logjes RSIT (deel 1)

rietje

02-03-2014 15:38

Hallo,
bij het aanklikken van linken krijg ik reclame ipv de gevraagde pagina. Dit is mijn eerste logje van RSIT
info.txt logfile of random's system information tool 1.09 2014-03-02 15:29:12
======Uninstall list======
–>“C:\Program Files (x86)\InstallShield Installation Information\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}\Setup.exe” /z-uninstall
–>“C:\Program Files (x86)\InstallShield Installation Information\{39F15B50-A977-4CA6-B1C3-6A8724CDA025}\setup.exe” -runfromtemp -l0x0409 -removeonly
–>“C:\Program Files (x86)\InstallShield Installation Information\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\Setup.exe” /z-uninstall
–>“C:\Program Files (x86)\InstallShield Installation Information\{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}\setup.exe” –u:{BB8AE808-F003-4C7F-B56B-8C80EEAFFE23}
–>“C:\Program Files (x86)\InstallShield Installation Information\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\setup.exe” -runfromtemp -l0x0409 -removeonly
1ClickDownloader–>C:\Program Files (x86)\1ClickDownload\uninst.exe
Acer eRecovery Management–>“C:\Program Files (x86)\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe” -runfromtemp -l0x413 -removeonly
Acer Registration–>C:\Program Files (x86)\Acer\Registration\Uninstall.exe
Acer ScreenSaver–>C:\Program Files (x86)\Acer\Screensaver\Uninstall.exe
ActiveX контрола на Windows Live Mesh за отдалечени връзки–>MsiExec.exe /I{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh–>MsiExec.exe /I{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}
Adobe Flash Player 12 ActiveX–>C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe -maintain activex
Adobe Flash Player 12 Plugin–>C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_70_Plugin.exe -maintain plugin
Adobe Reader X (10.1.9) MUI–>MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
Adobe Shockwave Player 11.6–>“C:\Windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe”
Catalyst Control Center - Branding–>MsiExec.exe /I{1895E5C2-A9F8-4757-AD7B-0E9EA8BA1C46}
clear.fi Client–>“C:\Program Files (x86)\InstallShield Installation Information\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}\setup.exe” -runfromtemp -l0x0009 -removeonly
clear.fi–>“C:\Program Files (x86)\InstallShield Installation Information\{14C4C3B6-F1F4-401F-8C86-03E8E19AAC8C}\Setup.exe” /z-uninstall
clear.fi–>“C:\Program Files (x86)\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe” /z-uninstall
clear.fi–>“C:\Program Files (x86)\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe” /z-uninstall
clear.fi–>“C:\Program Files (x86)\InstallShield Installation Information\{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}\Setup.exe” /z-uninstall
Contents–>MsiExec.exe /I{D7D99A66-493F-468B-BCE1-6F88612B89D5}
Control ActiveX de Windows Live Mesh para conexiones remotas–>MsiExec.exe /I{04668DF2-D32F-4555-9C7E-35523DCD6544}
Control ActiveX del Windows Live Mesh per a connexions remotes–>MsiExec.exe /I{76C064E2-BB99-4453-8FDA-42BC01AD0734}
Control ActiveX Windows Live Mesh pentru conexiuni la distanță–>MsiExec.exe /I{260E3D78-94E6-47EC-8E29-46301572BB1E}
Controle ActiveX do Windows Live Mesh para Conexões Remotas–>MsiExec.exe /I{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}
Contrôle ActiveX Windows Live Mesh pour connexions à distance–>MsiExec.exe /I{55D003F4-9599-44BF-BA9E-95D060730DD3}
Corel PaintShop Photo Pro X3–>c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\Setup\{D1AEB5DB-04FA-489D-94EF-8600898B93EE}\SetupARP.exe /arp
Corel PaintShop Photo Pro X3–>MsiExec.exe /I{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}
DAEMON Tools Lite–>C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe
DAEMON Tools Toolbar–>C:\Program Files (x86)\DAEMON Tools Toolbar\uninst.exe
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{81FB7C60-565A-4869-9D90-3BE1D270E8B7}” “1043” “0”
DeviceIO–>MsiExec.exe /I{D3BCC13A-E4F2-45EE-846F-D143CEDDDBCB}
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych–>MsiExec.exe /I{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}
Galeria de Fotografias do Windows Live–>MsiExec.exe /X{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}
Galeria fotogràfica del Windows Live–>MsiExec.exe /X{4736B0ED-F6A1-48EC-A1B7-C053027648F1}
Galeria fotografii usługi Windows Live–>MsiExec.exe /X{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}
Galerie de photos Windows Live–>MsiExec.exe /X{488F0347-C4A7-4374-91A7-30818BEDA710}
Galerie foto Windows Live–>MsiExec.exe /X{CB66242D-12B1-4494-82D2-6F53A7E024A3}
Google Chrome–>“C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\setup.exe” –uninstall –multi-install –chrome –system-level
Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hewlett-Packard ACLM.NET v1.1.0.0–>MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
Hotkey Utility–>C:\Program Files (x86)\Acer\Hotkey Utility\Uninstall.exe
HP Product Detection–>MsiExec.exe /I{A436F67F-687E-4736-BD2B-537121A804CF}
HP Update–>MsiExec.exe /X{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}
HPDiagnosticAlert–>MsiExec.exe /I{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
ICA–>MsiExec.exe /I{D1AEB5DB-04FA-489D-94EF-8600898B93EE}
Identity Card–>C:\Program Files (x86)\Acer\Identity Card\Uninstall.exe
IPM_PSP_Pro–>MsiExec.exe /I{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}
Junk Mail filter update–>MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
Kontrola Windows Live Mesh ActiveX za daljinske veze–>MsiExec.exe /I{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave–>MsiExec.exe /I{CA227A9D-09BE-4BFB-9764-48FED2DA5454}
Malwarebytes Anti-Malware versie 1.75.0.1300–>“C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe”
Mesh Runtime–>MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}
Microsoft Office 2010–>MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE}
Microsoft Office Access MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}
Microsoft Office Groove MUI (Dutch) 2010–>MsiExec.exe /X{90140000-00BA-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0044-0413-0000-0000000FF1CE}
Microsoft Office Klik-en-Klaar 2010–>“C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE” /removeall
Microsoft Office OneNote MUI (Dutch) 2010–>MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2010–>MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}
Microsoft Office Professional Plus 2010–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe” /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2010–>MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2010–>MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2010–>MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2010–>MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2010–>MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2010–>MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2010–>MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}
Microsoft Office Starter 2010 - Nederlands–>C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2010–>MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}
Microsoft PowerPoint Viewer–>MsiExec.exe /X{95140000-00AF-0413-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161–>MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
MLE–>MsiExec.exe /I{D84B7C7E-2E4D-4002-8CA8-EED4EDB333AC}
Mozilla Firefox 15.0.1 (x86 nl)–>C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service–>“C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe”
MSVCRT_amd64–>MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}
MSVCRT–>MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MyWinLocker 4–>MsiExec.exe /X{39F15B50-A977-4CA6-B1C3-6A8724CDA025}
MyWinLocker Suite–>“C:\Program Files (x86)\InstallShield Installation Information\{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}\setup.exe” -runfromtemp -l0x0413 -removeonly
MyWinLocker Suite–>MsiExec.exe /X{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}
Nero Control Center 10–>MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
Nero ControlCenter 10 Help (CHM)–>MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
Nero Core Components 10–>MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
Nero DiscSpeed 10 Help (CHM)–>MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
Nero DiscSpeed 10–>MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
Nero Express 10 Help (CHM)–>MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
Nero Express 10–>MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
Nero Multimedia Suite 10 Essentials–>MsiExec.exe /I{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}
Nero Update–>MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení–>MsiExec.exe /I{B6190387-0036-4BEB-8D74-A0AFC5F14706}
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia–>MsiExec.exe /I{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}
Poczta usługi Windows Live–>MsiExec.exe /I{64376910-1860-4CEF-8B34-AA5D205FC5F1}
Podstawowe programy Windows Live–>MsiExec.exe /I{7A9D47BA-6D50-4087-866F-0800D8B89383}
Pošta Windows Live–>MsiExec.exe /I{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}
PSPH10Pro–>MsiExec.exe /I{DA4A2F61-1E26-4D51-94BB-36D77678BDAD}
