logjes nakijken

marianne40

31-03-2013 15:58

Ik heb hier de laptop van mijn moeder en die heeft wat problemen daarmee.
Hij is erg traag en internet explorer loopt ook steeds vast.
Ook gaf word problemen als ik het goed begrepen had.
Zouden jullie de logjes na willen kijken om te kijken of er iets is.
Ik kan alleen pas vrijdag of zaterdag met de laptop aan de gang omdat mijn moeder ver weg woont en ik dus de laptop het weekend pas weer tot mijn beschikking heb.
# AdwCleaner v2.115 - Verslag gemaakt op 31/03/2013 om 12:45:19
# Geactualiseerd op 17/03/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Gebruiker : Elly - ELLY-PC
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Elly\Desktop\adwcleaner.exe
# Optie
***** *****
***** *****
Map Verwijdert : C:\Program Files\Windows jZip Toolbar
Map Verwijdert : C:\Users\Elly\AppData\LocalLow\jziptoolbar
***** *****
Data Verwijdert : HKLM\..\Windows = C:\PROGRA~1\WIF0E7~1\Datamngr\datamngr.dll
Data Verwijdert : HKLM\..\Windows = C:\PROGRA~1\WIF0E7~1\Datamngr\IEBHO.dll
Sleutel Verwijdert : HKCU\Software\DataMngr
Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar
Sleutel Verwijdert : HKCU\Software\IM
Sleutel Verwijdert : HKCU\Software\ImInstaller
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41C4AA37-1DDD-4345-B8DC-734E4B38414D}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41C4AA37-1DDD-4345-B8DC-734E4B38414D}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{41C4AA37-1DDD-4345-B8DC-734E4B38414D}
Sleutel Verwijdert : HKLM\Software\DataMngr
Sleutel Verwijdert : HKLM\Software\ImInstaller
Sleutel Verwijdert : HKLM\Software\jZipMediabarTb
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E48C56F-08CD-43AA-A6EF-C1EC891551AB}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41C4AA37-1DDD-4345-B8DC-734E4B38414D}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jZip 102 MediaBar
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
***** *****
-\\ Internet Explorer v10.0.9200.16521
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v26.0.1410.43
File : C:\Users\Elly\AppData\Local\Google\Chrome\User Data\Default\Preferences
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Databaseversie: v2013.03.31.01
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16521
Elly :: ELLY-PC
31-3-2013 13:07:38
mbam-log-2013-03-31 (13-07-38).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 212175
Verstreken tijd: 11 minuut/minuten, 43 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
info.txt logfile of random's system information tool 1.09 2013-03-31 15:34:58
======Uninstall list======
Update for Microsoft Office 2007 (KB2508958)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
Update for Microsoft Office 2007 (KB2508958)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
ACSI Camp Site Guide France 2012–>C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{FC312E30-44B9-4FB7-8541-B604C83F20D8} /l1043
Activation Assistant for the 2007 Microsoft Office suites–>“C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe” REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX–>C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 11 Plugin–>C:\Windows\system32\Macromed\Flash\FlashUtil32_11_6_602_180_Plugin.exe -maintain plugin
Adobe Reader 9.1.3 - Nederlands–>MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A91000000001}
Adobe Shockwave Player 11–>C:\Windows\system32\adobe\SHOCKW~1\UNWISE.EXE C:\Windows\system32\Adobe\SHOCKW~1\Install.log
Apple Software Update–>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Bejeweled 2 Deluxe–>C:\Program Files\Bejeweled 2 Deluxe\Uninstal.exe
Bing Bar–>MsiExec.exe /X{B4089055-D468-45A4-A6BA-5A138DD715FC}
Canon Easy-PhotoPrint EX–>C:\Program Files\Canon\Easy-PhotoPrint EX\uninst.exe Uninst.ini uinstrsc.dll
Canon Easy-WebPrint EX–>“C:\Program Files\Canon\Easy-WebPrint EX\Maint.exe” /UninstallRemove C:\Program Files\Canon\Easy-WebPrint EX\uninst.ini
Canon IJ Network Tool–>C:\Program Files\Canon\Canon IJ Network Tool\CNMNUU.exe
Canon Inkjet Printer/Scanner/Fax Extended Survey Program–>C:\Program Files\Canon\IJPLM\SETUP.EXE -R
Canon MP Navigator EX 4.0–>“C:\Program Files\Canon\MP Navigator EX 4.0\Maint.exe” /UninstallRemove C:\Program Files\Canon\MP Navigator EX 4.0\uninst.ini
Canon MP495 series MP Drivers–>“C:\Windows\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series\DelDrv.exe” /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series /L0x0013
Canon My Printer–>C:\Program Files\Canon\MyPrinter\uninst.exe uninst.ini uinstrsc.dll
Canon Solution Menu EX–>“C:\Program Files\Canon\Solution Menu EX\uninst.exe” /UninstallRemove C:\Program Files\Canon\Solution Menu EX\uninst.ini
Cisco EAP-FAST Module–>MsiExec.exe /I{BF53252E-4AB2-4C7F-A0FD-6100755745E3}
Cisco LEAP Module–>MsiExec.exe /I{76F9CF97-FC4B-4E20-B363-D127C888448F}
Cisco PEAP Module–>MsiExec.exe /I{4E5386F5-C0F6-4532-A54A-374865AEAB71}
Compatibiliteitspakket voor het 2007 Microsoft Office system–>MsiExec.exe /X{90120000-0020-0413-0000-0000000FF1CE}
Corel Home Office - IPM–>MsiExec.exe /I{39FE455F-9478-451B-9420-73C15143DF8E}
Corel Home Office - Launcher–>MsiExec.exe /I{E74EA3B1-7192-489D-9A57-0AE918FEC001}
Corel Home Office - Templates1–>MsiExec.exe /I{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}
Corel Home Office–>C:\Program Files\Corel Home Office\Setup\SetupARP.exe /arp
Corel Home Office–>MsiExec.exe /I{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}
Corel Home Office–>MsiExec.exe /I{AE9F7747-0350-4E02-B115-6A2C92F5FA54}
Corel Painter Essentials 4–>“C:\Program Files\Corel\Corel Painter Essentials 4\MSILauncher” “{E1A63F75-1F72-4450-980D-434496FFC646}”
Corel Painter Essentials 4–>MsiExec.exe /I{E1A63F75-1F72-4450-980D-434496FFC646}
CorelDRAW Essentials 4 - Content–>MsiExec.exe /I{19AC095C-3520-4999-AA15-93B6D0248A50}
CorelDRAW Essentials 4 - Draw–>MsiExec.exe /I{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}
CorelDRAW Essentials 4 - Filters–>MsiExec.exe /I{F16841F6-5F0F-4DBE-B318-63CEB916F21D}
CorelDRAW Essentials 4 - ICA–>MsiExec.exe /I{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}
CorelDRAW Essentials 4 - IPM - No VBA–>MsiExec.exe /I{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}
CorelDRAW Essentials 4 - Lang BR–>MsiExec.exe /I{ABD8B955-1C69-4AF3-949B-13CD587C175F}
CorelDRAW Essentials 4 - Lang DE–>MsiExec.exe /I{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}
CorelDRAW Essentials 4 - Lang EN–>MsiExec.exe /I{34A9406E-1994-4C20-AC72-04CFA2B24545}
CorelDRAW Essentials 4 - Lang ES–>MsiExec.exe /I{C682F3F0-00A6-4379-B083-4F3273624D7B}
CorelDRAW Essentials 4 - Lang FR–>MsiExec.exe /I{BA9319FE-BCEF-4C99-8039-F464648D046E}
CorelDRAW Essentials 4 - Lang IT–>MsiExec.exe /I{3576C335-958D-4D60-A812-F68F9A2796AF}
CorelDRAW Essentials 4 - Lang NL–>MsiExec.exe /I{5500BB35-1C21-4328-9F16-F894B860FADE}
CorelDRAW Essentials 4 - PHOTO-PAINT–>MsiExec.exe /I{07B62101-7EBD-434A-94B1-B38063BE5516}
CorelDRAW Essentials 4 - Windows Shell Extension–>C:\Program Files\Common Files\Corel\Shared\Shell Extension\Uninst_CDE4.exe
CorelDRAW Essentials 4 - Windows Shell Extension–>MsiExec.exe /X{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}
CorelDRAW Essentials 4–>C:\Program Files\Corel\CorelDRAW Essentials 4\Setup\SetupARP.exe /arp
CorelDRAW Essentials 4–>MsiExec.exe /I{9043B9A0-9505-405B-8202-E7167A38A89C}
CyberLink LabelPrint–>“C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe” /z-uninstall
