virussen op mijn computer

[maxjuhh3]

hi,

Ik heb waarschijnlijk een virus of misshien wel meer op mijn computer.

Kan iemand me helpen om deze af te halen want me mcafee scanner weergeeft niks.

Alvast bedankt,

Max

[jv9090]

Download HiJackThis

Dubbelklik op HJTInstall.exe

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

HijackThis zal openen na het installeren.

Klik op "Do a systemscan and save a logfile".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

N.B. : gebruikers van Windows Vista en Windows 7 zullen eerst moeten rechtsklikken op HijackThis.exe en dan kiezen voor "Run as Administrator".

[maxjuhh3]

als ik een scan doe kan hij hem niet openen in kladblok er staat kan het bestand C:\program\TrendMicro\HiJackThis\hijackthis.log niet vinden dus kan het niet kopieeren?

[kweezie wabbit]

Krijg je dan foutmeldingen? Welke?

[maxjuhh3]

nee ik krijg geen foutmelden gewoon gewoon een bericht waar op staat: kan het bestand C:\program\TrendMicro\HiJackThis\hijackthis.log niet vinden.. wil je een nieuw bestand maken... en dan kan ik kiezen op ja nee of annuleren.

[kape]

Laten we dit (voorlopig) even rusten. Doe dan dit :

Download RSIT.

Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.

Klik op Continue in het disclaimer venster.

Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

[maxjuhh3]

de scan is nu bezig maar hij duurt wel erg lang hij blijft stil staan bij listing event logs.. hoort dit?

[maxjuhh3]

Logfile of random's system information tool 1.06 (written by random/random)

Run by Maximus at 2010-02-11 16:41:43

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 46 GB (41%) free of 113 GB

Total RAM: 3069 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 16:41:49, on 11-2-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

Running processes:

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Windows\System32\rundll32.exe

C:\Windows\BR040286.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Users\Maximus\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\ehome\ehmsas.exe

C:\Users\Maximus\Program Files\DNA\btdna.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE

C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Maximus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MHR6DVOQ\RSIT[1].exe

C:\Program Files\trend micro\Maximus.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll

O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [bisonInst0402] C:\Windows\BR040286.exe

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Maximus\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.4; OfficeLivePatch.1.3)" -"Harvey Wallbanger - Spele.nl - De leukste spelletjes site van Nederland!"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: McAfee Security Scan.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O20 - AppInit_DLLs: C:\Windows\System32\cdd32.dll

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 13542 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job

C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]

McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-07-08 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

LimewirePlus Toolbar - C:\Program Files\LimewirePlus\tbLim1.dll [2009-07-02 2094616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]

scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

ShowBarObj Class - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-01-03 312368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-11 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-27 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-05 142896]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - LimewirePlus Toolbar - C:\Program Files\LimewirePlus\tbLim1.dll [2009-07-02 2094616]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]

"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-05 525360]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-15 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-15 8534560]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-15 81920]

"BisonInst0402"=C:\Windows\BR040286.exe [2007-05-08 53248]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]

"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-10-10 1286144]

"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-01-04 768520]

"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2008-01-22 200704]

"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-07-21 159744]

"eRecoveryService"= []

"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]

"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808]

"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript []

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-09 39408]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"BitTorrent DNA"=C:\Users\Maximus\Program Files\DNA\btdna.exe [2009-11-25 323392]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"=C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe [2009-07-31 468408]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Users\Maximus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\Windows\System32\cdd32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-02-11 16:41:43 ----D---- C:\rsit

2010-02-09 22:40:26 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-02-09 22:40:25 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-02-09 22:39:41 ----A---- C:\Windows\system32\quartz.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\tsbyuv.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\msyuv.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\msvidc32.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\msrle32.dll

2010-02-09 22:39:39 ----A---- C:\Windows\system32\msvfw32.dll

2010-02-09 22:39:39 ----A---- C:\Windows\system32\mciavi32.dll

2010-02-09 22:39:39 ----A---- C:\Windows\system32\iyuv_32.dll

2010-02-09 22:39:38 ----A---- C:\Windows\system32\avifil32.dll

2010-02-09 21:06:58 ----D---- C:\Program Files\TrendMicro

2010-02-07 19:29:53 ----D---- C:\Program Files\RealFogs

2010-01-31 15:45:13 ----D---- C:\Users\Maximus\AppData\Roaming\AVS4YOU

2010-01-31 15:45:12 ----D---- C:\ProgramData\AVS4YOU

2010-01-31 15:44:17 ----D---- C:\Program Files\Common Files\AVSMedia

2010-01-31 15:44:13 ----D---- C:\Program Files\AVS4YOU

2010-01-31 15:44:13 ----A---- C:\Windows\system32\msxml3a.dll

2010-01-31 15:44:13 ----A---- C:\Windows\system32\mfc70.dll

2010-01-31 12:02:19 ----D---- C:\Program Files\LimeWire

2010-01-21 23:38:53 ----A---- C:\Windows\system32\mshtml.dll

2010-01-21 23:38:53 ----A---- C:\Windows\system32\ieframe.dll

2010-01-21 23:38:51 ----A---- C:\Windows\system32\urlmon.dll

2010-01-21 23:38:51 ----A---- C:\Windows\system32\iertutil.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\wininet.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\occache.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\msfeeds.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\iedkcs32.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\msfeedssync.exe

2010-01-21 23:38:49 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\jsproxy.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\ieUnatt.exe

2010-01-21 23:38:49 ----A---- C:\Windows\system32\ieui.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iesysprep.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iesetup.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iernonce.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iepeers.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\ie4uinit.exe