PSPPRO_DCRAW–>MsiExec.exe /I{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}
PureHD–>MsiExec.exe /I{D875FFEE-2FCE-4774-902A-749198C00A68}
QuickTime–>MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Rapidshare Auto Downloader 4.1–>MsiExec.exe /I{B0B46A1F-EC96-44A4-A9FB-62FE33BAF7DE}
Realtek Ethernet Controller Driver–>C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)–>C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {BD0F9F7E-62B2-3971-9E2E-B87B832CE89D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)–>C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {513BC47F-0560-33C2-A029-C5387642233A}
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{DC8EDDCF-2031-4C8D-916C-64058A3ACA95}” “1043” “0”
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-006E-0413-0000-0000000FF1CE}” “{63EF0C85-5B63-410F-ACE4-C1D4E6769E7A}” “1043” “0”
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{4D6FE7B6-559F-4DAC-92CF-A01C24046AEB}” “1043” “0”
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-0413-0000-0000000FF1CE}” “{9A854864-23D5-4FD5-8357-F4602A2A7CC4}” “1043” “0”
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{EC2CA755-17D8-4392-A91E-FD4D2DD31072}” “1043” “0”
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{0241FB40-015F-42AC-A711-1AE59E346B51}” “1043” “0”
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{7AC3F78E-ECA0-45F4-A9CC-3E885DA23662}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0015-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0016-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0018-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0019-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001A-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001B-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-0407-0000-0000000FF1CE}” “{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-0409-0000-0000000FF1CE}” “{09A9DF49-DA06-4093-A2FD-F339211E39EA}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-040C-0000-0000000FF1CE}” “{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-0413-0000-0000000FF1CE}” “{2C2D6CA0-1F04-4551-A82A-E0800CD616FA}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0000-1000-0000000FF1CE}” “{E4D76E88-C65F-4003-9C71-EC4306679D17}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0413-1000-0000000FF1CE}” “{8218F3D1-A3CE-483C-819B-855338E4397C}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002C-0413-0000-0000000FF1CE}” “{0B17C286-F7CC-4605-80D0-B465D5A44152}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0044-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-006E-0413-0000-0000000FF1CE}” “{07466203-7D4B-49A0-85BC-85CCC297AD9E}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-00A1-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-00BA-0413-0000-0000000FF1CE}” “{1EF831B5-7C57-4E6E-AC68-2FC4C32E9B77}” “1043” “0”
Setup–>MsiExec.exe /I{D1612A3D-0DCC-4055-BB6A-0036F31158A0}
Share–>MsiExec.exe /I{D94ABC2B-5CA9-48B2-9266-15AB78384D3C}
Shredder–>MsiExec.exe /I{C2695E83-CF1D-43D1-84FE-B3BEC561012A}
Skype™ 6.14–>MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
swMSM–>MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}” “1043” “0”
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}” “1043” “0”
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0000-1000-0000000FF1CE}” “{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}” “1043” “0”
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}” “1043” “0”
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{39767ECA-1731-45DB-AB5B-6BF40E151D66}” “1043” “0”
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}” “1043” “0”
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}” “1043” “0”
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0000-1000-0000000FF1CE}” “{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}” “1043” “0”
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{287A1E92-9E41-4BC1-8920-B3D0E9220800}” “1043” “0”
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{9D69691D-823D-4C3E-9B12-563A3F520366}” “1043” “0”
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}” “1043” “0”
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0000-1000-0000000FF1CE}” “{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}” “1043” “0”
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{35698CB7-AAA2-4577-B505-DBFF504AEF23}” “1043” “0”
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{5AA578BB-759C-40FD-9661-A737C0884541}” “1043” “0”
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{BA610006-2C39-4419-9834-CF61AB24810A}” “1043” “0”
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{E21274CE-CA0C-49FA-93F4-DC292A052264}” “1043” “0”
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-0407-0000-0000000FF1CE}” “{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}” “1043” “0”
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-0409-0000-0000000FF1CE}” “{B5C70C99-B109-42FD-B219-FF12CA543F19}” “1043” “0”
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001F-040C-0000-0000000FF1CE}” “{82F87E28-B18E-46D6-A399-E2F19CF5949B}” “1043” “0”
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{51CCA922-A0CC-47C4-8910-6936D97CAC2E}” “1043” “0”
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0000-1000-0000000FF1CE}” “{51CCA922-A0CC-47C4-8910-6936D97CAC2E}” “1043” “0”
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{2AB483F1-C86E-427A-83B4-23889B03512D}” “1043” “0”
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-001A-0413-0000-0000000FF1CE}” “{2CDD05C4-26E6-4125-8499-EB6D800614EE}” “1043” “0”
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0018-0413-0000-0000000FF1CE}” “{01C54C3F-EF56-4753-A0EC-6B3938822923}” “1043” “0”
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}” “1043” “0”
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{F9F5A080-AF38-4966-9A6B-C43DCA465035}” “1043” “0”
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-002A-0000-1000-0000000FF1CE}” “{F9F5A080-AF38-4966-9A6B-C43DCA465035}” “1043” “0”
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{8C55AA83-54C2-4236-A622-78440A411DC5}” “1043” “0”
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition–>“C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe” /removereleaseinpatch “{90140000-0011-0000-0000-0000000FF1CE}” “{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}” “1043” “0”
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola–>MsiExec.exe /I{7BA6DF02-B094-45D7-A3C9-BE3684253922}
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi–>MsiExec.exe /I{241E7104-937A-4366-AD57-8FDDDB003939}
VIO–>MsiExec.exe /I{D9C4FA35-7C6B-4C9E-863B-58C4D7472F41}
Visual Studio 2012 x86 Redistributables–>MsiExec.exe /I{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}
Welcome Center–>C:\Program Files (x86)\Acer\Welcome Center\Uninstall.exe
Windows Live Argazki Galeria–>MsiExec.exe /X{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}
Windows Live Communications Platform–>MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}
Windows Live Essentials–>C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials–>MsiExec.exe /I{06B05153-97E4-427E-B1A8-E098F6C5E52F}
Windows Live Essentials–>MsiExec.exe /I{17835B63-8308-427F-8CF5-D76E0D5FE457}
Windows Live Essentials–>MsiExec.exe /I{17F99FCE-8F03-4439-860A-25C5A5434E18}
Windows Live Essentials–>MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}
Windows Live Essentials–>MsiExec.exe /I{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}
Windows Live Essentials–>MsiExec.exe /I{410DF0AA-882D-450D-9E1B-F5397ACFFA80}
Windows Live Essentials–>MsiExec.exe /I{43B43577-2514-4CE0-B14A-7E85C17C0453}
Windows Live Essentials–>MsiExec.exe /I{4A04DB63-8F81-4EF4-9D09-61A2057EF419}
Windows Live Essentials–>MsiExec.exe /I{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}
Windows Live Essentials–>MsiExec.exe /I{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}
Windows Live Essentials–>MsiExec.exe /I{7D99B933-E29C-4599-92F0-DAED2AF041E3}
Windows Live Essentials–>MsiExec.exe /I{827D3E4A-0186-48B7-9801-7D1E9DD40C07}
Windows Live Essentials–>MsiExec.exe /I{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}
Windows Live Essentials–>MsiExec.exe /I{ABD534B7-E951-470E-92C2-CD5AF1735726}
Windows Live Essentials–>MsiExec.exe /I{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}
Windows Live Essentials–>MsiExec.exe /I{B618C3BF-5142-4630-81DD-F96864F97C7E}
Windows Live Essentials–>MsiExec.exe /I{C01FCACE-CC3D-49A2-ADC2-583A49857C58}
Windows Live Fotogaléria–>MsiExec.exe /X{97F77D62-5110-4FA3-A2D3-410B92D31199}
Windows Live Fotogalerie–>MsiExec.exe /X{B113D18C-67B0-4FB7-B329-E89B66194AE6}
Windows Live Fotogalleri–>MsiExec.exe /X{5C2F5C1B-9732-4F81-8FBF-6711627DC508}
Windows Live Fotoğraf Galerisi–>MsiExec.exe /X{BD695C2F-3EA0-4DA4-92D5-154072468721}
Windows Live Fotótár–>MsiExec.exe /X{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}
Windows Live Installer–>MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}
Windows Live Mail–>MsiExec.exe /I{0D261C88-454B-46FE-B43B-640E621BDA11}
Windows Live Mail–>MsiExec.exe /I{10186F1A-6A14-43DF-A404-F0105D09BB07}
Windows Live Mail–>MsiExec.exe /I{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}