CyberLink LabelPrint–>“C:\Program Files\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe” /z-uninstall
CyberLink MediaShow–>“C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe” /z-uninstall
CyberLink MediaShow–>“C:\Program Files\InstallShield Installation Information\{80E158EA-7181-40FE-A701-301CE6BE64AB}\Setup.exe” /z-uninstall
CyberLink PhotoNow–>“C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe” /z-uninstall
CyberLink PhotoNow–>“C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe” /z-uninstall
CyberLink Power2Go–>“C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe” /z-uninstall
CyberLink Power2Go–>“C:\Program Files\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe” /z-uninstall
CyberLink PowerDirector–>“C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe” /z-uninstall
CyberLink PowerDirector–>“C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe” /z-uninstall
CyberLink PowerDVD 9–>“C:\Program Files\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe” /z-uninstall
CyberLink PowerDVD 9–>“C:\Program Files\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe” /z-uninstall
CyberLink PowerDVD Copy–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\Setup.exe” -uninstall
CyberLink PowerProducer–>“C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe” /z-uninstall
CyberLink PowerProducer–>“C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe” /z-uninstall
CyberLink YouCam–>“C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe” /z-uninstall
CyberLink YouCam–>“C:\Program Files\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\Setup.exe” /z-uninstall
D3DX10–>MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Gebruikersregistratie voor Canon MP495 series–>C:\Program Files\Canon\IJEREG\MP495 series\UNINST.EXE
Google Toolbar for Internet Explorer–>“C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe” /uninstall
Google Toolbar for Internet Explorer–>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
IncrediMail 2.0–>C:\Program Files\IncrediMail\Bin\ImSetup.exe /uninstallProduct /addon:incredimail
IncrediMail–>MsiExec.exe /X{EF90CC06-F94A-4456-B344-79452D0F51F4}
Intel® Matrix Storage Manager–>C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall
Java(TM) 6 Update 31–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}
Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
jZip–>C:\PROGRA~1\jZip\UNWISE.EXE /U C:\PROGRA~1\jZip\INSTALL.LOG
Malwarebytes Anti-Malware versie 1.70.0.1100–>“C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe”
Marooned - NL–>C:\Program Files\Marooned - NL\Uninstal.exe
McAfee Security Scan Plus–>“C:\Program Files\McAfee Security Scan\uninstall.exe”
MCE Software Encoder 1.1–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{7655E113-C306-11D9-A373-0050BAE317E1}\Setup.exe” -uninstall
Medion Home Cinema–>“C:\Program Files\InstallShield Installation Information\{AB770FDE-8087-4C98-9A85-BD64262C104C}\Setup.exe” /z-uninstall
Medion Home Cinema–>“C:\Program Files\InstallShield Installation Information\{AB770FDE-8087-4C98-9A85-BD64262C104C}\Setup.exe” /z-uninstall
Microsoft .NET Framework 4 Client Profile NLD Language Pack–>MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}
Microsoft .NET Framework 4 Client Profile–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile–>MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft Antimalware Service NL-NL Language Pack–>MsiExec.exe /X{F8EDC0F8-15BC-4411-8762-77105C8AAEEC}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}
Microsoft Office 2007 Service Pack 3 (SP3)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office Access MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office Home and Student 2007–>“C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007–>MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office OneNote MUI (Dutch) 2007–>MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007–>MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (Dutch)–>MsiExec.exe /X{95120000-00AF-0413-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007–>“C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe” /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007–>MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007–>MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007–>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007–>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007–>MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007–>MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)–>msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
Microsoft Office Publisher MUI (Dutch) 2007–>MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007–>MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007–>MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Security Client NL-NL Language Pack–>MsiExec.exe /I{50779A29-834E-4E36-BBEB-B7CABC67A825}
Microsoft Security Client–>MsiExec.exe /X{390DD8BB-BB57-4942-A029-2D913E4E9D74}
Microsoft Security Essentials–>C:\Program Files\Microsoft Security Client\Setup.exe /x
Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition –>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Works–>MsiExec.exe /I{5158F1F5-FA1B-4D49-B546-55A5004B89BD}
MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
Photo Notifier and Animation Creator–>MsiExec.exe /X{8D853998-1055-4E45-B99E-F5039C502831}
Photo Notifier and Animation Creator–>MsiExec.exe /X{8D853998-1055-4E45-B99E-F5039C502831} ARPVAL=“UnInst” /qf /L*V “%temp%\PhotoNotifier_AnimationCreatorUninstall.log”
QuickTime–>MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek High Definition Audio Driver–>RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup “C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe” -removeonly
Realtek USB 2.0 Card Reader–>“C:\Program Files\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe” -runfromtemp -l0x0013 -removeonly
REALTEK Wireless LAN Driver–>C:\Program Files\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}\Install.exe -uninst -l0x13
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {CD6D9B8A-BBC4-3FA7-B24D-D74CE90630CF} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {ECBEE23D-AB7E-3DAA-B66B-CD52003198F1} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {788818B1-B191-3217-A210-7ACFDE19CE4A} /parameterfolder Client
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B7C20E16-9A3A-3F05-A6B5-E15AA09200E0} /parameterfolder Client
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition –>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition –>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)–>c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)–>c:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP
Synaptics Pointing Device Driver–>rundll32.exe “%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll”,standAloneUninstall
System Control Manager–>C:\Program Files\InstallShield Installation Information\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}\setup.exe -runfromtemp -l0x0009 -removeonly
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP
TomTom HOME 2.7.3.1894–>C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
TomTom HOME Visual Studio Merge Modules–>MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