2010-01-13 11:49:07 ----A---- C:\Windows\system32\t2embed.dll

2010-01-13 11:49:07 ----A---- C:\Windows\system32\fontsub.dll

2009-12-14 15:46:47 ----D---- C:\Users\Maximus\AppData\Roaming\Malwarebytes

2009-12-14 15:46:41 ----D---- C:\ProgramData\Malwarebytes

2009-12-13 22:43:50 ----D---- C:\Program Files\Trend Micro

2009-12-13 17:04:18 ----A---- C:\Windows\_MSRSTRT.EXE

2009-12-13 16:59:19 ----D---- C:\Program Files\AlienGUIse

2009-12-13 16:59:19 ----A---- C:\Windows\system32\wbsys.dll

2009-12-12 18:54:09 ----A---- C:\Windows\system32\nshhttp.dll

2009-12-12 18:54:03 ----A---- C:\Windows\system32\httpapi.dll

2009-12-10 09:21:09 ----A---- C:\Windows\system32\winhttp.dll

2009-12-10 09:20:19 ----A---- C:\Windows\system32\rastls.dll

2009-11-26 03:02:36 ----A---- C:\Windows\system32\tzres.dll

2009-11-25 06:38:27 ----A---- C:\Windows\system32\msxml6.dll

2009-11-25 06:38:26 ----A---- C:\Windows\system32\msxml3.dll

2009-11-24 11:54:02 ----A---- C:\Windows\system32\d3dx10_35.dll

2009-11-24 11:54:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2009-11-24 11:54:01 ----A---- C:\Windows\system32\d3dx9_35.dll

2009-11-24 11:54:00 ----A---- C:\Windows\system32\xinput1_3.dll

2009-11-23 15:54:43 ----D---- C:\Users\Maximus\AppData\Roaming\DNA

2009-11-23 15:54:43 ----D---- C:\Program Files\DNA

2009-11-22 17:44:27 ----D---- C:\Users\Maximus\AppData\Roaming\Babylon

2009-11-22 17:44:27 ----D---- C:\ProgramData\Babylon

2009-11-15 22:38:53 ----D---- C:\Program Files\Windows Portable Devices

2009-11-15 22:26:28 ----A---- C:\Windows\system32\UIAnimation.dll

2009-11-15 22:26:25 ----A---- C:\Windows\system32\UIRibbonRes.dll

2009-11-15 22:26:25 ----A---- C:\Windows\system32\UIRibbon.dll

2009-11-15 22:25:44 ----A---- C:\Windows\system32\WMPhoto.dll

2009-11-15 22:25:41 ----A---- C:\Windows\system32\cdd.dll

2009-11-15 22:25:38 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2009-11-15 22:25:38 ----A---- C:\Windows\system32\d3d10warp.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\XpsRasterService.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\dxdiagn.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\d2d1.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\xpsservices.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\XpsPrint.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2009-11-15 22:25:36 ----A---- C:\Windows\system32\OpcServices.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\FntCache.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\dxdiag.exe

2009-11-15 22:25:36 ----A---- C:\Windows\system32\DWrite.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\d3d10level9.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\dxgi.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d11.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10core.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10_1core.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10_1.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10.dll

2009-11-15 22:25:01 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2009-11-15 22:25:01 ----A---- C:\Windows\system32\wpdbusenum.dll

2009-11-15 22:25:01 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2009-11-15 22:24:48 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\wpdshext.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\wpd_ci.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\WPDSp.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-11-15 22:22:53 ----A---- C:\Windows\system32\oleaccrc.dll

2009-11-15 22:22:52 ----A---- C:\Windows\system32\oleacc.dll

2009-11-15 22:22:51 ----A---- C:\Windows\system32\UIAutomationCore.dll

2009-11-15 22:22:18 ----D---- C:\Users\Maximus\AppData\Roaming\Intel

2009-11-15 22:22:18 ----D---- C:\ProgramData\Roaming

2009-11-15 22:21:21 ----D---- C:\Program Files\Cisco

2009-11-15 22:21:13 ----D---- C:\Program Files\Common Files\Intel

2009-11-15 22:21:10 ----D---- C:\ProgramData\Intel

2009-11-13 13:59:34 ----A---- C:\Windows\system32\GEARAspi.dll

2009-11-13 13:58:20 ----D---- C:\Program Files\iPod

2009-11-13 13:58:17 ----D---- C:\Program Files\iTunes

2009-11-13 13:32:16 ----D---- C:\Program Files\QuickTime

======List of files/folders modified in the last 3 months======

2010-02-11 16:41:49 ----D---- C:\Windows\Prefetch

2010-02-11 16:41:48 ----D---- C:\Windows\Temp

2010-02-11 16:41:24 ----D---- C:\Users\Maximus\AppData\Roaming\LimeWire

2010-02-11 16:01:46 ----D---- C:\Program Files\Diablo II

2010-02-10 07:20:19 ----D---- C:\Windows\winsxs

2010-02-10 07:09:57 ----D---- C:\Windows\system32\catroot

2010-02-10 07:09:54 ----D---- C:\Windows

2010-02-10 07:08:03 ----D---- C:\Windows\System32

2010-02-10 03:29:04 ----D---- C:\Windows\system32\drivers

2010-02-10 03:29:02 ----D---- C:\Program Files\Windows Mail

2010-02-10 03:15:23 ----SHD---- C:\System Volume Information

2010-02-09 22:38:50 ----D---- C:\Windows\system32\catroot2

2010-02-09 21:07:13 ----SHD---- C:\Windows\Installer

2010-02-09 21:07:06 ----SD---- C:\Users\Maximus\AppData\Roaming\Microsoft

2010-02-09 21:06:58 ----RD---- C:\Program Files

2010-02-09 16:43:16 ----HD---- C:\ProgramData

2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe

2010-01-31 15:44:17 ----D---- C:\Program Files\Common Files

2010-01-29 20:46:37 ----A---- C:\Users\Maximus\AppData\Roaming\RSBot Accounts.ini

2010-01-27 03:01:06 ----D---- C:\Program Files\Internet Explorer

2010-01-26 19:40:32 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-01-26 19:40:31 ----D---- C:\Windows\inf