Windows Live Mail–>MsiExec.exe /I{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}
Windows Live Mail–>MsiExec.exe /I{48F597DD-D397-4CFA-91A0-4C033A0113BD}
Windows Live Mail–>MsiExec.exe /I{63CF7D0C-B6E7-4EE9-8253-816B613CC437}
Windows Live Mail–>MsiExec.exe /I{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}
Windows Live Mail–>MsiExec.exe /I{82803FF3-563F-414F-A403-8D4C167D4120}
Windows Live Mail–>MsiExec.exe /I{924B4D82-1B97-48EB-8F1E-55C4353C22DB}
Windows Live Mail–>MsiExec.exe /I{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}
Windows Live Mail–>MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}
Windows Live Mail–>MsiExec.exe /I{9DA3F03B-2CEE-4344-838E-117861E61FAF}
Windows Live Mail–>MsiExec.exe /I{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
Windows Live Mail–>MsiExec.exe /I{A0B91308-6666-4249-8FF6-1E11AFD75FE1}
Windows Live Mail–>MsiExec.exe /I{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}
Windows Live Mail–>MsiExec.exe /I{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}
Windows Live Mail–>MsiExec.exe /I{B1239994-A850-44E2-BED8-E70A21124E16}
Windows Live Mail–>MsiExec.exe /I{C454280F-3C3E-4929-B60E-9E6CED5717E7}
Windows Live Mail–>MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}
Windows Live Mail–>MsiExec.exe /I{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}
Windows Live Mail–>MsiExec.exe /I{D07B1FDA-876B-4914-9E9A-309732B6D44F}
Windows Live Mail–>MsiExec.exe /I{D31169F2-CD71-4337-B783-3E53F29F4CAD}
Windows Live Mail–>MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}
Windows Live Mail–>MsiExec.exe /I{DBAA2B17-D596-4195-A169-BA2166B0D69B}
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen–>MsiExec.exe /I{C32CE55C-12BA-4951-8797-0967FDEF556F}
Windows Live Mesh ActiveX Control for Remote Connections–>MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}
Windows Live Mesh ActiveX control for remote connections–>MsiExec.exe /I{C5398A89-516C-4DAF-BA07-EE7949090E56}
Windows Live Mesh ActiveX Control for Remote Connections–>MsiExec.exe /I{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger–>MsiExec.exe /I{09B7C7EB-3140-4B5E-842F-9C79A7137139}
Windows Live Mesh ActiveX-objekt til fjernforbindelser–>MsiExec.exe /I{57220148-3B2B-412A-A2E0-82B9DF423696}
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz–>MsiExec.exe /I{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}
Windows Live Mesh–>MsiExec.exe /I{00884F14-05BD-4D8E-90E5-1ABF78948CA4}
Windows Live Mesh–>MsiExec.exe /I{039480EE-6933-4845-88B8-77FD0C3D059D}
Windows Live Mesh–>MsiExec.exe /I{110668B7-54C6-47C9-BAC4-1CE77F156AF5}
Windows Live Mesh–>MsiExec.exe /I{11417707-1F72-4279-95A3-01E0B898BBF5}
Windows Live Mesh–>MsiExec.exe /I{2C865FB0-051E-4D22-AC62-428E035AEAF0}
Windows Live Mesh–>MsiExec.exe /I{2D3E034E-F76B-410A-A169-55755D2637BB}
Windows Live Mesh–>MsiExec.exe /I{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}
Windows Live Mesh–>MsiExec.exe /I{3F4143A1-9C21-4011-8679-3BC1014C6886}
Windows Live Mesh–>MsiExec.exe /I{46872828-6453-4138-BE1C-CE35FBF67978}
Windows Live Mesh–>MsiExec.exe /I{5CF5B1A5-CBC3-42F0-8533-5A5090665862}
Windows Live Mesh–>MsiExec.exe /I{625D45F0-5DCB-48BF-8770-C240A84DAAEB}
Windows Live Mesh–>MsiExec.exe /I{644063FA-ABA3-42AC-A8AC-3EDC0706018B}
Windows Live Mesh–>MsiExec.exe /I{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}
Windows Live Mesh–>MsiExec.exe /I{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}
Windows Live Mesh–>MsiExec.exe /I{7496FD31-E5CB-4AE4-82D3-31099558BF6A}
Windows Live Mesh–>MsiExec.exe /I{78DAE910-CA72-450E-AD22-772CB1A00678}
Windows Live Mesh–>MsiExec.exe /I{80E8C65A-8F70-4585-88A2-ABC54BABD576}
Windows Live Mesh–>MsiExec.exe /I{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
Windows Live Mesh–>MsiExec.exe /I{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}
Windows Live Mesh–>MsiExec.exe /I{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}
Windows Live Mesh–>MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}
Windows Live Mesh–>MsiExec.exe /I{AB0B2113-5B96-4B95-8AD1-44613384911F}
Windows Live Mesh–>MsiExec.exe /I{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}
Windows Live Mesh–>MsiExec.exe /I{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}
Windows Live Mesh–>MsiExec.exe /I{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}
Windows Live Mesh–>MsiExec.exe /I{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}
Windows Live Mesh–>MsiExec.exe /I{C08D5964-C42F-48EE-A893-2396F9562A7C}
Windows Live Mesh–>MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}
Windows Live Meshin etäyhteyksien ActiveX-komponentti–>MsiExec.exe /I{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}
Windows Live Messenger–>MsiExec.exe /X{062E4D94-8306-46D5-81B6-45E6AD09C799}
Windows Live Messenger–>MsiExec.exe /X{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}
Windows Live Messenger–>MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}
Windows Live Messenger–>MsiExec.exe /X{2F54E453-8C93-4B3B-936A-233C909E6CAC}
Windows Live Messenger–>MsiExec.exe /X{443B561F-DE1B-4DEF-ADD9-484B684653C7}
Windows Live Messenger–>MsiExec.exe /X{48294D95-EE9A-4377-8213-44FC4265FB27}
Windows Live Messenger–>MsiExec.exe /X{4B744C85-DBB1-4038-B989-4721EB22C582}
Windows Live Messenger–>MsiExec.exe /X{542DA303-FB91-4731-9F37-6E518368D3B9}
Windows Live Messenger–>MsiExec.exe /X{6A67578E-095B-4661-88F7-0B199CEC3371}
Windows Live Messenger–>MsiExec.exe /X{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}
Windows Live Messenger–>MsiExec.exe /X{76454862-992F-4A12-9D61-76E52A1C6922}
Windows Live Messenger–>MsiExec.exe /X{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}
Windows Live Messenger–>MsiExec.exe /X{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}
Windows Live Messenger–>MsiExec.exe /X{8FF3891F-01B5-4A71-BFCD-20761890471C}
Windows Live Messenger–>MsiExec.exe /X{A3389C72-1782-4BB4-BBAA-33345DE52E3F}
Windows Live Messenger–>MsiExec.exe /X{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}
Windows Live Messenger–>MsiExec.exe /X{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
Windows Live Messenger–>MsiExec.exe /X{B2E90616-C50D-4B89-A40D-92377AC669E5}
Windows Live Messenger–>MsiExec.exe /X{BAEE89D5-6E87-4F89-9603-A1C100479181}
Windows Live Messenger–>MsiExec.exe /X{BD0C3887-64E6-41D8-9A38-BC6F34369352}
Windows Live Messenger–>MsiExec.exe /X{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}
Windows Live Messenger–>MsiExec.exe /X{C95A5A77-622F-45CA-9540-84468FCB18B1}
Windows Live Messenger–>MsiExec.exe /X{C9E1343D-E21E-4508-A1BE-04A089EC137D}
Windows Live Messenger–>MsiExec.exe /X{CBFD061C-4B27-4A89-ADD8-210316EEFA11}
Windows Live Movie Maker–>MsiExec.exe /X{133D9D67-D475-4407-AC3C-D558087B2453}
Windows Live Movie Maker–>MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}
Windows Live Movie Maker–>MsiExec.exe /X{226F0D93-76DE-4F1C-B14D-DE10443ADB60}
Windows Live Movie Maker–>MsiExec.exe /X{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}
Windows Live Movie Maker–>MsiExec.exe /X{60C3C026-DB53-4DAB-8B97-7C1241F9A847}
Windows Live Movie Maker–>MsiExec.exe /X{640798A0-A4FB-4C52-AC72-755134767F1E}
Windows Live Movie Maker–>MsiExec.exe /X{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}
Windows Live Movie Maker–>MsiExec.exe /X{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}
Windows Live Movie Maker–>MsiExec.exe /X{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
Windows Live Movie Maker–>MsiExec.exe /X{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}
Windows Live Movie Maker–>MsiExec.exe /X{71527C7C-5289-4CB2-88C9-23344C0FF6C1}
Windows Live Movie Maker–>MsiExec.exe /X{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}
Windows Live Movie Maker–>MsiExec.exe /X{7465A996-0FCA-4D2D-A52C-F833B0829B5B}
Windows Live Movie Maker–>MsiExec.exe /X{7AF8E500-B349-4A77-8265-9854E9A47925}
Windows Live Movie Maker–>MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}
Windows Live Movie Maker–>MsiExec.exe /X{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}
Windows Live Movie Maker–>MsiExec.exe /X{A101F637-2E56-42C0-8E08-F1E9086BFAF3}
Windows Live Movie Maker–>MsiExec.exe /X{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}
Windows Live Movie Maker–>MsiExec.exe /X{BF022D76-9F72-4203-B8FA-6522DC66DFDA}
Windows Live Movie Maker–>MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}
Windows Live Movie Maker–>MsiExec.exe /X{CD442136-9115-4236-9C14-278F6A9DCB3F}
Windows Live Movie Maker–>MsiExec.exe /X{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}
Windows Live Movie Maker–>MsiExec.exe /X{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}
Windows Live Movie Maker–>MsiExec.exe /X{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}
Windows Live Photo Common–>MsiExec.exe /X{0654EA5D-308A-4196-882B-5C09744A5D81}
Windows Live Photo Common–>MsiExec.exe /X{073F306D-9851-4969-B828-7B6444D07D55}
Windows Live Photo Common–>MsiExec.exe /X{120C160F-F53D-4A15-A873-E79BF5B98B48}
Windows Live Photo Common–>MsiExec.exe /X{168E7302-890A-4138-9109-A225ACAF7AD1}
Windows Live Photo Common–>MsiExec.exe /X{28B9D2D8-4304-483F-AD71-51890A063A74}
Windows Live Photo Common–>MsiExec.exe /X{29373E24-AC72-424E-8F2A-FB0F9436F21F}
Windows Live Photo Common–>MsiExec.exe /X{370F888E-42A7-4911-9E34-7D74632E17EB}