Update for 2007 Microsoft Office System (KB967642)–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB967642)–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)–>C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {525A4A44-8940-40AD-ABA0-14501199D2F0}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition–>msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition–>msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {F8564AF8-30AE-4427-ACF3-69714E1BB656}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition–>msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F5F9C863-59A7-40CA-8D86-E27D6B1D2617}
Update voor Microsoft Office Excel 2007 Help (KB963678)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Excel 2007 Help (KB963678)–>msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)–>msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}
Update voor Microsoft Office Word 2007 Help (KB963665)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
Update voor Microsoft Office Word 2007 Help (KB963665)–>msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}
Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials–>C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials–>MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live ID Sign-in Assistant–>MsiExec.exe /I{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail–>MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Messenger–>MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}
Windows Live Messenger–>MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}
Windows Live MIME IFilter–>MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}
Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker–>MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Photo Common–>MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery–>MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live PIMT Platform–>MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Sync–>MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources–>MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer–>MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
======System event log======
Computer Name: Elly-PC
Event Code: 7036
Message: De Group Policy Client-service heeft nu de status wordt uitgevoerd.
Record Number: 101830
Source Name: Service Control Manager
Time Written: 20121003130313.424431-000
Event Type: Informatie
User:
Computer Name: Elly-PC
Event Code: 7036
Message: De Themes-service heeft nu de status wordt uitgevoerd.
Record Number: 101829
Source Name: Service Control Manager
Time Written: 20121003130313.424431-000
Event Type: Informatie
User:
Computer Name: Elly-PC
Event Code: 7036
Message: De Windows Audio-service heeft nu de status wordt uitgevoerd.
Record Number: 101828
Source Name: Service Control Manager
Time Written: 20121003130313.408831-000
Event Type: Informatie
User:
Computer Name: Elly-PC
Event Code: 7036
Message: De Windows Audio Endpoint Builder-service heeft nu de status wordt uitgevoerd.
Record Number: 101827
Source Name: Service Control Manager
Time Written: 20121003130313.284031-000
Event Type: Informatie
User:
Computer Name: Elly-PC
Event Code: 7036
Message: De Multimedia Class Scheduler-service heeft nu de status wordt uitgevoerd.
Record Number: 101826
Source Name: Service Control Manager
Time Written: 20121003130313.143631-000
Event Type: Informatie
User:
=====Application event log=====
Computer Name: WIN-JV502Q6FMND
Event Code: 1532
Message: De User Profile-service is gestopt.
Record Number: 1964
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090830233159.294201-000
Event Type: Informatie
User: NT AUTHORITY\SYSTEM
Computer Name: WIN-JV502Q6FMND
Event Code: 12307
Message: Het vernieuwen van de evaluatieperiode is overgeslagen voor toepassings-id = 55c92734-d682-4d71-983e-d6ec3f16059f, SKU-id = (null).
Record Number: 1963
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20090830233154.000000-000
Event Type: Informatie
User:
Computer Name: WIN-JV502Q6FMND
Event Code: 1003
Message: De Windows Search-service is gestart.
Record Number: 1962
Source Name: Microsoft-Windows-Search
Time Written: 20090830233040.000000-000
Event Type: Informatie
User:
Computer Name: WIN-JV502Q6FMND
Event Code: 1013
Message: De Windows Search-service is normaal gestopt.
Record Number: 1961
Source Name: Microsoft-Windows-Search
Time Written: 20090830233038.000000-000
Event Type: Informatie
User:
Computer Name: WIN-JV502Q6FMND
Event Code: 103
Message: Windows (3472) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.
Record Number: 1960
Source Name: ESENT
Time Written: 20090830233038.000000-000
Event Type: Informatie
User:
=====Security event log=====
Computer Name: Elly-PC
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: ELLY-PC$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x23c
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 17625
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120411083236.531651-000
Event Type: Controle geslaagd
User:
Computer Name: Elly-PC
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-19
Accountnaam: LOCAL SERVICE
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e5
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeAuditPrivilege
SeImpersonatePrivilege
Record Number: 17624
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120411083236.344450-000
Event Type: Controle geslaagd
User:
Computer Name: Elly-PC
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: ELLY-PC$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-19
Accountnaam: LOCAL SERVICE
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e5
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x23c
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 17623
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120411083236.344450-000
Event Type: Controle geslaagd
User:
Computer Name: Elly-PC
Event Code: 4672
Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Bevoegdheden: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 17622
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120411083236.126050-000
Event Type: Controle geslaagd
User:
Computer Name: Elly-PC
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-5-18
Accountnaam: ELLY-PC$
Accountdomein: WORKGROUP
Aanmeldings-id: 0x3e7
Aanmeldingstype: 5
Nieuwe aanmelding:
Beveiligings-id: S-1-5-18
Accountnaam: SYSTEM
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e7
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x23c
Naam proces: C:\Windows\System32\services.exe
Netwerkgegevens:
Naam van werkstation:
Netwerkadres van bron: -
Poort van bron: -
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: Advapi
Verificatiepakket: Negotiate
Doorgezette services: -
Pakketnaam (alleen NTLM): -
Sleutellengte: 0
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 17621
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20120411083236.126050-000
Event Type: Controle geslaagd
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“Path”=C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\jZip;C:\Program Files\Windows Live\Shared
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
“PROCESSOR_ARCHITECTURE”=x86
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“USERNAME”=SYSTEM
“windir”=%SystemRoot%
“PSModulePath”=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
“NUMBER_OF_PROCESSORS”=2
“PROCESSOR_LEVEL”=6
“PROCESSOR_IDENTIFIER”=x86 Family 6 Model 23 Stepping 10, GenuineIntel
“PROCESSOR_REVISION”=170a
“CLASSPATH”=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
“QTJAVA”=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
—————–EOF—————–
—————–EOF—————–
marianne40

