internet explorer stopt soms of reageert niet

[bartderidder]

hallo! mijn IE stopt soms 10 sec en zegt soms IE reageert niet! kan iemand mijn pls helpen? heb op site van microsoftal wat gevonden en geprobeerd maar raakt niet opgelost?!

thx en grtz bart

[kape]

Download HijackThis

Klik bij "HijackThis Downloads" op "Installer".

Dubbelklik op HijackThis.msi

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

HijackThis zal openen na het installeren.

Klik op "Do a systemscan and save a logfile".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “uitvoeren als administrator". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis.

[bartderidder]

heb scan gedaan en heb log maar kan niet selecteren of kopieren

[kape]

Lukt het niet met de combinatietoetsen of ook niet als je met rechtsklikken in het log voor kopiëren kiest ?

[bartderidder]

geen van de twee lukt. noch combinatietoetsen, noch rechtklikken

[kape]

Iets anders proberen dan :

Download RSIT.

Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.

Klik op Continue in het disclaimer venster.

Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

[bartderidder]

Logfile of random's system information tool 1.08 (written by random/random)

Run by Bart at 2010-08-12 18:40:42

Microsoft Windows 7 Home Premium

System drive C: has 77 GB (64%) free of 119 GB

Total RAM: 3071 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:41:04, on 12/08/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSA.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe

C:\Users\Bart\Desktop\RSIT.exe

C:\Program Files (x86)\trend micro\Bart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSA.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: FancyStart daemon.lnk = ?

O4 - Global Startup: SRS Premium Sound.lnk = ?

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSABHO.dll

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: QuestDns Service - Unknown owner - C:\ProgramData\QuestDns\questdns111.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10608 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100EB1FD-D03E-47fd-81F3-EE91287F9465}]

ShopperReports - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll [2010-07-22 1119744]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Symantec Intrusion Prevention - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-09 6937216]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]

"Setwallpaper"=c:\programdata\SetWallpaper.cmd []

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

"ClickPotatoLiteSA"=C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSA.exe [2010-07-15 739632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe

SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-12 18:40:43 ----D---- C:\Program Files (x86)\trend micro

2010-08-12 18:40:42 ----D---- C:\rsit

2010-08-11 12:40:06 ----A---- C:\Windows\SysWOW64\mshtml.dll

2010-08-11 12:40:05 ----A---- C:\Windows\SysWOW64\ieframe.dll

2010-08-11 12:40:04 ----A---- C:\Windows\SysWOW64\urlmon.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\wininet.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\mstime.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\msfeedssync.exe

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\ieui.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\iepeers.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2010-08-11 12:39:53 ----A---- C:\Windows\SysWOW64\schannel.dll

2010-08-11 12:39:51 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe

2010-08-11 12:39:51 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe

2010-08-11 12:39:50 ----A---- C:\Windows\SysWOW64\rtutils.dll

2010-08-11 12:39:49 ----A---- C:\Windows\SysWOW64\iccvid.dll

2010-08-11 12:39:46 ----A---- C:\Windows\SysWOW64\msxml3.dll

2010-08-09 20:02:12 ----D---- C:\Users\Bart\AppData\Roaming\Tific

2010-08-09 17:24:13 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2010-08-03 10:42:27 ----A---- C:\Windows\SysWOW64\shell32.dll

2010-08-01 19:13:29 ----D---- C:\Program Files (x86)\Xvid

2010-08-01 19:13:29 ----A---- C:\Windows\SysWOW64\xvidvfw.dll

2010-08-01 19:13:29 ----A---- C:\Windows\SysWOW64\xvidcore.dll

2010-08-01 19:13:05 ----D---- C:\ProgramData\QuestDns

2010-08-01 19:13:05 ----D---- C:\Program Files (x86)\QuestDns

2010-08-01 19:12:57 ----D---- C:\Users\Bart\AppData\Roaming\ClickPotatoLite

2010-08-01 19:12:57 ----D---- C:\ProgramData\ClickPotatoLiteSA

2010-08-01 19:12:57 ----D---- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