Windows Live Photo Common–>MsiExec.exe /X{4D83F339-5A5C-4B21-8FD3-5D407B981E72}
Windows Live Photo Common–>MsiExec.exe /X{6B556C37-8919-4991-AC34-93D018B9EA49}
Windows Live Photo Common–>MsiExec.exe /X{6F37D92B-41AA-44B7-80D2-457ABDE11896}
Windows Live Photo Common–>MsiExec.exe /X{73FC3510-6421-40F7-9503-EDAE4D0CF70D}
Windows Live Photo Common–>MsiExec.exe /X{78906B56-0E81-42A7-AC25-F54C946E1538}
Windows Live Photo Common–>MsiExec.exe /X{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}
Windows Live Photo Common–>MsiExec.exe /X{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}
Windows Live Photo Common–>MsiExec.exe /X{7D0DE76C-874E-4BDE-A204-F4240160693E}
Windows Live Photo Common–>MsiExec.exe /X{84267681-BF16-40B6-9564-27BC57D7D71C}
Windows Live Photo Common–>MsiExec.exe /X{85373DA7-834E-4850-8AF5-1D99F7526857}
Windows Live Photo Common–>MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}
Windows Live Photo Common–>MsiExec.exe /X{A41A708E-3BE6-4561-855D-44027C1CF0F8}
Windows Live Photo Common–>MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
Windows Live Photo Common–>MsiExec.exe /X{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}
Windows Live Photo Common–>MsiExec.exe /X{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}
Windows Live Photo Common–>MsiExec.exe /X{B33B61FE-701F-425F-98AB-2B85725CBF68}
Windows Live Photo Common–>MsiExec.exe /X{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}
Windows Live Photo Common–>MsiExec.exe /X{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}
Windows Live Photo Common–>MsiExec.exe /X{C893D8C0-1BA0-4517-B11C-E89B65E72F70}
Windows Live Photo Common–>MsiExec.exe /X{CD7CB1E6-267A-408F-877D-B532AD2C882E}
Windows Live Photo Common–>MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}
Windows Live Photo Gallery–>MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}
Windows Live Photo Gallery–>MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}
Windows Live Photo Gallery–>MsiExec.exe /X{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}
Windows Live Photo Gallery–>MsiExec.exe /X{861B1145-7762-4794-B40C-3FF0A389DFE6}
Windows Live Photo Gallery–>MsiExec.exe /X{885F1BCD-C344-4758-85BD-09640CF449A5}
Windows Live Photo Gallery–>MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}
Windows Live Photo Gallery–>MsiExec.exe /X{CF671BFE-6BA3-44E7-98C1-500D9C51D947}
Windows Live PIMT Platform–>MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}
Windows Live SOXE Definitions–>MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}
Windows Live SOXE–>MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}
Windows Live Temel Parçalar–>MsiExec.exe /I{1203DC60-D9BD-44F9-B372-2B8F227E6094}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{05E379CC-F626-4E7D-8354-463865B303BF}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{09922FFE-D153-44AE-8B60-EA3CB8088F93}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{0C1931EB-8339-4837-8BEC-75029BF42734}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{128133D3-037A-4C62-B1B7-55666A10587A}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{20381A8A-808E-4A53-B6CD-AD2B85E16365}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{24DF33E0-F924-4D0D-9B96-11F28F0D602D}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{37B33B16-2535-49E7-8990-32668708A0A3}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{40BFD84C-64CD-42CC-9909-8734C50429C6}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{4C378B16-46B7-4DA1-A2CE-2EE676F74680}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{4D141929-141B-4605-95D6-2B8650C1C6DA}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{506FC723-8E6C-4417-9CFF-351F99130425}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{523DF2BB-3A85-4047-9898-29DC8AEB7E69}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{5495E9A4-501A-4D4C-87C9-E80916CA9478}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{5E627606-53B9-42D1-97E1-D03F6229E248}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{7327080F-6673-421F-BBD9-B618F357EEB3}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{77477AEA-5757-47D8-8B33-939F43D82218}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{8CF5D47D-27B7-49D6-A14F-10550B92749D}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{D299197D-CDEA-41A6-A363-F532DE4114FD}
Windows Live UX Platform Language Pack–>MsiExec.exe /I{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}
Windows Live UX Platform–>MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
Windows Live Writer Resources–>MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}
Windows Live Writer Resources–>MsiExec.exe /X{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}
Windows Live Writer Resources–>MsiExec.exe /X{2511AAD7-82DF-4B97-B0B3-E1B933317010}
Windows Live Writer Resources–>MsiExec.exe /X{26E3C07C-7FF7-4362-9E99-9E49E383CF16}
Windows Live Writer Resources–>MsiExec.exe /X{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}
Windows Live Writer Resources–>MsiExec.exe /X{3125D9DE-8D7A-4987-95F3-8A42389833D8}
Windows Live Writer Resources–>MsiExec.exe /X{458F399F-62AC-4747-99F5-499BBF073D29}
Windows Live Writer Resources–>MsiExec.exe /X{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}
Windows Live Writer Resources–>MsiExec.exe /X{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}
Windows Live Writer Resources–>MsiExec.exe /X{5D2E7BD7-4B6F-4086-BA8A-E88484750624}
Windows Live Writer Resources–>MsiExec.exe /X{62687B11-58B5-4A18-9BC3-9DF4CE03F194}
Windows Live Writer Resources–>MsiExec.exe /X{6807427D-8D68-4D30-AF5B-0B38F8F948C8}
Windows Live Writer Resources–>MsiExec.exe /X{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}
Windows Live Writer Resources–>MsiExec.exe /X{734104DE-C2BF-412F-BB97-FCCE1EC94229}
Windows Live Writer Resources–>MsiExec.exe /X{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}
Windows Live Writer Resources–>MsiExec.exe /X{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}
Windows Live Writer Resources–>MsiExec.exe /X{7E90B133-FF47-48BB-91B8-36FC5A548FE9}
Windows Live Writer Resources–>MsiExec.exe /X{7FF11E53-C002-4F40-8D68-6BE751E5DD62}
Windows Live Writer Resources–>MsiExec.exe /X{8E285C75-9BE2-4349-972B-DECDDF472656}
Windows Live Writer Resources–>MsiExec.exe /X{93E464B3-D075-4989-87FD-A828B5C308B1}
Windows Live Writer Resources–>MsiExec.exe /X{AB78C965-5C67-409B-8433-D7B5BDB12073}
Windows Live Writer Resources–>MsiExec.exe /X{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}
Windows Live Writer Resources–>MsiExec.exe /X{C29FC15D-E84B-4EEC-8505-4DED94414C59}
Windows Live Writer Resources–>MsiExec.exe /X{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}
Windows Live Writer Resources–>MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}
Windows Live Writer Resources–>MsiExec.exe /X{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}
Windows Live Writer–>MsiExec.exe /X{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}
Windows Live Writer–>MsiExec.exe /X{11778DA1-0495-4ED9-972F-F9E0B0367CD5}
Windows Live Writer–>MsiExec.exe /X{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}
Windows Live Writer–>MsiExec.exe /X{1A82AE99-84D3-486D-BAD6-675982603E14}
Windows Live Writer–>MsiExec.exe /X{1D6C2068-807F-4B76-A0C2-62ED05656593}
Windows Live Writer–>MsiExec.exe /X{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}
Windows Live Writer–>MsiExec.exe /X{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}
Windows Live Writer–>MsiExec.exe /X{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}
Windows Live Writer–>MsiExec.exe /X{3B9A92DA-6374-4872-B646-253F18624D5F}
Windows Live Writer–>MsiExec.exe /X{4264C020-850B-4F08-ACBE-98205D9C336C}
Windows Live Writer–>MsiExec.exe /X{48C0DC5E-820A-44F2-890E-29B68EDD3C78}
Windows Live Writer–>MsiExec.exe /X{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}
Windows Live Writer–>MsiExec.exe /X{4D7BAC8A-51B8-4243-8567-1415C4272D13}
Windows Live Writer–>MsiExec.exe /X{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}
Windows Live Writer–>MsiExec.exe /X{69C9C672-400A-43A0-B2DE-9DB38C371282}
Windows Live Writer–>MsiExec.exe /X{71A81378-79D5-40CC-9BDC-380642D1A87F}
Windows Live Writer–>MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}
Windows Live Writer–>MsiExec.exe /X{804DE397-F82C-4867-9085-E0AA539A3294}
Windows Live Writer–>MsiExec.exe /X{859D4022-B76D-40DE-96EF-C90CDA263F44}
Windows Live Writer–>MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}
Windows Live Writer–>MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
Windows Live Writer–>MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}
Windows Live Writer–>MsiExec.exe /X{B3BE54A4-8DFE-4593-8E66-56AB7133B812}
Windows Live Writer–>MsiExec.exe /X{C1C9D199-B4DD-4895-92DD-9A726A2FE341}
Windows Live Writer–>MsiExec.exe /X{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}
Windows Live Writer–>MsiExec.exe /X{DA29F644-2420-4448-8128-1331BE588999}
Windows Live Writer–>MsiExec.exe /X{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}
Windows Live Writer–>MsiExec.exe /X{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}
Windows Live–>MsiExec.exe /I{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