31-03-2013 15:59

Dit is het vervolg van de logjes want het lukt niet in 1 berciht.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Elly at 2013-03-31 15:34:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 377 GB (87%) free of 435 GB
Total RAM: 3071 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:55, on 31-3-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Elly\Downloads\RSIT.exe
C:\Program Files\trend micro\Elly.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - “C:\Program Files\Microsoft\BingBar\BingExt.dll” (file missing)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - “C:\Program Files\Microsoft\BingBar\BingExt.dll” (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\LabelPrint” UpdateWithCreateOnce “Software\CyberLink\LabelPrint\2.5”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\MediaShow4” UpdateWithCreateOnce “Software\CyberLink\MediaShow\4.1”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\PowerDirector” UpdateWithCreateOnce “Software\CyberLink\PowerDirector\7.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\PowerProducer” UpdateWithCreateOnce “Software\CyberLink\PowerProducer\5.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\YouCam” UpdateWithCreateOnce “Software\CyberLink\YouCam\3.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\YouCam\YouCamTray.exe” /s
O4 - HKLM\..\Run: C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\RunOnce: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: “C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -“Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MAMD; .NET4.0C; BRI/2; InfoPath.2)” -“http://www.maidmarian.com/Sherwood.htm”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)
O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
–
End of file - 12357 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3894212643-3302433368-1863826008-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3894212643-3302433368-1863826008-1000UA.job
======Registry dump======
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
Bing Bar Helper - C:\Program Files\Microsoft\BingBar\BingExt.dll
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files\Microsoft\BingBar\BingExt.dll
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
“IAAnotif”=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
“StartCCC”=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
“RtHDVCpl”=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
“SynTPEnh”=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
“Adobe Reader Speed Launcher”=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
“QuickTime Task”=C:\Program Files\QuickTime\QTTask.exe
“UpdateLBPShortCut”=C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
“MDS_Menu”=C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
“CLMLServer”=C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
“UpdateP2GoShortCut”=C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
“UpdatePDRShortCut”=C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
“PDVD9LanguageShortcut”=C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe
“UpdatePPShortCut”=C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
“UCam_Menu”=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
“YouCam Mirror Tray icon”=C:\Program Files\CyberLink\YouCam\YouCamTray.exe
“MGSysCtrl”=C:\Program Files\System Control Manager\MGSysCtrl.exe
“SunJavaUpdateSched”=C:\Program Files\Common Files\Java\Java Update\jusched.exe
“MSC”=c:\Program Files\Microsoft Security Client\msseces.exe
“CanonMyPrinter”=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
“CanonSolutionMenuEx”=C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
“Malwarebytes Anti-Malware”=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
“TomTomHOME.exe”=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
“msnmsgr”=C:\Program Files\Windows Live\Messenger\msnmsgr.exe
“IncrediMail”=C:\Program Files\IncrediMail\bin\IncMail.exe
“Google Update”=C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe
“Sidebar”=C:\Program Files\Windows Sidebar\sidebar.exe
“Shockwave Updater”=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
“AppInit_DLLs”=“ ”
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\System32\l3codeca.acm
“vidc.cvid”=iccvid.dll
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“msacm.siren”=sirenacm.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 3 months======
2013-03-31 15:34:45 —-D—- C:\rsit
2013-03-31 15:34:45 —-D—- C:\Program Files\trend micro
2013-03-31 13:23:01 —-D—- C:\Program Files\ESET
2013-03-31 13:06:47 —-D—- C:\Users\Elly\AppData\Roaming\Malwarebytes
2013-03-31 13:06:23 —-D—- C:\ProgramData\Malwarebytes
2013-03-31 13:06:20 —-A—- C:\Windows\system32\drivers\mbam.sys
2013-03-31 13:06:19 —-D—- C:\Program Files\Malwarebytes' Anti-Malware
2013-03-31 12:58:39 —-D—- C:\Users\Elly\AppData\Roaming\Google
2013-03-31 12:45:19 —-A—- C:\AdwCleaner.txt
2013-03-30 00:08:31 —-A—- C:\Windows\system32\wininet.dll
2013-03-30 00:08:31 —-A—- C:\Windows\system32\urlmon.dll
2013-03-30 00:08:31 —-A—- C:\Windows\system32\RegisterIEPKEYs.exe
2013-03-30 00:08:31 —-A—- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-03-30 00:08:31 —-A—- C:\Windows\system32\msls31.dll
2013-03-30 00:08:31 —-A—- C:\Windows\system32\jsproxy.dll
2013-03-30 00:08:31 —-A—- C:\Windows\system32\iertutil.dll
2013-03-30 00:08:31 —-A—- C:\Windows\system32\elshyph.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\wextract.exe
2013-03-30 00:08:30 —-A—- C:\Windows\system32\vbscript.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\msrating.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\mshtmled.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\mshtml.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\msfeeds.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\inseng.dll
2013-03-30 00:08:30 —-A—- C:\Windows\system32\iexpress.exe
2013-03-30 00:08:30 —-A—- C:\Windows\system32\ieUnatt.exe
2013-03-30 00:08:29 —-A—- C:\Windows\system32\SetIEInstalledDate.exe
2013-03-30 00:08:29 —-A—- C:\Windows\system32\pngfilt.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\occache.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\mshtmler.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\mshta.exe
2013-03-30 00:08:29 —-A—- C:\Windows\system32\msfeedssync.exe
2013-03-30 00:08:29 —-A—- C:\Windows\system32\msfeedsbs.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\jscript9.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\jscript.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\imgutil.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\ieui.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\iesysprep.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\iepeers.dll
2013-03-30 00:08:29 —-A—- C:\Windows\system32\IEAdvpack.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\url.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\mshtmlmedia.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\iesetup.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\iernonce.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\ieframe.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\iedkcs32.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\ieapfltr.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\ieapfltr.dat
2013-03-30 00:08:28 —-A—- C:\Windows\system32\ie4uinit.exe
2013-03-30 00:08:28 —-A—- C:\Windows\system32\icardie.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\dxtrans.dll