2010-01-22 17:04:01 ----D---- C:\Windows\DigitalLocker

2010-01-22 03:16:35 ----D---- C:\Windows\system32\migration

2010-01-20 12:50:52 ----D---- C:\Program Files\Microsoft Silverlight

2010-01-13 21:15:41 ----D---- C:\Windows\Minidump

2010-01-13 20:59:13 ----D---- C:\Windows\Debug

2010-01-07 15:58:32 ----D---- C:\ProgramData\Adobe

2010-01-07 15:58:25 ----SD---- C:\Windows\Downloaded Program Files

2010-01-04 20:47:40 ----D---- C:\Program Files\Common Files\Adobe

2010-01-04 20:47:07 ----D---- C:\Program Files\Adobe

2009-12-14 16:01:06 ----D---- C:\Windows\Panther

2009-12-11 09:03:06 ----D---- C:\Windows\rescache

2009-12-11 08:45:37 ----D---- C:\Windows\system32\nl-NL

2009-12-10 22:23:04 ----D---- C:\ProgramData\Microsoft Help

2009-12-05 12:24:56 ----D---- C:\Program Files\McAfee

2009-11-24 11:58:23 ----D---- C:\Program Files\GamersFirst

2009-11-23 23:58:15 ----D---- C:\Windows\system32\config

2009-11-23 23:58:08 ----D---- C:\Windows\Tasks

2009-11-23 23:58:08 ----D---- C:\Windows\system32\spool

2009-11-23 23:58:08 ----D---- C:\Windows\system32\Msdtc

2009-11-23 23:58:07 ----D---- C:\Windows\system32\wbem

2009-11-23 23:58:07 ----D---- C:\Windows\registration

2009-11-16 16:16:17 ----D---- C:\Windows\system32\Tasks

2009-11-15 22:38:49 ----D---- C:\Windows\system32\pt-BR

2009-11-15 22:38:49 ----D---- C:\Windows\system32\bg-BG

2009-11-15 22:38:48 ----D---- C:\Windows\system32\zh-HK

2009-11-15 22:38:48 ----D---- C:\Windows\system32\uk-UA

2009-11-15 22:38:48 ----D---- C:\Windows\system32\sl-SI

2009-11-15 22:38:48 ----D---- C:\Windows\system32\pt-PT

2009-11-15 22:38:48 ----D---- C:\Windows\system32\pl-PL

2009-11-15 22:38:48 ----D---- C:\Windows\system32\ko-KR

2009-11-15 22:38:48 ----D---- C:\Windows\system32\it-IT

2009-11-15 22:38:48 ----D---- C:\Windows\system32\hu-HU

2009-11-15 22:38:48 ----D---- C:\Windows\system32\hr-HR

2009-11-15 22:38:48 ----D---- C:\Windows\system32\he-IL

2009-11-15 22:38:48 ----D---- C:\Windows\system32\fr-FR

2009-11-15 22:38:48 ----D---- C:\Windows\system32\el-GR

2009-11-15 22:38:47 ----D---- C:\Windows\system32\zh-TW

2009-11-15 22:38:47 ----D---- C:\Windows\system32\tr-TR

2009-11-15 22:38:47 ----D---- C:\Windows\system32\th-TH

2009-11-15 22:38:47 ----D---- C:\Windows\system32\sv-SE

2009-11-15 22:38:47 ----D---- C:\Windows\system32\sr-Latn-CS

2009-11-15 22:38:47 ----D---- C:\Windows\system32\sk-SK

2009-11-15 22:38:47 ----D---- C:\Windows\system32\lv-LV

2009-11-15 22:38:47 ----D---- C:\Windows\system32\lt-LT

2009-11-15 22:38:47 ----D---- C:\Windows\system32\fi-FI

2009-11-15 22:38:47 ----D---- C:\Windows\system32\et-EE

2009-11-15 22:38:47 ----D---- C:\Windows\system32\es-ES

2009-11-15 22:38:47 ----D---- C:\Windows\system32\de-DE

2009-11-15 22:38:46 ----D---- C:\Windows\system32\zh-CN

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ru-RU

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ro-RO

2009-11-15 22:38:46 ----D---- C:\Windows\system32\nb-NO

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ja-JP

2009-11-15 22:38:46 ----D---- C:\Windows\system32\en-US

2009-11-15 22:38:46 ----D---- C:\Windows\system32\da-DK

2009-11-15 22:38:46 ----D---- C:\Windows\system32\cs-CZ

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ar-SA

2009-11-15 22:21:10 ----D---- C:\Program Files\Intel

2009-11-15 22:20:45 ----D---- C:\Program Files\Common Files\microsoft shared

2009-11-13 13:59:34 ----DC---- C:\Windows\system32\DRVSTORE

2009-11-13 13:58:19 ----D---- C:\Program Files\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 214664]

R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]

R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]

R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 8704]

R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-12-11 163376]

R3 Cam5607;Acer Crystal Eye webcam; C:\Windows\System32\Drivers\BisonC07.sys [2007-07-27 974248]

R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-26 984064]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-26 208384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]

R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]

R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-09-16 35272]

R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-16 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-15 8234176]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-26 660480]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Stuurprogramma voor Intel® PRO/Wireless 3945ABG-adapter voor de 32 bitsversie van Windows Vista; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-12-29 2252800]

S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-05 497712]

R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]

R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]

R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]

R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-07-09 865832]

R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]

R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]

R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]

R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]

R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]

R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-04 266343]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-01-30 386560]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]

R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-23 182768]

S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.06 2010-02-11 16:41:52

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{31403E22-2FDB-452F-AE9E-20854633226D}\SetXX.exe" -uninst

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall

Acer Arcade Deluxe-->C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\Setup.exe -uninstall

Acer Crystal Eye webcam-->C:\Program Files\InstallShield Installation Information\{DD1DED37-2486-4F56-8F89-56AA814003F5}\setup.exe -runfromtemp -l0x0009 -removeonly