Windows Liven asennustyökalu–>MsiExec.exe /I{8909CFA8-97BF-4077-AC0F-6925243FFE08}
Windows Liven sähköposti–>MsiExec.exe /I{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}
Windows Liven valokuvavalikoima–>MsiExec.exe /X{1A72337E-D126-4BAF-AC89-E6122DB71866}
Windows Media Encoder 9 Series–>msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Συλλογή φωτογραφιών του Windows Live–>MsiExec.exe /X{C00C2A91-6CB3-483F-80B3-2958E29468F1}
Почта Windows Live–>MsiExec.exe /I{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}
Фотоальбом Windows Live–>MsiExec.exe /X{77F69CA1-E53D-4D77-8BA3-FA07606CC851}
Фотогалерия на Windows Live–>MsiExec.exe /X{4444F27C-B1A8-464E-9486-4C37BAB39A09}
Элемент управления Windows Live Mesh ActiveX для удаленных подключений–>MsiExec.exe /I{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}
גלריית התמונות של Windows Live–>MsiExec.exe /X{CE929F09-3853-4180-BD90-30764BFF7136}
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים–>MsiExec.exe /I{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}
بريد Windows Live–>MsiExec.exe /I{0A4C4B29-5A9D-4910-A13C-B920D5758744}
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)–>MsiExec.exe /I{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}
適用遠端連線的 Windows Live Mesh ActiveX 控制項–>MsiExec.exe /I{622DE1BE-9EDE-49D3-B349-29D64760342A}
======System event log======
Computer Name: rietje-PC
Event Code: 7036
Message: De Adobe Flash Player Update Service-service heeft nu de status wordt uitgevoerd.
Record Number: 238100
Source Name: Service Control Manager
Time Written: 20130902151700.253973-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 7036
Message: De WinHTTP Web Proxy Auto-Discovery Service-service heeft nu de status gestopt.
Record Number: 238099
Source Name: Service Control Manager
Time Written: 20130902145030.591049-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 7036
Message: De WinHTTP Web Proxy Auto-Discovery Service-service heeft nu de status wordt uitgevoerd.
Record Number: 238098
Source Name: Service Control Manager
Time Written: 20130902143400.589424-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 7036
Message: De Adobe Flash Player Update Service-service heeft nu de status gestopt.
Record Number: 238097
Source Name: Service Control Manager
Time Written: 20130902141700.252064-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 7036
Message: De Adobe Flash Player Update Service-service heeft nu de status wordt uitgevoerd.
Record Number: 238096
Source Name: Service Control Manager
Time Written: 20130902141700.252064-000
Event Type: Informatie
User:
=====Application event log=====
Computer Name: rietje-PC
Event Code: 9013
Message: Kan Beheer van bureaubladvensters niet starten omdat bureaubladsamenstelling is uitgeschakeld door een actieve toepassing
Record Number: 19642
Source Name: Desktop Window Manager
Time Written: 20120804104820.000000-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 9010
Message: Een aanvraag om Beheer van bureaubladvensters uit te schakelen is gedaan door proces (4elements.exe)
Record Number: 19641
Source Name: Desktop Window Manager
Time Written: 20120804104820.000000-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 8224
Message: De VSS-service is vanwege een time-out voor niet actief afgesloten.
Record Number: 19640
Source Name: VSS
Time Written: 20120804094132.000000-000
Event Type: Informatie
User:
Computer Name: rietje-PC
Event Code: 12348
Message: Waarschuwing voor Volume Shadow Copy-service: VSS krijgt geen toegang tot de hoofdmap van volume \\?\Volume{7e3cf0ea-6dfa-11e1-8c17-f80f41385e0c}\. Als beheerders geen toegang krijgen tot basismappen, kan dit leiden tot onverwachte fouten en functioneert VSS mogelijk niet goed. Controleer de beveiliging van het volume en probeer de bewerking nogmaals uit te voeren.
Bewerking:
Auto-release schaduwkopieën verwijderen
Provider laden
Context:
Uitvoeringscontext: System Provider
Record Number: 19639
Source Name: VSS
Time Written: 20120804093831.000000-000
Event Type: Waarschuwing
User:
Computer Name: rietje-PC
Event Code: 258
Message: De schijfdefragmentatie heeft opstarten optimaliseren op Acer (C:) voltooid
Record Number: 19638
Source Name: Microsoft-Windows-Defrag
Time Written: 20120804093528.000000-000
Event Type: Informatie
User:
=====Security event log=====
Computer Name: rietje-PC
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-0-0
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x0
Aanmeldingstype: 3
Nieuwe aanmelding:
Beveiligings-id: S-1-5-7
Accountnaam: ANONIEME LOGON
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x7b84d0
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x0
Naam proces: -
Netwerkgegevens:
Naam van werkstation: GINO-PC
Netwerkadres van bron: 192.168.1.2
Poort van bron: 55986
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: NtLmSsp
Verificatiepakket: NTLM
Doorgezette services: -
Pakketnaam (alleen NTLM): NTLM V1
Sleutellengte: 128
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 89162
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130525113037.006774-000
Event Type: Controle geslaagd
User:
Computer Name: rietje-PC
Event Code: 4624
Message: Er is een account aangemeld.
Onderwerp:
Beveiligings-id: S-1-0-0
Accountnaam: -
Accountdomein: -
Aanmeldings-id: 0x0
Aanmeldingstype: 3
Nieuwe aanmelding:
Beveiligings-id: S-1-5-7
Accountnaam: ANONIEME LOGON
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x7b83b3
Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}
Procesgegevens:
Proces-id: 0x0
Naam proces: -
Netwerkgegevens:
Naam van werkstation: GINO-PC
Netwerkadres van bron: 192.168.1.2
Poort van bron: 55985
Gedetailleerde verificatiegegevens:
Aanmeldingsproces: NtLmSsp
Verificatiepakket: NTLM
Doorgezette services: -
Pakketnaam (alleen NTLM): NTLM V1
Sleutellengte: 128
Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.
De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.
In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).
Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.
In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.
De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
Record Number: 89161
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130525113036.152725-000
Event Type: Controle geslaagd
User:
Computer Name: rietje-PC
Event Code: 5061
Message: Cryptografische bewerking.
Onderwerp:
Beveiligings-id: S-1-5-19
Accountnaam: LOCAL SERVICE
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e5
Cryptografieparameters:
Naam provider: Microsoft Software Key Storage Provider
Naam algoritme: RSA
Sleutelnaam: 5584aef8-415e-4010-9938-9cb4e8553501
Sleuteltype: Computersleutel.
Cryptografische bewerking:
Bewerking: Sleutel openen.
Retourcode: 0x0
Record Number: 89160
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130525112833.495710-000
Event Type: Controle geslaagd
User:
Computer Name: rietje-PC
Event Code: 5058
Message: Bewerking sleutelbestand.
Onderwerp:
Beveiligings-id: S-1-5-19
Accountnaam: LOCAL SERVICE
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e5
Cryptografieparameters:
Naam provider: Microsoft Software Key Storage Provider
Naam algoritme: Niet beschikbaar
Sleutelnaam: 5584aef8-415e-4010-9938-9cb4e8553501
Sleuteltype: Computersleutel.
Gegevens over bewerking:
Pad naar bestand: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4301f85cccbc9dd5dd4b757872ca1834_2f3c43e0-c0e7-46ba-9f29-cb0a76841606
Bewerking: Blijvende sleutel uit bestand lezen.
Retourcode: 0x0
Record Number: 89159
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130525112833.495710-000
Event Type: Controle geslaagd
User:
Computer Name: rietje-PC
Event Code: 5061
Message: Cryptografische bewerking.
Onderwerp:
Beveiligings-id: S-1-5-19
Accountnaam: LOCAL SERVICE
Accountdomein: NT AUTHORITY
Aanmeldings-id: 0x3e5
Cryptografieparameters:
Naam provider: Microsoft Software Key Storage Provider
Naam algoritme: RSA
Sleutelnaam: 5584aef8-415e-4010-9938-9cb4e8553501
Sleuteltype: Computersleutel.
Cryptografische bewerking:
Bewerking: Sleutel openen.
Retourcode: 0x0
Record Number: 89158
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130525112333.489550-000
Event Type: Controle geslaagd
User:
======Environment variables======
“ComSpec”=%SystemRoot%\system32\cmd.exe
“FP_NO_HOST_CHECK”=NO
“OS”=Windows_NT
“Path”=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\EgisTec MyWinLocker\x64;C:\Program Files (x86)\EgisTec MyWinLocker\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Common Files\Ulead Systems\MPEG;C:\Program Files (x86)\QuickTime\QTSystem\
“PATHEXT”=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
“PROCESSOR_ARCHITECTURE”=AMD64
“TEMP”=%SystemRoot%\TEMP
“TMP”=%SystemRoot%\TEMP
“USERNAME”=SYSTEM
“windir”=%SystemRoot%
“PSModulePath”=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
“NUMBER_OF_PROCESSORS”=4
“PROCESSOR_LEVEL”=18
“PROCESSOR_IDENTIFIER”=AMD64 Family 18 Model 1 Stepping 0, AuthenticAMD
“PROCESSOR_REVISION”=0100
“windows_tracing_logfile”=C:\BVTBin\Tests\installpackage\csilogfile.log
“windows_tracing_flags”=3
“AMDAPPSDKROOT”=C:\Program Files (x86)\AMD APP\
“CLASSPATH”=.;C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
“QTJAVA”=C:\Program Files (x86)\QuickTime\QTSystem\QTJava.zip
—————–EOF—————–
rietje