2013-03-30 00:08:28 —-A—- C:\Windows\system32\dxtmsft.dll
2013-03-30 00:08:27 —-A—- C:\Windows\system32\webcheck.dll
2013-03-30 00:08:27 —-A—- C:\Windows\system32\licmgr10.dll
2013-03-13 18:23:40 —-A—- C:\Windows\system32\drivers\usb8023.sys
2013-02-28 12:54:15 —-A—- C:\Windows\system32\UIAnimation.dll
2013-02-28 12:54:02 —-A—- C:\Windows\system32\WMPhoto.dll
2013-02-28 12:53:59 —-AH—- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-02-28 12:53:59 —-AH—- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-02-28 12:53:58 —-AH—- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-02-28 12:53:56 —-A—- C:\Windows\system32\XpsGdiConverter.dll
2013-02-28 12:53:54 —-AH—- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-02-28 12:53:54 —-AH—- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-02-28 12:53:54 —-AH—- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-02-28 12:53:54 —-AH—- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-02-28 12:53:54 —-AH—- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-02-28 12:53:54 —-AH—- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-02-28 12:53:52 —-A—- C:\Windows\system32\msmpeg2vdec.dll
2013-02-28 12:53:52 —-A—- C:\Windows\system32\dxgi.dll
2013-02-28 12:53:52 —-A—- C:\Windows\system32\d3d10warp.dll
2013-02-28 12:53:52 —-A—- C:\Windows\system32\d3d10level9.dll
2013-02-28 12:53:51 —-A—- C:\Windows\system32\d3d11.dll
2013-02-28 12:53:51 —-A—- C:\Windows\system32\d3d10core.dll
2013-02-28 12:53:51 —-A—- C:\Windows\system32\d3d10_1core.dll
2013-02-28 12:53:51 —-A—- C:\Windows\system32\d3d10_1.dll
2013-02-28 12:53:50 —-A—- C:\Windows\system32\d3d10.dll
2013-02-28 12:53:49 —-A—- C:\Windows\system32\XpsPrint.dll
2013-02-28 12:53:49 —-A—- C:\Windows\system32\WindowsCodecsExt.dll
2013-02-28 12:53:49 —-A—- C:\Windows\system32\FntCache.dll
2013-02-28 12:53:49 —-A—- C:\Windows\system32\DWrite.dll
2013-02-28 12:53:48 —-A—- C:\Windows\system32\WindowsCodecs.dll
2013-02-28 12:53:48 —-A—- C:\Windows\system32\d2d1.dll
2013-02-24 15:14:35 —-D—- C:\ProgramData\McAfee Security Scan
2013-02-24 15:14:34 —-D—- C:\ProgramData\McAfee
2013-02-24 15:14:22 —-D—- C:\Program Files\McAfee Security Scan
2013-02-24 15:14:19 —-A—- C:\Windows\system32\FlashPlayerApp.exe
2013-02-13 21:52:33 —-A—- C:\Windows\system32\win32k.sys
2013-02-13 21:52:26 —-A—- C:\Windows\system32\ntkrnlpa.exe
2013-02-13 21:52:25 —-A—- C:\Windows\system32\ntoskrnl.exe
2013-02-13 21:52:24 —-A—- C:\Windows\system32\drivers\tcpip.sys
2013-02-13 21:52:23 —-A—- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 21:52:21 —-A—- C:\Windows\system32\winsrv.dll
2013-01-20 16:59:04 —-A—- C:\Windows\system32\drivers\MpFilter.sys
2013-01-09 16:48:43 —-A—- C:\Windows\system32\usp10.dll
2013-01-09 16:48:39 —-A—- C:\Windows\system32\win32spl.dll
2013-01-09 16:48:38 —-A—- C:\Windows\system32\msxml6.dll
2013-01-09 16:48:33 —-A—- C:\Windows\system32\gameux.dll
2013-01-09 16:48:32 —-A—- C:\Windows\system32\Wpc.dll
2013-01-09 13:31:39 —-A—- C:\Windows\system32\KernelBase.dll
2013-01-09 13:31:38 —-A—- C:\Windows\system32\kernel32.dll
2013-01-09 13:31:38 —-A—- C:\Windows\system32\conhost.exe
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 13:31:37 —-AH—- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 13:31:36 —-AH—- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 13:31:35 —-AH—- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 13:31:35 —-AH—- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 13:31:26 —-A—- C:\Windows\system32\ncrypt.dll
2013-01-09 13:31:25 —-A—- C:\Windows\system32\taskhost.exe
======List of files/folders modified in the last 3 months======
2013-03-31 15:34:45 —-RD—- C:\Program Files
2013-03-31 15:34:30 —-D—- C:\Windows\Temp
2013-03-31 15:29:51 —-D—- C:\Windows\system32\config
2013-03-31 15:28:50 —-D—- C:\Windows\rescache
2013-03-31 13:21:56 —-D—- C:\Windows\system32\drivers
2013-03-31 13:06:23 —-HD—- C:\ProgramData
2013-03-31 12:56:22 —-D—- C:\Windows\System32
2013-03-31 12:56:22 —-D—- C:\Windows\inf
2013-03-31 12:56:22 —-A—- C:\Windows\system32\PerfStringBackup.INI
2013-03-30 12:08:00 —-D—- C:\Windows\winsxs
2013-03-30 12:06:38 —-D—- C:\Windows\system32\nl-NL
2013-03-30 12:06:36 —-D—- C:\Windows\PolicyDefinitions
2013-03-30 12:06:33 —-D—- C:\Windows\system32\migration
2013-03-30 12:06:32 —-D—- C:\Windows\system32\en-US
2013-03-30 12:06:28 —-D—- C:\Program Files\Internet Explorer
2013-03-30 00:12:36 —-D—- C:\Windows\Logs
2013-03-30 00:12:18 —-D—- C:\Windows\system32\catroot
2013-03-30 00:11:34 —-D—- C:\Windows\system32\catroot2
2013-03-30 00:07:11 —-D—- C:\Windows
2013-03-30 00:07:03 —-SHD—- C:\System Volume Information
2013-03-19 18:55:58 —-D—- C:\Windows\system32\NDF
2013-03-14 08:54:05 —-D—- C:\Program Files\Microsoft Silverlight
2013-03-14 08:53:08 —-D—- C:\Windows\system32\DriverStore
2013-03-14 08:35:03 —-A—- C:\Windows\system32\MRT.exe
2013-03-14 08:34:48 —-SHD—- C:\Windows\Installer
2013-03-14 08:34:48 —-D—- C:\ProgramData\Microsoft Help
2013-03-14 08:31:06 —-D—- C:\Windows\AppPatch
2013-03-01 23:50:32 —-D—- C:\ProgramData\CanonIJPLM
2013-02-28 13:24:54 —-D—- C:\Windows\system32\zh-TW
2013-02-28 13:24:54 —-D—- C:\Windows\system32\zh-HK
2013-02-28 13:24:54 —-D—- C:\Windows\system32\zh-CN
2013-02-28 13:24:54 —-D—- C:\Windows\system32\tr-TR
2013-02-28 13:24:54 —-D—- C:\Windows\system32\sv-SE
2013-02-28 13:24:54 —-D—- C:\Windows\system32\ru-RU
2013-02-28 13:24:54 —-D—- C:\Windows\system32\pt-PT
2013-02-28 13:24:54 —-D—- C:\Windows\system32\pt-BR
2013-02-28 13:24:54 —-D—- C:\Windows\system32\pl-PL
2013-02-28 13:24:54 —-D—- C:\Windows\system32\nb-NO
2013-02-28 13:24:54 —-D—- C:\Windows\system32\ko-KR
2013-02-28 13:24:54 —-D—- C:\Windows\system32\ja-JP
2013-02-28 13:24:54 —-D—- C:\Windows\system32\it-IT
2013-02-28 13:24:54 —-D—- C:\Windows\system32\hu-HU
2013-02-28 13:24:54 —-D—- C:\Windows\system32\fr-FR
2013-02-28 13:24:54 —-D—- C:\Windows\system32\fi-FI
2013-02-28 13:24:54 —-D—- C:\Windows\system32\es-ES
2013-02-28 13:24:54 —-D—- C:\Windows\system32\el-GR
2013-02-28 13:24:54 —-D—- C:\Windows\system32\de-DE
2013-02-28 13:24:54 —-D—- C:\Windows\system32\cs-CZ
2013-02-28 13:24:53 —-D—- C:\Windows\system32\da-DK
2013-02-24 15:14:46 —-D—- C:\ProgramData\Adobe
2013-02-24 15:14:21 —-D—- C:\Windows\Tasks
2013-02-24 15:14:21 —-D—- C:\Windows\system32\Tasks
2013-02-15 15:45:49 —-D—- C:\Windows\Microsoft.NET
2013-02-15 15:45:13 —-RSD—- C:\Windows\assembly
2013-02-14 20:13:49 —-D—- C:\Program Files\Microsoft Security Client
2013-01-30 12:53:21 —-N—- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys
R3 acpials;ALS-sensorfilter; C:\Windows\system32\DRIVERS\acpials.sys
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys
R3 SynTP;Synaptics Pointing Device Driver; C:\Windows\system32\DRIVERS\SynTP.sys
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys
S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys
S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys
S3 ViaC7;Stuurprogramma voor VIA C7-processor; C:\Windows\system32\DRIVERS\viac7.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe
R2 BBUpdate;BBUpdate; C:\Program Files\Microsoft\BingBar\SeaPort.EXE
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
R2 Micro Star SCM;Micro Star SCM; C:\Program Files\System Control Manager\MSIService.exe
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe
S2 BBSvc;Bing Bar Update Service; C:\Program Files\Microsoft\BingBar\BBSvc.EXE
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Updateservice (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
fazantje

