content.IE5 emptied successfully
C:\Users\Macel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(25)\Content.IE5 emptied successfully
C:\Users\Macel\AppData\Local\VirtualStore\Windows\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Macel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Macel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Macel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found
fazantje

26-03-2013 11:15

Hoi Marcel,
De logjes zien er goed uit, hebben de nodige verwijderingen gedaan(tu)
Hoe is het nu met jou probleem:S
Al eens over nagedacht om IE8 te updaten naar IE9?
Zie hier voor IE9.
Groetjes Huib;)
MarcelJnl

26-03-2013 12:16

Huib,
IE start nu duidenlijk sneller op, maar blijft nog wel even hangen, op het moment dat de laadbalk onder in beeld helemaal vol is. Het lijkt er echter op dat alles iets beter gaat. Vista afsluiten duurt nog steeds lang, plm. twee minuten. Hoe zou ik dat kunnen oplossen?
Om te beginnen alvast super bedankt voor de moeite om mij te helpen, ik zal eerst IE updaten naar IE9.
Marcel.
fazantje

26-03-2013 12:24

Hoi Marcel,
Voer ook het schoonmaakplan eens uit en vertel na IE9 te hebben gedownload en geinstalleerd hoe het dan gaat.
Groetjes Huib;)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Verzoek om te kijken naar mijn logs.

MarcelJnl

fazantje

MarcelJnl

fazantje

MarcelJnl

fazantje

MarcelJnl

fazantje

MarcelJnl

fazantje