2010-08-01 19:12:57 ----D---- C:\Program Files (x86)\ClickPotatoLite

2010-08-01 19:12:49 ----D---- C:\Users\Bart\AppData\Roaming\ShopperReports3

2010-08-01 19:12:49 ----D---- C:\Program Files (x86)\ShopperReports3

======List of files/folders modified in the last 1 months======

2010-08-12 18:40:43 ----RD---- C:\Program Files (x86)

2010-08-12 18:40:27 ----D---- C:\Windows\Temp

2010-08-12 18:39:12 ----SHD---- C:\Windows\Installer

2010-08-12 18:39:12 ----SD---- C:\Users\Bart\AppData\Roaming\Microsoft

2010-08-12 18:38:59 ----SHD---- C:\System Volume Information

2010-08-12 08:57:49 ----D---- C:\Windows\Microsoft.NET

2010-08-12 08:57:47 ----RSD---- C:\Windows\assembly

2010-08-12 08:43:50 ----D---- C:\Windows\winsxs

2010-08-12 08:41:05 ----D---- C:\Windows\SysWOW64

2010-08-12 08:41:05 ----D---- C:\Windows\System32

2010-08-12 08:41:01 ----D---- C:\Windows\SysWOW64\migration

2010-08-12 08:41:01 ----D---- C:\Program Files (x86)\Internet Explorer

2010-08-12 00:02:12 ----D---- C:\ProgramData\Microsoft Help

2010-08-11 14:08:57 ----D---- C:\Windows\Prefetch

2010-08-09 20:16:28 ----D---- C:\Program Files (x86)\Microsoft

2010-08-09 20:01:07 ----D---- C:\Windows

2010-08-09 20:00:09 ----D---- C:\Windows\Tasks

2010-08-09 20:00:09 ----D---- C:\Windows\inf

2010-08-09 20:00:09 ----D---- C:\ProgramData\P4G

2010-08-09 20:00:06 ----D---- C:\ProgramData\Norton

2010-08-09 20:00:04 ----D---- C:\Windows\registration

2010-08-09 19:59:28 ----SD---- C:\ProgramData\Microsoft

2010-08-09 19:59:25 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2010-08-09 17:24:21 ----D---- C:\Windows\debug

2010-08-01 19:13:05 ----HD---- C:\ProgramData

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ***laby;***laby; C:\Windows\system32\DRIVERS\***laby.sys []

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1107000.00C\SYMDS64.SYS []

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1107000.00C\SYMEFA64.SYS []

R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100719.001\BHDrvx64.sys [2010-07-20 945200]

R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NAVx64\1107000.00C\ccHPx64.sys []

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-05-27 475696]

R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100809.001\IDSvia64.sys [2010-05-28 463408]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1107000.00C\SRTSPX64.SYS []

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1107000.00C\Ironx64.SYS []

R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAVx64\1107000.00C\SYMTDIV.SYS []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-27 132656]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []

R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100811.040\ENG64.SYS [2010-08-09 117808]

R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100811.040\EX64.SYS [2010-08-09 1791536]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1107000.00C\SRTSP64.SYS []

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []

S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []

S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]

R2 QuestDns Service;QuestDns Service; C:\ProgramData\QuestDns\questdns111.exe [2010-07-30 57608]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.08 2010-08-12 18:41:06

======Uninstall list======

2007 Microsoft Office system-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL

Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}

Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE

Actualização do Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0816-0000-0000000FF1CE} /uninstall {CCDE3C71-5F35-477F-BA90-1A399C91C10C}

Actualização do Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0816-0000-0000000FF1CE} /uninstall {CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}

Actualização do Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0816-0000-0000000FF1CE} /uninstall {A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}

Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe -maintain activex

Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9.3.3 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001}

ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0408-0000-0000000FF1CE} /uninstall {08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}

ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0408-0000-0000000FF1CE} /uninstall {C52A655D-F8AE-485D-908D-62CEC754B6A4}

ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0408-0000-0000000FF1CE} /uninstall {054186C0-F351-472E-84E8-D5E16FA08241}

Alice Greenfingers-->"C:\Program Files (x86)\Asus\Game Park\Alice Greenfingers\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Alice Greenfingers\install.log"

ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}

ASUS AP Bank-->"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"

ASUS CopyProtect-->MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}

ASUS FancyStart-->MsiExec.exe /I{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}

ASUS LifeFrame3-->MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}

ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9

ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9

ASUS SmartLogon-->MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}

ASUS Splendid Video Enhancement Technology-->MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}

ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}

ASUS_Screensaver-->C:\Windows\system32\ASUS_Screensaver.scr /u

ATK Generic Function Service-->C:\Program Files (x86)\InstallShield Installation Information\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}\setup.exe -runfromtemp -l0x0009 -removeonly

ATK Hotkey-->MsiExec.exe /I{7C05592D-424B-46CB-B505-E0013E8E75C9}

ATK Media-->MsiExec.exe /I{D1E5870E-E3E5-4475-98A6-ADD614524ADF}

ATKOSD2-->MsiExec.exe /I{3B05F2FB-745B-4012-ADF2-439F36B2E70B}

Chicken Invaders 2-->"C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Chicken Invaders 2\install.log"

ClickPotato-->"C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteUninstaller.exe" Web

ControlDeck-->MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

CyberLink LabelPrint-->"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall

CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

CyberLink Power2Go-->"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall

Dream Day Wedding Married in Manhattan-->"C:\Program Files (x86)\Asus\Game Park\Dream Day Wedding Married in Manhattan\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Dream Day Wedding Married in Manhattan\install.log"

Express Gate-->MsiExec.exe /X{B5A5627C-0173-4DB2-ADA8-740479370F67}

Game Park Console-->"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"

Island Wars 2-->"C:\Program Files (x86)\Asus\Game Park\Island Wars 2\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Island Wars 2\install.log"

Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0404-0000-0000000FF1CE} /uninstall {E600B433-47CB-4AFC-90BF-2958E8E7EF99}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0408-0000-0000000FF1CE} /uninstall {C913F31D-FF3E-47F6-95E6-7E417D37A76E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-040D-0000-0000000FF1CE} /uninstall {A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0816-0000-0000000FF1CE} /uninstall {C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0C0A-0000-0000000FF1CE} /uninstall {91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0404-0000-0000000FF1CE} /uninstall {E600B433-47CB-4AFC-90BF-2958E8E7EF99}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0408-0000-0000000FF1CE} /uninstall {C913F31D-FF3E-47F6-95E6-7E417D37A76E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-040D-0000-0000000FF1CE} /uninstall {A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0816-0000-0000000FF1CE} /uninstall {C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0C0A-0000-0000000FF1CE} /uninstall {91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0404-0000-0000000FF1CE} /uninstall {E600B433-47CB-4AFC-90BF-2958E8E7EF99}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0408-0000-0000000FF1CE} /uninstall {C913F31D-FF3E-47F6-95E6-7E417D37A76E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-040D-0000-0000000FF1CE} /uninstall {A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0816-0000-0000000FF1CE} /uninstall {C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0C0A-0000-0000000FF1CE} /uninstall {91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0404-0000-0000000FF1CE} /uninstall {E600B433-47CB-4AFC-90BF-2958E8E7EF99}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0408-0000-0000000FF1CE} /uninstall {C913F31D-FF3E-47F6-95E6-7E417D37A76E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-040D-0000-0000000FF1CE} /uninstall {A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0816-0000-0000000FF1CE} /uninstall {C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0C0A-0000-0000000FF1CE} /uninstall {91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0404-0000-0000000FF1CE} /uninstall {E600B433-47CB-4AFC-90BF-2958E8E7EF99}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0408-0000-0000000FF1CE} /uninstall {C913F31D-FF3E-47F6-95E6-7E417D37A76E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-040D-0000-0000000FF1CE} /uninstall {A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0816-0000-0000000FF1CE} /uninstall {C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0C0A-0000-0000000FF1CE} /uninstall {91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0404-0000-0000000FF1CE} /uninstall {E600B433-47CB-4AFC-90BF-2958E8E7EF99}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {9BD40163-B95D-4B07-8991-0AB775B6D88B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0408-0000-0000000FF1CE} /uninstall {C913F31D-FF3E-47F6-95E6-7E417D37A76E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-040D-0000-0000000FF1CE} /uninstall {A5B40B57-F7E1-4C88-A3A4-D1E1C07F023F}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {DC387AA5-94A6-4920-B004-D59846526D81}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0816-0000-0000000FF1CE} /uninstall {C2EC91A8-CC39-45F7-9E46-62B85ADF9DF5}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0C0A-0000-0000000FF1CE} /uninstall {91A7F72A-3273-4C1E-8BE0-BC9DD0D9345C}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0028-0404-0000-0000000FF1CE} /uninstall {5E6C6E79-40BE-491B-9ABF-C665667E1B07}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0028-0404-1000-0000000FF1CE} /uninstall {1252D255-DB26-4F85-9F0F-D59B9DFE339E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0404-1000-0000000FF1CE} /uninstall {3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0408-1000-0000000FF1CE} /uninstall {E3B92295-785F-4FF7-8BE1-67E86F5F8140}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040C-1000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-040D-1000-0000000FF1CE} /uninstall {C4FDF834-B4AF-4B5E-8901-5146204B58CC}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0410-1000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0413-1000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0816-1000-0000000FF1CE} /uninstall {A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0C0A-1000-0000000FF1CE} /uninstall {6113C11D-BACA-4D8E-8002-03C8D06FD5E6}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0404-0000-0000000FF1CE} /uninstall {3F96DD0A-F509-4CBD-8130-B3B3194A9C3D}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {26454C26-D259-4543-AA60-3189E09C5F76}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0408-0000-0000000FF1CE} /uninstall {E3B92295-785F-4FF7-8BE1-67E86F5F8140}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040C-0000-0000000FF1CE} /uninstall {B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-040D-0000-0000000FF1CE} /uninstall {C4FDF834-B4AF-4B5E-8901-5146204B58CC}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0410-0000-0000000FF1CE} /uninstall {0A75DA12-55CB-4DE5-8B6A-74D97847204E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {89C8E56A-90D8-4598-B0E6-EB28F6270E07}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0816-0000-0000000FF1CE} /uninstall {A8523DA4-5563-4F0E-BD9D-4E4CC3CF7239}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0C0A-0000-0000000FF1CE} /uninstall {6113C11D-BACA-4D8E-8002-03C8D06FD5E6}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}

Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

Microsoft Office Access MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0015-0404-0000-0000000FF1CE}

Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}

Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}

Microsoft Office Access MUI (Greek) 2007-->MsiExec.exe /X{90120000-0015-0408-0000-0000000FF1CE}

Microsoft Office Access MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-0015-040D-0000-0000000FF1CE}

Microsoft Office Access MUI (Italian) 2007-->MsiExec.exe /X{90120000-0015-0410-0000-0000000FF1CE}

Microsoft Office Access MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0015-0816-0000-0000000FF1CE}

Microsoft Office Access MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0015-0C0A-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}

Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel 2007 Help - Aggiornamento (KB963678)-->msiexec /package {90120000-0016-0410-0000-0000000FF1CE} /uninstall {9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}

Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678)-->msiexec /package {90120000-0016-0404-0000-0000000FF1CE} /uninstall {15EEA099-97F0-4952-8597-88472FF062D2}

Microsoft Office Excel 2007 Help Actualización (KB963678)-->msiexec /package {90120000-0016-0C0A-0000-0000000FF1CE} /uninstall {59E09C3D-4878-47D9-87DB-6D0018026889}

Microsoft Office Excel MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0016-0404-0000-0000000FF1CE}

Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}

Microsoft Office Excel MUI (Greek) 2007-->MsiExec.exe /X{90120000-0016-0408-0000-0000000FF1CE}

Microsoft Office Excel MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-0016-040D-0000-0000000FF1CE}

Microsoft Office Excel MUI (Italian) 2007-->MsiExec.exe /X{90120000-0016-0410-0000-0000000FF1CE}

Microsoft Office Excel MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0016-0816-0000-0000000FF1CE}

Microsoft Office Excel MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0016-0C0A-0000-0000000FF1CE}

Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}

Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}

Microsoft Office IME (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0028-0404-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}

Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}

Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677)-->msiexec /package {90120000-001A-0410-0000-0000000FF1CE} /uninstall {2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}

Microsoft Office Outlook 2007 Help Actualización (KB963677)-->msiexec /package {90120000-001A-0C0A-0000-0000000FF1CE} /uninstall {59C244C2-0C37-4E85-8F7E-DBDD3958B694}

Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-0122-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001A-0404-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Greek) 2007-->MsiExec.exe /X{90120000-001A-0408-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-001A-040D-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Italian) 2007-->MsiExec.exe /X{90120000-001A-0410-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001A-0816-0000-0000000FF1CE}