02-03-2014 15:39

tweede deel
Logfile of random's system information tool 1.09 (written by random/random)
Run by rietje at 2014-03-02 15:28:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 398 GB (85%) free of 468 GB
Total RAM: 5589 MB (61% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:29:09, on 2/03/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files\BullGuard Ltd\BullGuard\files32\spamfilter\LittleHook.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
C:\Users\rietje\Downloads\RSIT (1).exe
C:\Program Files (x86)\trend micro\rietje.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe” -d
O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: “C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
O4 - HKLM\..\Run: “c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe” -START
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKCU\..\Run: “c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe” -startup
O4 - HKCU\..\Run: “C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe” -autorun
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: “C:\Program Files\CCleaner\CCleaner64.exe” /MONITOR
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘Default user’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 13851 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ROC_JAN2013_TB_rmv.job
=========Mozilla firefox=========
ProfilePath - C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default
prefs.js - “browser.startup.homepage” - “http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP”
prefs.js - “keyword.URL” - “http://www.bing.com/search?FORM=UP97DF&PC=UP97&q=”
“smartwebprinting@hp.com”=C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
“antiphishing@bullguard”=C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard\
“12x3q4@3244516.com”=C:\Program Files (x86)\Better-Surf\ff
“Description”=Adobe® Flash® Player 12.0.0.70 Plugin
“Path”=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
“Description”=Adobe Shockwave Player
“Path”=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
“Description”=
“Path”=disabled
“Description”=Ag Player Plugin
“Path”=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
“Description”=Office Authorization plug-in for NPAPI browsers
“Path”=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
“Description”=Microsoft SharePoint Plug-in for Firefox
“Path”=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=WLPG Install MIME type
“Path”=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
“Description”=Google Update
“Path”=C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
“Description”=Handles PDFs in-place in Firefox
“Path”=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
avg-secure-search.xml
bing.xml
bolcom-nl.xml
google.xml
marktplaats-nl.xml
wikipedia-nl.xml
C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default\extensions\
b1c59be1-6ba6-46cc-a7f5-5311cec2f27b@0c28bfa2-efb5-4c1d-8a2d-41671f1e9c0c.com
DTToolbar@toolbarnet.com
C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default\searchplugins\
bingp.xml
======Registry dump======
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
Yontoo - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
“SuiteTray”=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
“EgisTecPMMUpdate”=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
“EgisUpdate”=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
“StartCCC”=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
“ArcadeMovieService”=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
“Hotkey Utility”=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
“Adobe ARM”=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
“HP Software Update”=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
“”=
“Corel File Shell Monitor”=c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
“Standby”=c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
“QuickTime Task”=C:\Program Files (x86)\QuickTime\QTTask.exe
“BCSSync”=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
“Corel Photo Downloader”=c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
“DAEMON Tools Lite”=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
“Skype”=C:\Program Files (x86)\Skype\Phone\Skype.exe
“CCleaner Monitoring”=C:\Program Files\CCleaner\CCleaner64.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
“{B5A7F190-DDA6-4420-B3BA-52453494E6CD}”=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
“SecurityProviders”=credssp.dll
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableUIADesktopToggle”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
“vidc.mrle”=msrle32.dll
“vidc.msvc”=msvidc32.dll
“msacm.imaadpcm”=imaadp32.acm
“msacm.msg711”=msg711.acm
“msacm.msgsm610”=msgsm32.acm
“msacm.msadpcm”=msadp32.acm
“midimapper”=midimap.dll
“wavemapper”=msacm32.drv
“vidc.uyvy”=msyuv.dll
“vidc.yuy2”=msyuv.dll
“vidc.yvyu”=msyuv.dll
“vidc.iyuv”=iyuv_32.dll
“vidc.i420”=iyuv_32.dll
“vidc.yvu9”=tsbyuv.dll
“msacm.l3acm”=C:\Windows\SysWOW64\l3codeca.acm
“vidc.cvid”=iccvid.dll
“wave2”=wdmaud.drv
“midi2”=wdmaud.drv
“mixer2”=wdmaud.drv
“aux2”=wdmaud.drv
“wave1”=wdmaud.drv
“midi1”=wdmaud.drv
“mixer1”=wdmaud.drv
“aux1”=wdmaud.drv
“wave”=wdmaud.drv
“midi”=wdmaud.drv
“mixer”=wdmaud.drv
“aux”=wdmaud.drv
“msacm.l3codecp”=l3codecp.acm
“msacm.siren”=sirenacm.dll
“msacm.dvacm”=c:\PROGRA~2\COMMON~1\ULEADS~1\Vio\Dvacm.acm
“msacm.MPEGacm”=c:\PROGRA~2\COMMON~1\ULEADS~1\MPEG\MPEGacm.acm
“msacm.ulmp3acm”=c:\PROGRA~2\COMMON~1\ULEADS~1\MPEG\ulmp3acm.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe “%1” %*
======List of files/folders created in the last 1 month======
2014-03-02 15:28:53 —-D—- C:\Program Files (x86)\trend micro
2014-03-02 15:28:52 —-D—- C:\rsit
2014-03-01 10:21:53 —-RD—- C:\Program Files (x86)\Skype