Acer Crystal Eye-->C:\Program Files\InstallShield Installation Information\{4BB1DCED-84D3-47F9-B718-5947E904593E}\setup.exe -runfromtemp -l0x0009 -removeonly

Acer eAudio Management-->"C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe" -uninstall

Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL

Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x13 -removeonly

Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x13 -removeonly

Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x13 -removeonly

Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x13 -removeonly

Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer GameZone Console 2.0.1.1-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"

Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI

Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x13 -removeonly

Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A92000000001}

Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE

Apple Application Support-->MsiExec.exe /I{B607C354-CD79-4D22-86D1-92DC94153F42}

Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}

Call of Duty® - World at War 1.2 Patch-->C:\Program Files\InstallShield Installation Information\{2BF0AE92-C3BC-4112-9066-1546342B1FAE}\setup.exe -runfromtemp -l0x0409

Call of Duty® - World at War 1.3 Patch-->C:\Program Files\InstallShield Installation Information\{149464D9-B06F-4505-9968-FD1206F67AD3}\setup.exe -runfromtemp -l0x0409

Call of Duty® - World at War 1.4 Patch-->C:\Program Files\InstallShield Installation Information\{9F01A67B-7D67-482F-9D4F-D5980A440FD4}\setup.exe -runfromtemp -l0x0409

Call of Duty® - World at War 1.5 Patch-->C:\Program Files\InstallShield Installation Information\{C3DC2DF5-EFAC-4055-9010-31F7C545DD9E}\setup.exe -runfromtemp -l0x0409

Diablo II-->C:\Windows\DIIUnin.exe C:\Windows\DIIUnin.dat

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\UIU32m.exe -U -IAcrZUn32z.inf

HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall

HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Intel PROSet Wireless-->Intel PROSet Wireless

Intel® Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe

iTunes-->MsiExec.exe /I{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}

Java 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}

Java 6 Update 2-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}

Java 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}

Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI

LimeWire 5.4.6-->"C:\Program Files\LimeWire\uninstall.exe"

LimewirePlus Toolbar-->C:\PROGRA~1\LIMEWI~2\UNWISE.EXE C:\PROGRA~1\LIMEWI~2\INSTALL.LOG

McAfee Security Scan-->"C:\Program Files\McAfee Security Scan\uninstall.exe"

McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe

Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}

Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

Microsoft Works-->MsiExec.exe /I{A2A0A82F-025F-458D-A0CD-9BB2320804B5}

MSM32Installer-->MsiExec.exe /I{55A75679-02D1-4C8C-85CA-B4E4DF4D775F}

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Music Creator 4-->"C:\Program Files\Cakewalk\Music Creator 4\unins000.exe"

NTI Backup NOW! 4.7-->C:\Program Files\InstallShield Installation Information\{1598034D-7147-432C-8CA8-888E0632D124}\setup.exe -runfromtemp -l0x0413

NTI CD & DVD-Maker-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2} /l1043 CDM7

NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI

OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}

OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}

Orion-->MsiExec.exe /X{0BF78E88-A7C9-4406-89CF-0BA473BA7821}

PowerProducer-->"C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\Setup.exe" -uninstall

QPang -->C:\Program Files\RealFogs\QPang\uninst.exe

QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB973704)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E626DC89-A787-4553-9BB3-DC2EC7E1593F}

Security Update for Microsoft Office Excel 2007 (KB973593)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7D6255E3-3423-4D8B-A328-F6F8D28DD5FE}

Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}

Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}

Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}

Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}

Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG

Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}

Windows Live Family Safety-->MsiExec.exe /X{3CB5AB8B-BD97-4ACC-90B8-5858EDCDCCD3}

Windows Live ID Sign-in Assistant-->MsiExec.exe /X{10A44844-4465-456E-8C97-80BDD4F68845}

Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}

Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646}

Windows Live Photo Gallery-->MsiExec.exe /X{DE9DF561-0332-42A5-AF28-4AF028B7029D}

Windows Live Sync-->MsiExec.exe /X{120831D2-E9AD-4383-AC40-01FE658E11D6}

Windows Live Toolbar-->MsiExec.exe /X{E51109E7-3818-4BC2-B3FD-A59AC2378A2B}

Windows Live Writer-->MsiExec.exe /X{C8114985-F9C5-4A4A-885D-C6BA4AE8F231}

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: PC_van_Maximus

Event Code: 4201

Message: Het systeem heeft ontdekt dat netwerkadapter Loopback Pseudo-Interface 1 met het netwerk is verbonden. De normale werking is begonnen.

Record Number: 180489

Source Name: Tcpip

Time Written: 20090930182949.130628-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 4201

Message: Het systeem heeft ontdekt dat netwerkadapter Loopback Pseudo-Interface 1 met het netwerk is verbonden. De normale werking is begonnen.

Record Number: 180488

Source Name: Tcpip

Time Written: 20090930182949.130628-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 4

Message: Broadcom NetLink Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Record Number: 180487

Source Name: b57nd60x

Time Written: 20090930182947.804619-000

Event Type: Waarschuwing

User:

Computer Name: PC_van_Maximus

Event Code: 7036

Message: De \Device\NDMP9-service heeft nu de status \DEVICE\{6DB5D219-E033-434F-9141-16628F6B74D1}.

Record Number: 180486

Source Name: NETw4v32

Time Written: 20090930182944.341397-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 15

Message: Broadcom NetLink Gigabit Ethernet: Driver initialized successfully.

Record Number: 180485

Source Name: b57nd60x

Time Written: 20090930182944.310197-000

Event Type: Informatie

User:

=====Application event log=====

Computer Name: PC_van_Maximus

Event Code: 0

Message:

Record Number: 17561

Source Name: gusvc

Time Written: 20090211164703.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 1

Message: De Windows Security Center-service is gestart.

Record Number: 17560

Source Name: SecurityCenter

Time Written: 20090211164550.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 102

Message: msnmsgr (588) \\.\C:\Users\Maximus\AppData\Local\Microsoft\Messenger\jappie_max@hotmail.com\SharingMetadata\Working\database_EAEC_1FF5_EC1F_BB31\dfsr.db: De database-engine (6.00.6001.0000) heeft een nieuwe sessie (0) gestart.