31-03-2013 20:44

Hoi Marianne,
Daar je schreef dat je vrijdag of zaterdag pas kunt reageren, kijk ik morgen of dinsdag ff verder.
Groetjes Huib;)
marianne40

02-04-2013 16:52

Hoi Huib
Je hoeft er inderdaad geen haast mee te maken. Vrijdag aan het eind van de middag heb ik de laptop weer tot mijn beschikking tot zondag dan gaat de laptop weer terug. Dus tegen die tijd zie ik vast wel een bericht verschijnen.
Groetjes Marianne
fazantje

04-04-2013 10:46

Hoi Marianne,
Download zoek.exe hier en plaats het op jou bureaublad.
Schakel je antivirus- en antispywareprogramma's uit, deze kunnen in conflict komen met zoek.exe.
Dit doe je rechts onderin de taakbalk, door met je rechtermuisknop op het antivirusicoontje te klikken.
Dubbelklik op Zoek.exe om de tool te starten.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
firefoxlook;
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent, dit kan na een herstart zijn als deze nodig is.
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht en vertel gelijk hoe het nu gaat.
Succes,
Huib;)
marianne40

05-04-2013 16:54

Hieronder de log van zoekexe.
Dit heeft de virusscanner ook gevonden op de pc en heb ik inmiddels verwijderd.
Exploit:Java/CVE-2010-4452 ernstig 31-3-2013 13:30
TrojanDownloader:Java/Blacole.A ernstig 31-3-2013 13:29
Exploit:JS/Blacole.KE ernstig 6-12-2012 11:50
Verder heb ik het idee dat de pc wel goed draait.
Zoek.exe Version 4.0.0.2 Updated 31-03-2013
Tool run by Elly on vr 05-04-2013 at 16:21:10,34.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
==== Older Logs ======================
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft\BingBar\BBSvc.EXE
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\System Control Manager\MSIService.exe
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\CyberLink\YouCam\YouCamTray.exe
C:\Program Files\System Control Manager\MGSysCtrl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\IncrediMail\Bin\IncMail.exe
C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\Elly\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Elly\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\consent.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
==== Deleting Files \ Folders ======================
“C:\Users\Elly\AppData\LocalLow\DataMngr” deleted
==== System Specs ======================
Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)
Internet Explorer: 9.10.9200.16521
Memory (RAM): 3072 MB
CPU Info: Genuine Intel(R) CPU U4100 @ 1.30GHz
CPU Speed: 343,1 MHz
Sound Card: Luidsprekers (Realtek High Defi |
Display Adapters: ATI Mobility Radeon HD 4530 | ATI Mobility Radeon HD 4530 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm |
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | Realtek PCIe GBE Family Controller
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 424,7GB | D: 40,0GB
Hard Disks - Free: C: 367,5GB | D: 30,1GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 09/10/09 | MEDION - 20090910
Time Zone: West-Europa (standaardtijd)
Motherboard *: MEDION S561X
Sun Java version: 1.6.0_31
Country: Nederland
Language: NLD
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Elly\AppData\Local\Temp ====
====== C:\Windows\system32 =====
2013-03-29 22:08:31 C225E5307D8D4982A1687F2702C37C78 158720 —-a-w- C:\Windows\System32\msls31.dll
2013-03-29 22:08:31 BA15504FA59A8DC304F1CBAEBA6252A1 1766912 —-a-w- C:\Windows\System32\wininet.dll
2013-03-29 22:08:31 B3D105459BBA576A763E8C061E49F5C5 1129984 —-a-w- C:\Windows\System32\urlmon.dll
2013-03-29 22:08:31 A3DA36A9E63FD0F9B45781E326AC6501 39936 —-a-w- C:\Windows\System32\jsproxy.dll
2013-03-29 22:08:31 84AC80FCD61D389948B8C0E47623B79B 71680 —-a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-03-29 22:08:31 66D8CDC28A0AADDA34133AE733934658 2046464 —-a-w- C:\Windows\System32\iertutil.dll
2013-03-29 22:08:31 4417377CEDABD9BD161FA7EDEDA175D4 745472 —-a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-03-29 22:08:31 0402BFC25AB49E02256BC24E32829773 185344 —-a-w- C:\Windows\System32\elshyph.dll
2013-03-29 22:08:30 EC68C565EFEE1AAE6174C17F826C9384 493056 —-a-w- C:\Windows\System32\msfeeds.dll
2013-03-29 22:08:30 E3FA8AEAA2F40EC1BB00FEFB2C4F3AD9 14317568 —-a-w- C:\Windows\System32\mshtml.dll
2013-03-29 22:08:30 AF0332E09DDBE0172237D1958A7DADB8 79872 —-a-w- C:\Windows\System32\mshtmled.dll
2013-03-29 22:08:30 96E0F0BED5D9EBABB899D8CA83C36A7E 523264 —-a-w- C:\Windows\System32\vbscript.dll
2013-03-29 22:08:30 87E71F2A83681F41B796CA685818EF2D 163840 —-a-w- C:\Windows\System32\msrating.dll
2013-03-29 22:08:30 87513A002B7B0F9C259F2431DFD008DC 137216 —-a-w- C:\Windows\System32\ieUnatt.exe
2013-03-29 22:08:30 52A7D73D5570F757D865DDECD087FB41 138752 —-a-w- C:\Windows\System32\wextract.exe
2013-03-29 22:08:30 4BF21D1946E8119D9C23F6F925D43F01 2706432 —-a-w- C:\Windows\System32\mshtml.tlb
2013-03-29 22:08:30 338520304B99471BD0ED121954FE7863 82432 —-a-w- C:\Windows\System32\inseng.dll
2013-03-29 22:08:30 038F76279EC64878A072D988DE13C7B2 150528 —-a-w- C:\Windows\System32\iexpress.exe
2013-03-29 22:08:29 B96C13B5C85AC4240FE95DE115945D59 38400 —-a-w- C:\Windows\System32\imgutil.dll
2013-03-29 22:08:29 AFE08AAD4D0D54FE2EF44739255AAA0F 2877440 —-a-w- C:\Windows\System32\jscript9.dll
2013-03-29 22:08:29 A7E8E3A9F92D9B0D495F636A1D282883 48640 —-a-w- C:\Windows\System32\mshtmler.dll
2013-03-29 22:08:29 8A45166CD9874463AB76B552C9C2D3AD 110592 —-a-w- C:\Windows\System32\IEAdvpack.dll
2013-03-29 22:08:29 828B4A41BE891A7AEC07E693422B4A3A 117248 —-a-w- C:\Windows\System32\iepeers.dll
2013-03-29 22:08:29 81C4D657D37C3A5418B54BFECE821B84 57344 —-a-w- C:\Windows\System32\pngfilt.dll
2013-03-29 22:08:29 80B47F0F45C3EBF41C30E0BA367D25D3 125440 —-a-w- C:\Windows\System32\occache.dll
2013-03-29 22:08:29 6DF2C6438CFF6EFCBBB88AEE01795501 73728 —-a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-03-29 22:08:29 56E51C26745FF7413514EA4DDF33BC6C 11776 —-a-w- C:\Windows\System32\msfeedssync.exe
2013-03-29 22:08:29 50EE6790FBBCE920FFABAD5D747F2788 391680 —-a-w- C:\Windows\System32\ieui.dll
2013-03-29 22:08:29 49C9634AD2516448A0250812B7F5325C 690688 —-a-w- C:\Windows\System32\jscript.dll
2013-03-29 22:08:29 3AB2A38F7EA9E62D176A78FB58761E24 12800 —-a-w- C:\Windows\System32\mshta.exe
2013-03-29 22:08:29 2D7A29C35D0894481A69FA3AC45F18F0 41984 —-a-w- C:\Windows\System32\msfeedsbs.dll
2013-03-29 22:08:29 059F9C59DAEDE8AF2C8C55BE278A99B0 109056 —-a-w- C:\Windows\System32\iesysprep.dll
2013-03-29 22:08:28 E14A07B768EC49D382CABCE2F078D576 232960 —-a-w- C:\Windows\System32\url.dll
2013-03-29 22:08:28 DEFB55D4FF094673DF31FA89A8A8A2F0 226816 —-a-w- C:\Windows\System32\dxtrans.dll
2013-03-29 22:08:28 C68FBBF01E86CB6CF0B797748FBD6C1A 357888 —-a-w- C:\Windows\System32\dxtmsft.dll
2013-03-29 22:08:28 C28A634CF127DA67D566B5E14D0A0170 719360 —-a-w- C:\Windows\System32\mshtmlmedia.dll
2013-03-29 22:08:28 9D9AC6CE9A9D951AC40DE91CD6F0A620 1441280 —-a-w- C:\Windows\System32\inetcpl.cpl
2013-03-29 22:08:28 932571EFF79B93F94E84ADF4989A277F 69120 —-a-w- C:\Windows\System32\icardie.dll
2013-03-29 22:08:28 8C3D32A4A46326031309A43C52539D7F 1400416 —-a-w- C:\Windows\System32\ieapfltr.dat
2013-03-29 22:08:28 826D75A36336858B004774792DC4CF4F 33280 —-a-w- C:\Windows\System32\iernonce.dll
2013-03-29 22:08:28 7BC5FB5039537911DF13D8C10D6ADD6D 42496 —-a-w- C:\Windows\System32\ie4uinit.exe
2013-03-29 22:08:28 4A47CAEA8D3B82DE439A79771ECED4B1 361984 —-a-w- C:\Windows\System32\html.iec
2013-03-29 22:08:28 414A3D9AAE072CDEFE0B64C2EBEE18D2 61952 —-a-w- C:\Windows\System32\tdc.ocx
2013-03-29 22:08:28 404FAD93ABFBD86D1AAAB47D5DFA6505 242200 —-a-w- C:\Windows\System32\iedkcs32.dll
2013-03-29 22:08:28 1FF56AC32B38A94C3C88497BD6E00C96 25185 —-a-w- C:\Windows\System32\ieuinit.inf
2013-03-29 22:08:28 1DACF9167B6544536B6E9813EC026703 13761024 —-a-w- C:\Windows\System32\ieframe.dll
2013-03-29 22:08:28 0F44172A5B34E8F208CD0F209EDD4A73 629248 —-a-w- C:\Windows\System32\ieapfltr.dll
2013-03-29 22:08:28 06A2617B25C920887D80E8A79B7E48EA 61440 —-a-w- C:\Windows\System32\iesetup.dll
2013-03-29 22:08:27 F0D4AE074D9BC0741DC6E91C741F2F8C 23040 —-a-w- C:\Windows\System32\licmgr10.dll
2013-03-29 22:08:27 9DF7A7C74D8632CB5EBD37E3A374825E 204800 —-a-w- C:\Windows\System32\webcheck.dll
====== C:\Windows\system32\drivers =====
2013-03-31 11:06:20 629CABB0421668C9D3D402A3C3D77E14 21104 —-a-w- C:\Windows\System32\drivers\mbam.sys
2013-03-13 16:23:40 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 —-a-w- C:\Windows\System32\drivers\usb8023.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-03-31 14:14:31 ——– d—–w- C:\Program Files\Legends of The Wild West Golden Hill - NL
2013-03-31 13:34:45 ——– d—–w- C:\Program Files\trend micro
======= C: =====
2013-03-31 10:45:19 CF4B94F89F6D0EFD09A7A27D78F91BA3 3444 —-a-w- C:\AdwCleaner.txt
====== C:\Users\Elly\AppData\Roaming ======
2013-03-31 11:06:02 ——– d—–w- C:\users\Elly\AppData\Local\Programs
2013-03-31 10:58:39 ——– d—–w- C:\users\Elly\AppData\Roaming\Google
====== C:\Users\Elly ======
====== C: exe-files ==
2013-03-31 14:14:32 4658A2AC7C836A5C9533859783D09188 84405 —-a-w- C:\Program Files\Legends of The Wild West Golden Hill - NL\Uninstal.exe