2014-03-01 10:21:53 —-D—- C:\Program Files (x86)\Common Files\Skype
2014-02-28 17:06:52 —-D—- C:\Users\rietje\AppData\Roaming\.mono
2014-02-28 17:06:52 —-D—- C:\ProgramData\.mono
2014-02-17 22:08:52 —-A—- C:\Windows\SysWOW64\vbscript.dll
2014-02-17 22:08:15 —-A—- C:\Windows\SysWOW64\msrating.dll
2014-02-17 22:08:14 —-A—- C:\Windows\SysWOW64\ieui.dll
2014-02-17 22:08:13 —-A—- C:\Windows\SysWOW64\msfeeds.dll
2014-02-17 22:08:12 —-A—- C:\Windows\SysWOW64\jsproxy.dll
2014-02-17 22:08:12 —-A—- C:\Windows\SysWOW64\ieUnatt.exe
2014-02-17 22:08:12 —-A—- C:\Windows\SysWOW64\iesetup.dll
2014-02-17 22:08:12 —-A—- C:\Windows\SysWOW64\iernonce.dll
2014-02-17 22:08:12 —-A—- C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-17 22:08:11 —-A—- C:\Windows\SysWOW64\jscript9diag.dll
2014-02-17 22:08:11 —-A—- C:\Windows\SysWOW64\ieapfltr.dll
2014-02-17 22:08:10 —-A—- C:\Windows\SysWOW64\wininet.dll
2014-02-17 22:08:10 —-A—- C:\Windows\SysWOW64\iertutil.dll
2014-02-17 22:08:09 —-A—- C:\Windows\SysWOW64\urlmon.dll
2014-02-17 22:08:07 —-A—- C:\Windows\SysWOW64\mshtml.dll
2014-02-17 22:08:07 —-A—- C:\Windows\SysWOW64\ieframe.dll
2014-02-17 22:08:06 —-A—- C:\Windows\SysWOW64\jscript9.dll
2014-02-17 17:47:00 —-A—- C:\Windows\SysWOW64\msxml3r.dll
2014-02-17 17:47:00 —-A—- C:\Windows\SysWOW64\msxml3.dll
2014-02-17 17:46:49 —-A—- C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-17 17:46:49 —-A—- C:\Windows\SysWOW64\RMActivate.exe
2014-02-17 17:46:48 —-A—- C:\Windows\SysWOW64\secproc_isv.dll
2014-02-17 17:46:48 —-A—- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-17 17:46:48 —-A—- C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-17 17:46:47 —-A—- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-17 17:46:47 —-A—- C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-17 17:46:47 —-A—- C:\Windows\SysWOW64\secproc.dll
2014-02-17 17:46:47 —-A—- C:\Windows\SysWOW64\msdrm.dll
2014-02-17 17:46:38 —-A—- C:\Windows\SysWOW64\d3d10warp.dll
2014-02-17 17:46:37 —-A—- C:\Windows\SysWOW64\d2d1.dll
======List of files/folders modified in the last 1 month======
2014-03-02 15:28:59 —-D—- C:\Windows\Temp
2014-03-02 15:28:53 —-D—- C:\Program Files (x86)
2014-03-02 15:28:28 —-D—- C:\ProgramData\BullGuard
2014-03-02 15:20:30 —-D—- C:\Windows\System32
2014-03-02 15:20:30 —-D—- C:\Windows\inf
2014-03-02 15:20:20 —-D—- C:\Users\rietje\AppData\Roaming\Skype
2014-03-02 15:16:21 —-D—- C:\Windows
2014-03-02 15:14:31 —-D—- C:\Windows\Prefetch
2014-03-02 14:40:04 —-D—- C:\ProgramData\clear.fi
2014-03-01 10:21:57 —-SHD—- C:\Windows\Installer
2014-03-01 10:21:57 —-HD—- C:\Config.Msi
2014-03-01 10:21:57 —-D—- C:\ProgramData\Skype
2014-03-01 10:21:53 —-D—- C:\Program Files (x86)\Common Files
2014-02-28 17:06:52 —-HD—- C:\ProgramData
2014-02-25 22:18:51 —-D—- C:\Windows\SysWOW64
2014-02-25 22:18:51 —-A—- C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 22:17:38 —-SHD—- C:\System Volume Information
2014-02-24 19:10:48 —-D—- C:\Windows\debug
2014-02-21 19:17:23 —-A—- C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-18 19:24:13 —-D—- C:\Windows\rescache
2014-02-18 19:02:17 —-D—- C:\Windows\Microsoft.NET
2014-02-18 18:54:16 —-RSD—- C:\Windows\assembly
2014-02-18 17:52:53 —-D—- C:\Windows\winsxs
2014-02-18 17:50:55 —-D—- C:\Windows\SysWOW64\nl-NL
2014-02-18 17:50:53 —-D—- C:\Program Files (x86)\Internet Explorer
2014-02-17 22:18:49 —-D—- C:\ProgramData\Microsoft Help
2014-02-17 22:09:09 —-A—- C:\Windows\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys
R1 AFW;Agnitum Firewall Driver; C:\Windows\system32\DRIVERS\afw.sys
R1 BdAgent;BullGuard Security Agent; C:\Windows\system32\DRIVERS\BdAgent.sys
R1 BdSpy;BdSpy; C:\Windows\system32\drivers\BdSpy.sys
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
R1 NovaShieldFilterDriver;NovaShieldFilterDriver; C:\Windows\system32\DRIVERS\NSKernel.sys
R1 NovaShieldTDIDriver;NovaShieldTDIDriver; C:\Windows\system32\DRIVERS\NSNetmon.sys
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys
R3 afwcore;afwcore; C:\Windows\system32\DRIVERS\afwcore.sys
R3 amdhub30;AMD USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\amdhub30.sys
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys
R3 amdxhc;AMD USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\amdxhc.sys
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys
R3 BdNet;BdNet; C:\Windows\system32\DRIVERS\BdNet.sys
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys
R3 Trufos;Trufos; C:\Windows\system32\DRIVERS\Trufos.sys
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe
R2 BsBackup;BullGuard backup service; C:\Windows\System32\SvcHost.exe
R2 BsBhvScan;BullGuard Behavioural Detection; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
R2 BsCache;BullGuard CODS service; C:\Windows\System32\SvcHost.exe
R2 BsFileScan;BullGuard on-access service; C:\Windows\System32\SvcHost.exe
R2 BsFire;BullGuard firewall service; C:\Windows\System32\SvcHost.exe
R2 BsMailProxy;BullGuard e-mail monitoring service; C:\Windows\System32\SvcHost.exe
R2 BsMain;BullGuard main service; C:\Windows\System32\SvcHost.exe
R2 BsScanner;BullGuard scanning service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
R2 BsUpdate;BullGuard update service; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe
R2 HPSLPSVC;HP Network Devices Support; C:\Windows\system32\svchost.exe
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
—————–EOF—————–
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Databaseversie: v2014.03.01.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
rietje :: RIETJE-PC
2/03/2014 15:21:04
mbam-log-2014-03-02 (15-21-04).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 221468
Verstreken tijd: 5 minuut/minuten, 42 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Ben