Record Number: 17559

Source Name: ESENT

Time Written: 20090211164451.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 12001

Message:

Record Number: 17558

Source Name: usnjsvc

Time Written: 20090211164450.000000-000

Event Type: Informatie

User:

Computer Name: PC_van_Maximus

Event Code: 7500

Message: Intel RAID Controller: Unknown Controller

Number of Serial ATA ports: 3

RAID Option ROM Version: Unknown

Driver Version: 7.6.0.1011

RAID Plug-In Version: 7.6.0.1011

Language Resource Version of the RAID Plug-In: File not found

Create Volume Wizard Version: 7.6.0.1011

Language Resource Version of the Create Volume Wizard: File not found

Create Volume from Existing Hard Drive Wizard Version: 7.6.0.1011

Language Resource Version of the Create Volume from Existing Hard Drive Wizard: File not found

Modify Volume Wizard Version: 7.6.0.1011

Language Resource Version of the Modify Volume Wizard: File not found

Delete Volume Wizard Version: 7.6.0.1011

Language Resource Version of the Delete Volume Wizard: File not found

ISDI Library Version: 7.6.0.1011

Event Monitor User Notification Tool Version: 7.6.0.1011

Language Resource Version of the Event Monitor User Notification Tool: File not found

Event Monitor Version: 7.6.0.1011

Hard Drive 0

Usage: Unknown hard drive usage

Status: Normal

Device Port: 0

Device Port Location: Internal

Current Serial ATA Transfer Mode: Generation 1

Model: Hitachi HTS542525K9SA00

Serial Number: 080407BB2F00WDJ2V81A

Firmware: BBFOC31P

Native Command Queuing Support: Yes

System Hard Drive: Yes

Size: 232.8 GB

Physical Sector Size: 512 Bytes

Logical Sector Size: 512 Bytes

Unused Port 0

Device Port: 1

Device Port Location: Internal

Unused Port 1

Device Port: 2

Device Port Location: Internal

Record Number: 17557

Source Name: IAANTmon

Time Written: 20090211164351.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: PC_van_Maximus

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_MAXIMUS$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x2c0

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 24668

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090321123434.015725-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Maximus

Event Code: 4648

Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_MAXIMUS$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:

Naam van doelserver: localhost

Aanvullende gegevens: localhost

Procesgegevens:

Proces-id: 0x2c0

Procesnaam: C:\Windows\System32\services.exe

Netwerkgegevens:

Netwerkadres: -

Poort: -

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

Record Number: 24667

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090321123434.015725-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Maximus

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-20

Accountnaam: NETWORK SERVICE

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e4

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeAuditPrivilege

SeImpersonatePrivilege

Record Number: 24666

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090321123433.953324-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Maximus

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: PC_VAN_MAXIMUS$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-20

Accountnaam: NETWORK SERVICE

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e4

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x2c0

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 24665

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090321123433.953324-000

Event Type: Controle geslaagd

User:

Computer Name: PC_van_Maximus

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 24664

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20090321123433.672522-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Acer\Empowering Technology\eDataSecurity\;C:\Acer\Empowering Technology\eDataSecurity\x86;C:\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Intel\WiFi\bin\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel

"PROCESSOR_REVISION"=0f0d

"NUMBER_OF_PROCESSORS"=2

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------

[kape]

Start Hijackthis op. Ben je gebruiker van Vista kies dan voor “Run as administrator" of "Uitvoeren als administrator". Selecteer “Do a system scan only”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1151601.exe -Update -1151601 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; OfficeLiveConnector.1.4; OfficeLivePatch.1.3)" -"Harvey Wallbanger - Spele.nl - De leukste spelletjes site van Nederland!"

O20 - AppInit_DLLs: C:\Windows\System32\cdd32.dll

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computeropnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

[maxjuhh3]

Malwarebytes' Anti-Malware 1.44

Database versie: 3725

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18882

11-2-2010 18:22:39

mbam-log-2010-02-11 (18-22-39).txt

Scan type: Snelle Scan

Objecten gescand: 104379

Verstreken tijd: 8 minute(s), 26 second(s)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 0

Registerwaarden geïnfecteerd: 0

Registerdata bestanden geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:

(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:

(Geen kwaadaardige items gevonden)

Logfile of random's system information tool 1.06 (written by random/random)

Run by Maximus at 2010-02-11 18:26:37

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 46 GB (41%) free of 113 GB

Total RAM: 3069 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:26:40, on 11-2-2010

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18882)

Boot mode: Normal

Running processes:

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\RtHDVCpl.exe

C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe

C:\Windows\System32\rundll32.exe

C:\Windows\BR040286.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Acer\Empowering Technology\eAudio\eAudio.exe

C:\Program Files\Launch Manager\LManager.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Apoint2K\ApMsgFwd.exe

C:\Users\Maximus\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Windows\ehome\ehmsas.exe

C:\Users\Maximus\Program Files\DNA\btdna.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE

C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE

C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Toolbar\wltuser.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Maximus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AYP6YUFX\RSIT[1].exe

C:\Program Files\trend micro\Maximus.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo! UK & Ireland

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo! UK & Ireland

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O1 - Hosts: ::1 localhost

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll

O2 - BHO: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: LimewirePlus Toolbar - {47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - C:\Program Files\LimewirePlus\tbLim1.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [bisonInst0402] C:\Windows\BR040286.exe

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Users\Maximus\Program Files\DNA\btdna.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Empowering Technology Launcher.lnk = ?