2013-03-31 13:34:45 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Program Files\trend micro\Elly.exe
2013-03-31 13:33:45 69CA82A7482A00D8EE063D2B97FC4338 781383 —-a-w- C:\Users\Elly\Downloads\RSIT.exe
2013-03-31 11:22:32 789E2E45C6651767DCA56B3445D3EC6F 2347384 —-a-w- C:\Users\Elly\Downloads\esetsmartinstaller_enu.exe
2013-03-31 11:05:20 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 —-a-w- C:\Users\Elly\Downloads\mbam-setup-1.70.0.1100.exe
2013-03-30 15:47:54 0966BAC73C96B7B055A9685FCF7EEE1E 11304288 —-a-w- C:\Users\Elly\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.43\26.0.1410.43_25.0.1364.172_chrome_updater.exe
2013-03-29 22:08:31 84AC80FCD61D389948B8C0E47623B79B 71680 —-a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-03-29 22:08:31 4417377CEDABD9BD161FA7EDEDA175D4 745472 —-a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-03-29 22:08:31 2859EBC065D2E1CCC94161CE28BAC085 770560 —-a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-03-29 22:08:30 87513A002B7B0F9C259F2431DFD008DC 137216 —-a-w- C:\Windows\System32\ieUnatt.exe
2013-03-29 22:08:30 52A7D73D5570F757D865DDECD087FB41 138752 —-a-w- C:\Windows\System32\wextract.exe
2013-03-29 22:08:30 038F76279EC64878A072D988DE13C7B2 150528 —-a-w- C:\Windows\System32\iexpress.exe
2013-03-29 22:08:29 6DF2C6438CFF6EFCBBB88AEE01795501 73728 —-a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-03-29 22:08:29 56E51C26745FF7413514EA4DDF33BC6C 11776 —-a-w- C:\Windows\System32\msfeedssync.exe
2013-03-29 22:08:29 3AB2A38F7EA9E62D176A78FB58761E24 12800 —-a-w- C:\Windows\System32\mshta.exe
2013-03-29 22:08:29 15CCEAC53648FF7C17AE98923BCD3D75 24576 —-a-w- C:\Program Files\Internet Explorer\ExtExport.exe
2013-03-29 22:08:28 F627F4D4223F3F7D104294575E9E6F9D 327680 —-a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
2013-03-29 22:08:28 7BC5FB5039537911DF13D8C10D6ADD6D 42496 —-a-w- C:\Windows\System32\ie4uinit.exe
2013-03-29 22:08:28 5397E32E882C0148CEC13D9EACFB7157 222208 —-a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-03-29 22:08:28 3090B888E263E56744F8BFEF3A36D67D 467456 —-a-w- C:\Program Files\Internet Explorer\ieinstal.exe
=== C: other files ==
2013-03-31 11:06:20 629CABB0421668C9D3D402A3C3D77E14 21104 —-a-w- C:\Windows\System32\drivers\mbam.sys
==== Startup Registry Enabled ======================
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“TomTomHOME.exe”=“C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
“msnmsgr”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background”
“IncrediMail”=“C:\Program Files\IncrediMail\bin\IncMail.exe /c”
“Google Update”=“C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe /c”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“Shockwave Updater”=“C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MAMD; .NET4.0C; BRI/2; InfoPath.2) -http://www.maidmarian.com/Sherwood.htm”
“IAAnotif”=“C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe”
“StartCCC”=“C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun”
“RtHDVCpl”=“C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s”
“Adobe Reader Speed Launcher”=“C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe -atboottime”
“UpdateLBPShortCut”=“C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5”
“MDS_Menu”=“C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\MediaShow4 UpdateWithCreateOnce Software\CyberLink\MediaShow\4.1”
“CLMLServer”=“C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe”
“UpdateP2GoShortCut”=“C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0”
“UpdatePDRShortCut”=“C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerDirector UpdateWithCreateOnce Software\CyberLink\PowerDirector\7.0”
“PDVD9LanguageShortcut”=“C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe”
“UpdatePPShortCut”=“C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\PowerProducer UpdateWithCreateOnce Software\CyberLink\PowerProducer\5.0”
“UCam_Menu”=“C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\3.0”
“YouCam Mirror Tray icon”=“C:\Program Files\CyberLink\YouCam\YouCamTray.exe /s”
“MGSysCtrl”=“C:\Program Files\System Control Manager\MGSysCtrl.exe”
“SunJavaUpdateSched”=“C:\Program Files\Common Files\Java\Java Update\jusched.exe”
“MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”
“CanonMyPrinter”=“C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon”
“CanonSolutionMenuEx”=“C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon”
“SynTPEnh”=“%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe ”
“TomTomHOME.exe”=“C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
“msnmsgr”=“C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background”
“IncrediMail”=“C:\Program Files\IncrediMail\bin\IncMail.exe /c”
“Google Update”=“C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe /c”
“Sidebar”=“C:\Program Files\Windows Sidebar\sidebar.exe /autoRun”
“Shockwave Updater”=“C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MAMD; .NET4.0C; BRI/2; InfoPath.2) -http://www.maidmarian.com/Sherwood.htm”
==== Startup Folders ======================
2013-02-24 13:14:34 2010 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3894212643-3302433368-1863826008-1000Core.job –a—— C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3894212643-3302433368-1863826008-1000UA.job –a—— C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe
==== Chrome Look ======================
Gmail - Elly - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.startpagina.nl/”
“Default_Page_URL”=“http://www.aldi.com”
New Values:
“Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Start Page”=“http://www.startpagina.nl/”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
“DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url=“http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{9998F86F-5A51-43A9-B92B-33C9905BE9DD} Bing Url=“http://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox”
{B6F6ABCE-FBF6-40D3-81EE-5AB8C70BA365} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_nlNL529”
{B893030B-D82C-4C8D-90D6-F733E09DE809} Unknown Url=“Not_Found”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3894212643-3302433368-1863826008-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3894212643-3302433368-1863826008-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3894212643-3302433368-1863826008-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3894212643-3302433368-1863826008-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3894212643-3302433368-1863826008-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B893030B-D82C-4C8D-90D6-F733E09DE809} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
==== HijackThis Entries ======================
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\LabelPrint” UpdateWithCreateOnce “Software\CyberLink\LabelPrint\2.5”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\MediaShow4” UpdateWithCreateOnce “Software\CyberLink\MediaShow\4.1”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\Power2Go” UpdateWithCreateOnce “SOFTWARE\CyberLink\Power2Go\6.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\PowerDirector” UpdateWithCreateOnce “Software\CyberLink\PowerDirector\7.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\PowerProducer” UpdateWithCreateOnce “Software\CyberLink\PowerProducer\5.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe” “C:\Program Files\CyberLink\YouCam” UpdateWithCreateOnce “Software\CyberLink\YouCam\3.0”
O4 - HKLM\..\Run: “C:\Program Files\CyberLink\YouCam\YouCamTray.exe” /s
O4 - HKLM\..\Run: C:\Program Files\System Control Manager\MGSysCtrl.exe
O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKCU\..\Run: “C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe”
O4 - HKCU\..\Run: “C:\Program Files\Windows Live\Messenger\msnmsgr.exe” /background
O4 - HKCU\..\Run: C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: “C:\Users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe” /c
O4 - HKCU\..\Run: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\RunOnce: C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -“Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; MAMD; .NET4.0C; BRI/2; InfoPath.2)” -“http://www.maidmarian.com/Sherwood.htm”
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)
O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL
O9 - Extra button: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
O9 - Extra ‘Tools’ menuitem: eBay.nl - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4 (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
O23 - Service: Micro Star SCM - Micro-Star International Co., Ltd. - C:\Program Files\System Control Manager\MSIService.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elly\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Elly\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Elly\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\users\Elly\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Elly\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
fazantje