02-03-2014 16:45

Hallo,
Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.
Download Zoek.exe naar het bureaublad.
* Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Zoek.exe uitvoeren
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.
* Dubbelklik vervolgens op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte code en plak die in het grote invulvenster:
* Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
firefoxlook;
emptyclsid;
torpigcheck;
emptyfolderscheck;delete
chromelook;
standardsearch;
filesrcm;
autoclean;
startupall;
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post het geopende logje in het volgende bericht.
rietje

03-03-2014 20:51

Zoek.exe v5.0.0.0 Updated 02-March-2014
Tool run by rietje on ma 03/03/2014 at 19:55:15,42.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\rietje\Downloads\zoek.exe
==== System Restore Info ======================
3/03/2014 19:56:15 Zoek.exe System Restore Point Created Succesfully.
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\BackupCopyHook {9458E603-FF43-4134-9036-04B4C71791E3} C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Users\rietje\AppData\Roaming\DendaGames deleted successfully
C:\Users\rietje\AppData\Roaming\QuickScan deleted successfully
C:\Users\rietje\AppData\Roaming\Systweak deleted successfully
C:\Users\rietje\AppData\Roaming\TP deleted successfully
C:\Users\rietje\AppData\Local\CrashDumps deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411411160} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411160} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411411160} deleted successfully
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\12x3q4@3244516.com deleted successfully
==== Running Processes ======================
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Users\rietje\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
==== Deleting Services ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\0
—- Lines y2layers removed from user.js —-
user_pref(“extentions.y2layers.installId”, “cdf48e4c-0bd7-4bd2-b448-c94a2def0918”);
user_pref(“extentions.y2layers.defaultEnableAppsList”, “ezLooker,pagerage,buzzdock,toprelatedtopics,twittube”);
—- FireFox user.js and prefs.js backups —-
user_20140303_2013_.backup
prefs_20140303_2013_.backup
ProfilePath: C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default
—- Lines Lyric removed from prefs.js —-
user_pref(“extensions.ab1c59be16ba646cca7f55311cec2f27b0c28bfa2efb54c1d8a2d41671f1e9c0ccom44160.44160.description”, "BobyLyrics will find any lyrics o
user_pref(“extensions.ab1c59be16ba646cca7f55311cec2f27b0c28bfa2efb54c1d8a2d41671f1e9c0ccom44160.44160.name”, “BobyLyrics-16”);
—- Lines y2layers removed from prefs.js —-
user_pref(“extentions.y2layers.defaultEnableAppsList”, “ezLooker,pagerage,buzzdock,toprelatedtopics,twittube”);
user_pref(“extentions.y2layers.installId”, “cdf48e4c-0bd7-4bd2-b448-c94a2def0918”);
—- Lines y2layers removed from user.js —-
user_pref(“extentions.y2layers.installId”, “cdf48e4c-0bd7-4bd2-b448-c94a2def0918”);
user_pref(“extentions.y2layers.defaultEnableAppsList”, “ezLooker,pagerage,buzzdock,toprelatedtopics,twittube”);
—- Lines yontoo modified from prefs.js —-
user_pref(“extensions.enabledAddons”, "plugin@yontoo.com:1.20.02,b1c59be1-6ba6-46cc-a7f5-5311cec2f27b@0c28bfa2-efb5-4c1d-8a2d-41671f1e9c0c.com:0.93.16
user_pref(“extensions.installCache”, "[{\“name\”:\“winreg-app-global\”,\“addons\”:{\“smartwebprinting@hp.com\”:{\“descriptor\”:\"C:\\\\Program Files (
—- Lines crossrider removed from prefs.js —-
user_pref(“extensions.crossrider.bic”, “14293bf79e03a7cf3e3e9df3452c90e6”);
—- Lines OneClickDownload removed from prefs.js —-
user_pref(“extensions.bootstrappedAddons”, “{\”OneClickDownload@OneClickDownload.com\“:{\”version\“:\”1.3\“,\”type\“:\”extension\“,\”descriptor\“:\”C:
user_pref(“extensions.OneClickDownload.filter”, “1,3”);
user_pref(“extensions.OneClickDownload.lastUpdate”, “{\”hours\“:19,\”min\“:0}”);
—- Lines OneClickDownload modified from prefs.js —-
user_pref(“extensions.installCache”, "
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”
“Corel Photo Downloader”=“c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup”
“DAEMON Tools Lite”=“C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“CCleaner Monitoring”=“C:\Program Files\CCleaner\CCleaner64.exe /MONITOR”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“mctadmin”=“C:\Windows\System32\mctadmin.exe”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“IsMyWinLockerReboot”=“msiexec.exe /qn /x{voidguid}”
“SuiteTray”=“C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe”
“EgisTecPMMUpdate”=“C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe”
“EgisUpdate”=“C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d”
“StartCCC”=“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun”
“ArcadeMovieService”=“C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe”
“Hotkey Utility”=“C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“HP Software Update”=“C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe”
“Corel File Shell Monitor”=“c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe”
“Standby”=“c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START”
“QuickTime Task”=“C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime”
“BCSSync”=“C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices”
“Corel Photo Downloader”=“c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe -startup”
“DAEMON Tools Lite”=“C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun”
“Skype”=“C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun”
“CCleaner Monitoring”=“C:\Program Files\CCleaner\CCleaner64.exe /MONITOR”
==== Startup Registry Enabled x64 ======================
“RTHDVCPL”=“C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s”
“BullGuard”=“C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe -boot”
“BullGuardUpdate2”=“c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe”
==== Startup Folders ======================
2012-05-11 18:54:30 2140 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job –a—— C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==== Other Scheduled Tasks ======================
“C:\Windows\SysNative\tasks\Adobe ARM”
“C:\Windows\SysNative\tasks\Adobe Flash Player Updater”
“C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher”
“C:\Windows\SysNative\tasks\CCleanerSkipUAC”
“C:\Windows\SysNative\tasks\clear.fi”
“C:\Windows\SysNative\tasks\clear.fiAgent”
“C:\Windows\SysNative\tasks\DMREngine”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore”
“C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA”
“C:\Windows\SysNative\tasks\SidebarExecute”
“C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask”
==== Folders in C:\PROGRA~3 0-6 Months Old ======================
2013-09-24 16:29:24 ——– d—–w- C:\PROGRA~3\DAEMON Tools Lite
2013-09-24 17:48:38 ——– d—–w- C:\PROGRA~3\Microsoft Help
2013-11-27 15:18:39 ——– d—–w- C:\PROGRA~3\BullGuard
2013-12-15 19:44:20 ——– d—–w- C:\PROGRA~3\Malwarebytes
2014-02-28 16:06:52 ——– d—–w- C:\PROGRA~3\.mono
==== Firefox Extensions Registry ======================
“antiphishing@bullguard”=“C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\antiphishing@bullguard”
“smartwebprinting@hp.com”=“C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3”
==== Firefox Extensions ======================
ProfilePath: C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default
- DAEMON Tools Toolbar - %ProfilePath%\extensions\DTToolbar@toolbarnet.com
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default
D775FA6F1E88B3B99E69E8A0D6C3A819 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - Shockwave Flash
221B630B26951630BA834292AE2AF79E - C:\Users\rietje\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
8FE7BA502945BE735D09D5703BD76FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll - Shockwave for Director / Shockwave for Director
==== Deleted Firefox Extensions ======================
C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default\extensions\DTToolbar@toolbarnet.com deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
niapdbllcanepiiimjjndipklodoedlc - C:\Users\rietje\AppData\Local\Temp\YontooLayers.crx
pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx
poheodfamflhhhdcmjfeggbgigeefaco - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx
YouTube - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
BobyLyrics-16 - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffnmffcnjgdnckipooehcgglcfaheeb
TelevisionFanatic - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfhkgkmljpbkafmkljgfmaokgcaiiee
Google Wallet - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Greyscale - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\penkfbldfkaelnnhblmfmajlggdielfm
Gmail - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
OneClickDownload - rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
==== Chrome Fix ======================
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pmlghpafmmnmmkjdhacccolfgnkiboco_0.localstorage deleted successfully
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffnmffcnjgdnckipooehcgglcfaheeb deleted successfully
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iffnmffcnjgdnckipooehcgglcfaheeb_0.localstorage deleted successfully
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_iffnmffcnjgdnckipooehcgglcfaheeb_0 deleted successfully
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\iffnmffcnjgdnckipooehcgglcfaheeb deleted successfully
==== Set IE to Default ======================
Old Values:
“DefaultScope”=“{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}”
not found
New Values:
“Start Page”=“http://www.google.com”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0527FD06-B9EF-4A6E-A064-34CCE5ED82D6} Google Url=“http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{95B7759C-8C7F-4BF1-B163-73684A933233} Bing Url=“http://www.bing.com/search?FORM=UP97DF&PC=UP97&q={searchTerms}&src=IE-SearchBox”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-1274804013-3411993262-2567731230-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully
==== HijackThis Entries ======================
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe” -d
O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: “C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
O4 - HKLM\..\Run: “c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe” -START
O4 - HKLM\..\Run: “C:\Program Files (x86)\QuickTime\QTTask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe” /DelayServices
O4 - HKCU\..\Run: “c:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe” -startup
O4 - HKCU\..\Run: “C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe” -autorun
O4 - HKCU\..\Run: “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun
O4 - HKCU\..\Run: “C:\Program Files\CCleaner\CCleaner64.exe” /MONITOR
O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)
O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)
O4 - HKUS\S-1-5-18\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\RunOnce: msiexec.exe /qn /x{voidguid} (User ‘Default user’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: BullGuard Behavioural Detection (BsBhvScan) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2X6XUHP9 will be deleted at reboot
C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46GFTI3T will be deleted at reboot
C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZOCC2RE will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\rietje\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=997 folders=85 24068066 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\rietje\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\rietje\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2X6XUHP9” not found
“C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\46GFTI3T” not found
“C:\Users\rietje\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZOCC2RE” not found
==== EOF on za 01/01/2011 at 12:01:24,83 ======================
Ben

04-03-2014 09:22

Hallo,
Dat is al een beste opruiming:
Download AdwCleaner by Xplode naar het bureaublad.
*Sluit alle openstaande vensters.
*Dubbelklik op AdwCleaner om hem te starten.
*Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren,
*Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
*Klik vervolgens op Scan.
*Klik vervolgens op Clean als er items zijn gevonden.
*Klik bij Herstarten Noodzakelijk op OK
Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt
Post aansluitend de inhoud van dit log in je volgende bericht.
rietje

04-03-2014 19:12

# AdwCleaner v3.020 - Report created 04/03/2014 at 19:07:22
# Updated 27/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : rietje - RIETJE-PC
# Running from : C:\Users\rietje\Downloads\adwcleaner.exe
# Option : Clean
***** *****
***** *****
File Deleted : C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\rietje\AppData\Roaming\Mozilla\Firefox\Profiles\vzx1chwp.default\user.js
***** *****
***** *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dream-pinball-3d_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dream-pinball-3d_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_rapidshare-auto-downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_rapidshare-auto-downloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKCU\Software\GoforFiles
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\InstalledThirdPartyPrograms
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\InstalledThirdPartyPrograms
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
***** *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v15.0.1 (nl)
Line Deleted : user_pref(“browser.search.defaultenginename”, “AVG Secure Search”);
Line Deleted : user_pref(“browser.search.selectedEngine”, “AVG Secure Search”);
-\\ Google Chrome v33.0.1750.117
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########
Ben

04-03-2014 19:16

Hallo,
Hoe gaat het hierna?
fazantje

14-03-2014 09:19

Omdat er geen reactie meer volgt wordt dit topic gesloten.
Wilt U Uw topic als nog weer openen, stuur dan een prive bericht naar Ben of Huib (fazantje).
Zij zullen dan het “slotje” er van af halen en het topic is weer geopend.
Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

logjes RSIT (deel 1)

rietje

rietje

Ben

rietje

Ben

rietje

Ben

fazantje