O4 - Global Startup: McAfee Security Scan.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O13 - Gopher Prefix:

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O20 - AppInit_DLLs: C:\Windows\System32\cdd32.dll

O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 13127 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job

C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]

McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2009-07-08 246800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02}]

LimewirePlus Toolbar - C:\Program Files\LimewirePlus\tbLim1.dll [2009-07-02 2094616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]

scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-09-16 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

ShowBarObj Class - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-01-03 312368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Aanmeldhulp voor Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-11 764912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]

McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]

Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-08-27 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-05 142896]

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

{47e161a0-f4ba-41dd-a17b-d2eb26ad6a02} - LimewirePlus Toolbar - C:\Program Files\LimewirePlus\tbLim1.dll [2009-07-02 2094616]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-08-27 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-03 4702208]

"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-03-05 525360]

"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-15 86016]

"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-15 8534560]

"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-15 81920]

"BisonInst0402"=C:\Windows\BR040286.exe [2007-05-08 53248]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]

"eAudio"=C:\Acer\Empowering Technology\eAudio\eAudio.exe [2007-10-10 1286144]

"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-01-04 768520]

"PlayMovie"=C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe [2008-01-22 200704]

"WarReg_PopUp"=C:\Program Files\Acer\WR_PopUp\WarReg_PopUp.exe [2008-01-29 303104]

"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2007-07-21 159744]

"eRecoveryService"= []

"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]

"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808]

"Skytel"=C:\Windows\Skytel.exe [2007-08-03 1826816]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-10-28 141600]

"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2010-01-07 1394000]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2010-01-07 429392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-02-09 39408]

"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-07-26 3883856]

"BitTorrent DNA"=C:\Users\Maximus\Program Files\DNA\btdna.exe [2009-11-25 323392]

"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

McAfee Security Scan.lnk - C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Users\Maximus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

LimeWire On Startup.lnk - C:\Program Files\LimeWire\LimeWire.exe

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLS"="C:\Windows\System32\cdd32.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2010-02-11 18:08:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-02-11 16:41:43 ----D---- C:\rsit

2010-02-09 22:40:26 ----A---- C:\Windows\system32\ntkrnlpa.exe

2010-02-09 22:40:25 ----A---- C:\Windows\system32\ntoskrnl.exe

2010-02-09 22:39:41 ----A---- C:\Windows\system32\quartz.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\tsbyuv.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\msyuv.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\msvidc32.dll

2010-02-09 22:39:40 ----A---- C:\Windows\system32\msrle32.dll

2010-02-09 22:39:39 ----A---- C:\Windows\system32\msvfw32.dll

2010-02-09 22:39:39 ----A---- C:\Windows\system32\mciavi32.dll

2010-02-09 22:39:39 ----A---- C:\Windows\system32\iyuv_32.dll

2010-02-09 22:39:38 ----A---- C:\Windows\system32\avifil32.dll

2010-02-09 21:06:58 ----D---- C:\Program Files\TrendMicro

2010-02-07 19:29:53 ----D---- C:\Program Files\RealFogs

2010-01-31 15:45:13 ----D---- C:\Users\Maximus\AppData\Roaming\AVS4YOU

2010-01-31 15:45:12 ----D---- C:\ProgramData\AVS4YOU

2010-01-31 15:44:17 ----D---- C:\Program Files\Common Files\AVSMedia

2010-01-31 15:44:13 ----D---- C:\Program Files\AVS4YOU

2010-01-31 15:44:13 ----A---- C:\Windows\system32\msxml3a.dll

2010-01-31 15:44:13 ----A---- C:\Windows\system32\mfc70.dll

2010-01-31 12:02:19 ----D---- C:\Program Files\LimeWire

2010-01-21 23:38:53 ----A---- C:\Windows\system32\mshtml.dll

2010-01-21 23:38:53 ----A---- C:\Windows\system32\ieframe.dll

2010-01-21 23:38:51 ----A---- C:\Windows\system32\urlmon.dll

2010-01-21 23:38:51 ----A---- C:\Windows\system32\iertutil.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\wininet.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\occache.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\msfeeds.dll

2010-01-21 23:38:50 ----A---- C:\Windows\system32\iedkcs32.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\msfeedssync.exe

2010-01-21 23:38:49 ----A---- C:\Windows\system32\msfeedsbs.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\jsproxy.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\ieUnatt.exe

2010-01-21 23:38:49 ----A---- C:\Windows\system32\ieui.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iesysprep.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iesetup.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iernonce.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\iepeers.dll