05-04-2013 17:17

Hoi Marianne,
Download Combofix hier en plaats het op jou bureaublad.
Schakel nu eerst jou virusscanner uit.
Deze gaat weer aan nadat computer opnieuw is opgestart.
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt
van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
De scan kan, afhankelijk van de besmetting 40 tot wel 100 minuten duren, dus denk niet van hij zit vast.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats in jou volgende bericht het logje van Combofix.
Succes,
Huib;)
marianne40

05-04-2013 17:47

Hieronder de log van Combofix
ComboFix 13-04-04.01 - Elly 05-04-2013 17:32:32.1.2 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3071.2049
Gestart vanuit: c:\users\Elly\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2013-03-05 to 2013-04-05 ))))))))))))))))))))))))))))))
.
.
2013-04-05 15:40 . 2013-04-05 15:40 ——– d—–w- c:\users\Default\AppData\Local\temp
2013-04-05 14:55 . 2013-04-05 14:55 60872 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{164582D5-6CD2-4831-A18F-FAF5CABD222C}\offreg.dll
2013-04-05 14:55 . 2013-04-05 14:55 29904 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{164582D5-6CD2-4831-A18F-FAF5CABD222C}\MpKsle3765f4d.sys
2013-04-05 14:46 . 2013-03-15 07:21 7108640 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{164582D5-6CD2-4831-A18F-FAF5CABD222C}\mpengine.dll
2013-04-05 14:33 . 2013-04-05 15:40 ——– d—–w- c:\users\Elly\AppData\Local\Temp
2013-04-05 14:33 . 2013-04-05 14:21 24064 —-a-w- c:\windows\zoek-delete.exe
2013-04-03 17:11 . 2013-03-15 07:21 7108640 —-a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-31 14:14 . 2013-03-31 14:14 ——– d—–w- c:\program files\Legends of The Wild West Golden Hill - NL
2013-03-31 13:34 . 2013-03-31 13:34 ——– d—–w- C:\rsit
2013-03-31 13:34 . 2013-03-31 13:34 ——– d—–w- c:\program files\trend micro
2013-03-31 11:06 . 2013-03-31 11:06 ——– d—–w- c:\users\Elly\AppData\Roaming\Malwarebytes
2013-03-31 11:06 . 2013-03-31 11:06 ——– d—–w- c:\programdata\Malwarebytes
2013-03-31 11:06 . 2012-12-14 14:49 21104 —-a-w- c:\windows\system32\drivers\mbam.sys
2013-03-31 11:06 . 2013-03-31 11:06 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
2013-03-31 11:06 . 2013-03-31 11:06 ——– d—–w- c:\users\Elly\AppData\Local\Programs
2013-03-21 20:10 . 2012-11-29 12:35 740840 ——w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{584499D3-389A-480B-89A4-DA00CB5B2F26}\gapaengine.dll
2013-03-13 16:23 . 2013-02-12 03:32 15872 —-a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-02 10:33 . 2011-09-15 18:05 237088 ——w- c:\windows\system32\MpSigStub.exe
2013-03-13 12:28 . 2013-02-24 13:14 73432 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-13 12:28 . 2013-02-24 13:14 693976 —-a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-12 04:48 . 2013-03-13 12:20 474112 —-a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 12:20 2176512 —-a-w- c:\windows\apppatch\AcGenral.dll
2013-01-20 14:59 . 2013-01-20 14:59 195296 —-a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 14:59 . 2011-04-27 13:25 100328 —-a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-13 21:17 . 2013-02-28 10:53 9728 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-28 10:53 2560 —ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-28 10:53 10752 —ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-28 10:53 3584 —ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 10:53 4096 —ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 10:53 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 10:53 5632 —ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-28 10:53 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-28 10:53 3072 —ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-28 10:53 1247744 —-a-w- c:\windows\system32\DWrite.dll
2013-01-13 20:30 . 2013-02-28 10:53 906240 —-a-w- c:\windows\system32\FntCache.dll
2013-01-13 20:22 . 2013-02-28 10:53 1988096 —-a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 20:20 . 2013-02-28 10:53 293376 —-a-w- c:\windows\system32\dxgi.dll
2013-01-13 20:09 . 2013-02-28 10:53 249856 —-a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-28 10:53 220160 —-a-w- c:\windows\system32\d3d10core.dll
2013-01-13 20:08 . 2013-02-28 10:53 1504768 —-a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:54 . 2013-02-28 10:53 604160 —-a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:53 . 2013-02-28 10:53 207872 —-a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-28 10:54 187392 —-a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:48 . 2013-02-28 10:53 161792 —-a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:46 . 2013-02-28 10:53 1080832 —-a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:43 . 2013-02-28 10:53 1230336 —-a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:37 . 2013-02-28 10:53 3419136 —-a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-28 10:54 417792 —-a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:34 . 2013-02-28 10:53 364544 —-a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-28 10:53 1158144 —-a-w- c:\windows\system32\XpsPrint.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“TomTomHOME.exe”=“c:\program files\TomTom HOME 2\TomTomHOMERunner.exe”
“IncrediMail”=“c:\program files\IncrediMail\bin\IncMail.exe”
“Sidebar”=“c:\program files\Windows Sidebar\sidebar.exe”
.
“IAAnotif”=“c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe”
“StartCCC”=“c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
“RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe”
“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe”
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe”
“QuickTime Task”=“c:\program files\QuickTime\QTTask.exe”
“UpdateLBPShortCut”=“c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe”
“MDS_Menu”=“c:\program files\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe”
“CLMLServer”=“c:\program files\CyberLink\Power2Go\CLMLSvc.exe”
“UpdateP2GoShortCut”=“c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe”
“UpdatePDRShortCut”=“c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe”
“PDVD9LanguageShortcut”=“c:\program files\CyberLink\PowerDVD9\Language\Language.exe”
“UpdatePPShortCut”=“c:\program files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe”
“UCam_Menu”=“c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe”
“YouCam Mirror Tray icon”=“c:\program files\CyberLink\YouCam\YouCamTray.exe”
“MGSysCtrl”=“c:\program files\System Control Manager\MGSysCtrl.exe”
“SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe”
“MSC”=“c:\program files\Microsoft Security Client\msseces.exe”
“CanonMyPrinter”=“c:\program files\Canon\MyPrinter\BJMyPrt.exe”
“CanonSolutionMenuEx”=“c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
.
“aux”=wdmaud.drv
.
@=“Service”
.
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
S1 MpKsle3765f4d;MpKsle3765f4d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{164582D5-6CD2-4831-A18F-FAF5CABD222C}\MpKsle3765f4d.sys
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE
S2 Micro Star SCM;Micro Star SCM;c:\program files\System Control Manager\MSIService.exe
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe
S3 acpials;ALS-sensorfilter;c:\windows\system32\DRIVERS\acpials.sys
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - MPKSLE3765F4D
.
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Inhoud van de ‘Gedeelde Taken’ map
.
2013-04-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
.
2013-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2013-04-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe
.
2013-04-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894212643-3302433368-1863826008-1000Core.job
- c:\users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe
.
2013-04-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3894212643-3302433368-1863826008-1000UA.job
- c:\users\Elly\AppData\Local\Google\Update\GoogleUpdate.exe
.
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.startpagina.nl/
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/1346-72745-17534-1/4
TCP: DhcpNameServer = 192.168.178.1
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
AddRemove-_{E1A63F75-1F72-4450-980D-434496FFC646} - c:\program files\Corel\Corel Painter Essentials 4\MSILauncher {E1A63F75-1F72-4450-980D-434496FFC646}
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-04-05 17:42:48
ComboFix-quarantined-files.txt 2013-04-05 15:42
.
Pre-Run: 402.069.155.840 bytes beschikbaar
Post-Run: 401.830.424.576 bytes beschikbaar
.
- - End Of File - - BCBA718AD5C35D32B1CB1DE6F6458CE7
fazantje

05-04-2013 20:19

Hoi Marianne,
De logjes zien er goed uit.
Als je zegt dat die computer verder goed draait, laten we het hierbij.
Wel regelmatig Ccleaner laten draaien.
Hierna is ie altijd even iets trager heh vanwege de cookies die dan zijn verwijderd.
De volgende programma's en bijbehorende log bestanden, ook de mappen die te vinden zijn op C:/ mag je verwijderen:
RSIT
Zoek.exe
AdwCleaner via de deinstallatie functie als je het programma opstart.
ComboFix via de onderstaande instructies.
Ga naar Start.
Kopieer en plak: Combofix /Uninstall in de zoekbalk, onder start.
Druk ENTER en daarna op OK.
Als het goed is krijg je dan een melding dat Combofix verwijderd werd.
Groetjes Huib;)
marianne40

05-04-2013 20:51

Zover ik kan zien draait de pc nu goed.
Ik krijg alleen steeds een melding van java auto updater
Uitgever Sun MicroSystemsinc
locatie C:/ProgramFiles/commonfiles/java/javaupdater/jucheck.exe-auto
Ik weet niet of ik deze gewoon kan accepteren.
Groetjes Marianne

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

logjes nakijken

marianne40

marianne40

fazantje

marianne40

fazantje

marianne40

fazantje

marianne40

fazantje

marianne40