2010-01-21 23:38:49 ----A---- C:\Windows\system32\ie4uinit.exe

2010-01-13 11:49:07 ----A---- C:\Windows\system32\t2embed.dll

2010-01-13 11:49:07 ----A---- C:\Windows\system32\fontsub.dll

2009-12-14 15:46:47 ----D---- C:\Users\Maximus\AppData\Roaming\Malwarebytes

2009-12-14 15:46:41 ----D---- C:\ProgramData\Malwarebytes

2009-12-13 22:43:50 ----D---- C:\Program Files\Trend Micro

2009-12-13 17:04:18 ----A---- C:\Windows\_MSRSTRT.EXE

2009-12-13 16:59:19 ----D---- C:\Program Files\AlienGUIse

2009-12-13 16:59:19 ----A---- C:\Windows\system32\wbsys.dll

2009-12-12 18:54:09 ----A---- C:\Windows\system32\nshhttp.dll

2009-12-12 18:54:03 ----A---- C:\Windows\system32\httpapi.dll

2009-12-10 09:21:09 ----A---- C:\Windows\system32\winhttp.dll

2009-12-10 09:20:19 ----A---- C:\Windows\system32\rastls.dll

2009-11-26 03:02:36 ----A---- C:\Windows\system32\tzres.dll

2009-11-25 06:38:27 ----A---- C:\Windows\system32\msxml6.dll

2009-11-25 06:38:26 ----A---- C:\Windows\system32\msxml3.dll

2009-11-24 11:54:02 ----A---- C:\Windows\system32\d3dx10_35.dll

2009-11-24 11:54:02 ----A---- C:\Windows\system32\D3DCompiler_35.dll

2009-11-24 11:54:01 ----A---- C:\Windows\system32\d3dx9_35.dll

2009-11-24 11:54:00 ----A---- C:\Windows\system32\xinput1_3.dll

2009-11-23 15:54:43 ----D---- C:\Users\Maximus\AppData\Roaming\DNA

2009-11-23 15:54:43 ----D---- C:\Program Files\DNA

2009-11-22 17:44:27 ----D---- C:\Users\Maximus\AppData\Roaming\Babylon

2009-11-22 17:44:27 ----D---- C:\ProgramData\Babylon

2009-11-15 22:38:53 ----D---- C:\Program Files\Windows Portable Devices

2009-11-15 22:26:28 ----A---- C:\Windows\system32\UIAnimation.dll

2009-11-15 22:26:25 ----A---- C:\Windows\system32\UIRibbonRes.dll

2009-11-15 22:26:25 ----A---- C:\Windows\system32\UIRibbon.dll

2009-11-15 22:25:44 ----A---- C:\Windows\system32\WMPhoto.dll

2009-11-15 22:25:41 ----A---- C:\Windows\system32\cdd.dll

2009-11-15 22:25:38 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll

2009-11-15 22:25:38 ----A---- C:\Windows\system32\d3d10warp.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\XpsRasterService.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\XpsGdiConverter.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\WindowsCodecs.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\dxdiagn.dll

2009-11-15 22:25:37 ----A---- C:\Windows\system32\d2d1.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\xpsservices.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\XpsPrint.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe

2009-11-15 22:25:36 ----A---- C:\Windows\system32\OpcServices.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\FntCache.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\dxdiag.exe

2009-11-15 22:25:36 ----A---- C:\Windows\system32\DWrite.dll

2009-11-15 22:25:36 ----A---- C:\Windows\system32\d3d10level9.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\dxgi.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d11.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10core.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10_1core.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10_1.dll

2009-11-15 22:25:35 ----A---- C:\Windows\system32\d3d10.dll

2009-11-15 22:25:01 ----A---- C:\Windows\system32\WPDShextAutoplay.exe

2009-11-15 22:25:01 ----A---- C:\Windows\system32\wpdbusenum.dll

2009-11-15 22:25:01 ----A---- C:\Windows\system32\BthMtpContextHandler.dll

2009-11-15 22:24:48 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\WPDShServiceObj.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\wpdshext.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\wpd_ci.dll

2009-11-15 22:24:37 ----A---- C:\Windows\system32\PortableDeviceTypes.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\WPDSp.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll

2009-11-15 22:24:36 ----A---- C:\Windows\system32\PortableDeviceApi.dll

2009-11-15 22:22:53 ----A---- C:\Windows\system32\oleaccrc.dll

2009-11-15 22:22:52 ----A---- C:\Windows\system32\oleacc.dll

2009-11-15 22:22:51 ----A---- C:\Windows\system32\UIAutomationCore.dll

2009-11-15 22:22:18 ----D---- C:\Users\Maximus\AppData\Roaming\Intel

2009-11-15 22:22:18 ----D---- C:\ProgramData\Roaming

2009-11-15 22:21:21 ----D---- C:\Program Files\Cisco

2009-11-15 22:21:13 ----D---- C:\Program Files\Common Files\Intel

2009-11-15 22:21:10 ----D---- C:\ProgramData\Intel

2009-11-13 13:59:34 ----A---- C:\Windows\system32\GEARAspi.dll

2009-11-13 13:58:20 ----D---- C:\Program Files\iPod

2009-11-13 13:58:17 ----D---- C:\Program Files\iTunes

2009-11-13 13:32:16 ----D---- C:\Program Files\QuickTime

======List of files/folders modified in the last 3 months======

2010-02-11 18:26:38 ----D---- C:\Windows\Temp

2010-02-11 18:26:32 ----D---- C:\Windows\Prefetch

2010-02-11 18:26:29 ----D---- C:\Users\Maximus\AppData\Roaming\LimeWire

2010-02-11 18:08:32 ----D---- C:\Windows\system32\drivers

2010-02-11 18:08:30 ----RD---- C:\Program Files

2010-02-11 17:58:54 ----D---- C:\Program Files\Diablo II

2010-02-11 16:55:11 ----D---- C:\Windows\System32

2010-02-11 16:52:22 ----HD---- C:\ProgramData

2010-02-10 07:20:19 ----D---- C:\Windows\winsxs

2010-02-10 07:09:57 ----D---- C:\Windows\system32\catroot

2010-02-10 07:09:54 ----D---- C:\Windows

2010-02-10 03:29:02 ----D---- C:\Program Files\Windows Mail

2010-02-10 03:15:23 ----SHD---- C:\System Volume Information

2010-02-09 22:38:50 ----D---- C:\Windows\system32\catroot2

2010-02-09 21:07:13 ----SHD---- C:\Windows\Installer

2010-02-09 21:07:06 ----SD---- C:\Users\Maximus\AppData\Roaming\Microsoft

2010-02-01 20:26:20 ----A---- C:\Windows\system32\mrt.exe

2010-01-31 15:44:17 ----D---- C:\Program Files\Common Files

2010-01-29 20:46:37 ----A---- C:\Users\Maximus\AppData\Roaming\RSBot Accounts.ini

2010-01-27 03:01:06 ----D---- C:\Program Files\Internet Explorer

2010-01-26 19:40:32 ----A---- C:\Windows\system32\PerfStringBackup.INI

2010-01-26 19:40:31 ----D---- C:\Windows\inf

2010-01-22 17:04:01 ----D---- C:\Windows\DigitalLocker

2010-01-22 03:16:35 ----D---- C:\Windows\system32\migration

2010-01-20 12:50:52 ----D---- C:\Program Files\Microsoft Silverlight

2010-01-13 21:15:41 ----D---- C:\Windows\Minidump

2010-01-13 20:59:13 ----D---- C:\Windows\Debug

2010-01-07 15:58:32 ----D---- C:\ProgramData\Adobe

2010-01-07 15:58:25 ----SD---- C:\Windows\Downloaded Program Files

2010-01-04 20:47:40 ----D---- C:\Program Files\Common Files\Adobe

2010-01-04 20:47:07 ----D---- C:\Program Files\Adobe

2009-12-14 16:01:06 ----D---- C:\Windows\Panther

2009-12-11 09:03:06 ----D---- C:\Windows\rescache

2009-12-11 08:45:37 ----D---- C:\Windows\system32\nl-NL

2009-12-10 22:23:04 ----D---- C:\ProgramData\Microsoft Help

2009-12-05 12:24:56 ----D---- C:\Program Files\McAfee

2009-11-24 11:58:23 ----D---- C:\Program Files\GamersFirst

2009-11-23 23:58:15 ----D---- C:\Windows\system32\config

2009-11-23 23:58:08 ----D---- C:\Windows\Tasks

2009-11-23 23:58:08 ----D---- C:\Windows\system32\spool

2009-11-23 23:58:08 ----D---- C:\Windows\system32\Msdtc

2009-11-23 23:58:07 ----D---- C:\Windows\system32\wbem

2009-11-23 23:58:07 ----D---- C:\Windows\registration

2009-11-16 16:16:17 ----D---- C:\Windows\system32\Tasks

2009-11-15 22:38:49 ----D---- C:\Windows\system32\pt-BR

2009-11-15 22:38:49 ----D---- C:\Windows\system32\bg-BG

2009-11-15 22:38:48 ----D---- C:\Windows\system32\zh-HK

2009-11-15 22:38:48 ----D---- C:\Windows\system32\uk-UA

2009-11-15 22:38:48 ----D---- C:\Windows\system32\sl-SI

2009-11-15 22:38:48 ----D---- C:\Windows\system32\pt-PT

2009-11-15 22:38:48 ----D---- C:\Windows\system32\pl-PL

2009-11-15 22:38:48 ----D---- C:\Windows\system32\ko-KR

2009-11-15 22:38:48 ----D---- C:\Windows\system32\it-IT

2009-11-15 22:38:48 ----D---- C:\Windows\system32\hu-HU

2009-11-15 22:38:48 ----D---- C:\Windows\system32\hr-HR

2009-11-15 22:38:48 ----D---- C:\Windows\system32\he-IL

2009-11-15 22:38:48 ----D---- C:\Windows\system32\fr-FR

2009-11-15 22:38:48 ----D---- C:\Windows\system32\el-GR

2009-11-15 22:38:47 ----D---- C:\Windows\system32\zh-TW

2009-11-15 22:38:47 ----D---- C:\Windows\system32\tr-TR

2009-11-15 22:38:47 ----D---- C:\Windows\system32\th-TH

2009-11-15 22:38:47 ----D---- C:\Windows\system32\sv-SE

2009-11-15 22:38:47 ----D---- C:\Windows\system32\sr-Latn-CS

2009-11-15 22:38:47 ----D---- C:\Windows\system32\sk-SK

2009-11-15 22:38:47 ----D---- C:\Windows\system32\lv-LV

2009-11-15 22:38:47 ----D---- C:\Windows\system32\lt-LT

2009-11-15 22:38:47 ----D---- C:\Windows\system32\fi-FI

2009-11-15 22:38:47 ----D---- C:\Windows\system32\et-EE

2009-11-15 22:38:47 ----D---- C:\Windows\system32\es-ES

2009-11-15 22:38:47 ----D---- C:\Windows\system32\de-DE

2009-11-15 22:38:46 ----D---- C:\Windows\system32\zh-CN

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ru-RU

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ro-RO

2009-11-15 22:38:46 ----D---- C:\Windows\system32\nb-NO

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ja-JP

2009-11-15 22:38:46 ----D---- C:\Windows\system32\en-US

2009-11-15 22:38:46 ----D---- C:\Windows\system32\da-DK

2009-11-15 22:38:46 ----D---- C:\Windows\system32\cs-CZ

2009-11-15 22:38:46 ----D---- C:\Windows\system32\ar-SA

2009-11-15 22:21:10 ----D---- C:\Program Files\Intel

2009-11-15 22:20:45 ----D---- C:\Program Files\Common Files\microsoft shared

2009-11-13 13:59:34 ----DC---- C:\Windows\system32\DRVSTORE

2009-11-13 13:58:19 ----D---- C:\Program Files\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-09-16 214664]

R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [2008-01-04 41456]

R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2007-07-03 15392]

R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]

R2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-01-03 16432]

R2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-01-03 59952]

R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568]

R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]

R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]

R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 8704]

R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-12-11 163376]

R3 Cam5607;Acer Crystal Eye webcam; C:\Windows\System32\Drivers\BisonC07.sys [2007-07-27 974248]

R3 CmBatt;Stuurprogramma voor Microsoft ACPI-besturingsmethode-accu; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 32256]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-04-26 984064]

R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-04-26 208384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-05 1953944]

R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-09-16 79816]

R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-09-16 35272]

R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-09-16 40552]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-04-16 6144]

R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-15 8234176]

R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]

R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-04-26 660480]

R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-07-22 180736]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704]

S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-09-16 34248]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NETw3v32;Stuurprogramma voor Intel® PRO/Wireless 3945ABG-adapter voor de 32 bitsversie van Windows Vista; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]

S3 NETw4v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-12-29 2252800]

S3 usbaudio;Stuurprogramma voor USB-audio (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]

R2 eDataSecurity Service;eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-03-05 497712]

R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2007-10-01 24576]

R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-12-20 131072]

R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2007-09-10 57344]

R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-12-19 24576]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]

R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-07-09 865832]

R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]

R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]

R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-09-16 144704]

R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-11-27 110592]

R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]

R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2009-07-08 26640]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]

R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2007-12-04 266343]

R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]

R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-20 167936]

R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-01-30 386560]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]

R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-09-16 606736]

S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-23 182768]

S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-09-16 365072]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------