Microsoft Office Outlook MUI (Spanish) 2007-->MsiExec.exe /X{90120000-001A-0C0A-0000-0000000FF1CE}

Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669)-->msiexec /package {90120000-0018-0410-0000-0000000FF1CE} /uninstall {C76C02F1-B07F-4974-876A-A18DEC9887C8}

Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669)-->msiexec /package {90120000-0018-0404-0000-0000000FF1CE} /uninstall {A7688131-70CB-4945-BAFA-11053AC34D75}

Microsoft Office Powerpoint 2007 Help Actualización (KB963669)-->msiexec /package {90120000-0018-0C0A-0000-0000000FF1CE} /uninstall {F318245D-05AE-4681-A749-A036CE44AF29}

Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0018-0404-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Greek) 2007-->MsiExec.exe /X{90120000-0018-0408-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-0018-040D-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Italian) 2007-->MsiExec.exe /X{90120000-0018-0410-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0018-0816-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0018-0C0A-0000-0000000FF1CE}

Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Basque) 2007-->MsiExec.exe /X{90120000-001F-042D-0000-0000000FF1CE}

Microsoft Office Proof (Catalan) 2007-->MsiExec.exe /X{90120000-001F-0403-0000-0000000FF1CE}

Microsoft Office Proof (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001F-0404-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Galician) 2007-->MsiExec.exe /X{90120000-001F-0456-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Greek) 2007-->MsiExec.exe /X{90120000-001F-0408-0000-0000000FF1CE}

Microsoft Office Proof (Hebrew) 2007-->MsiExec.exe /X{90120000-001F-040D-0000-0000000FF1CE}

Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Brazil)) 2007-->MsiExec.exe /X{90120000-001F-0416-0000-0000000FF1CE}

Microsoft Office Proof (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001F-0816-0000-0000000FF1CE}

Microsoft Office Proof (Russian) 2007-->MsiExec.exe /X{90120000-001F-0419-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-002C-0404-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Greek) 2007-->MsiExec.exe /X{90120000-002C-0408-0000-0000000FF1CE}

Microsoft Office Proofing (Hebrew) 2007-->MsiExec.exe /X{90120000-002C-040D-0000-0000000FF1CE}

Microsoft Office Proofing (Italian) 2007-->MsiExec.exe /X{90120000-002C-0410-0000-0000000FF1CE}

Microsoft Office Proofing (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-002C-0816-0000-0000000FF1CE}

Microsoft Office Proofing (Spanish) 2007-->MsiExec.exe /X{90120000-002C-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0401-0000-0000000FF1CE} /uninstall {14809F99-C601-4D4A-9391-F1E8FAA964C5}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0403-0000-0000000FF1CE} /uninstall {4B47C31E-46B0-462B-BEE4-DC383B6A1F2A}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0404-0000-0000000FF1CE} /uninstall {33FA7680-10ED-444E-BC72-214064317283}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0408-0000-0000000FF1CE} /uninstall {3C7DCB2F-8EA1-4558-B8F5-1107C4055A0B}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040D-0000-0000000FF1CE} /uninstall {D51DB996-6D46-4195-B495-5E96F61A3CB9}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {322296D4-1EAE-4030-9FBC-D2787EB25FA2}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0416-0000-0000000FF1CE} /uninstall {75EBE365-7FC5-4720-A7D3-804BF550D1BC}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0419-0000-0000000FF1CE} /uninstall {57A92C5E-E76A-49CC-9EC2-A7B6CE1255EA}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0816-0000-0000000FF1CE} /uninstall {C312E1CD-EC19-4270-A072-F36F634DFF79}

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}

Microsoft Office Publisher MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-0019-0404-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}

Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Greek) 2007-->MsiExec.exe /X{90120000-0019-0408-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-0019-040D-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Italian) 2007-->MsiExec.exe /X{90120000-0019-0410-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-0019-0816-0000-0000000FF1CE}

Microsoft Office Publisher MUI (Spanish) 2007-->MsiExec.exe /X{90120000-0019-0C0A-0000-0000000FF1CE}

Microsoft Office Shared MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-006E-0404-0000-0000000FF1CE}

Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}

Microsoft Office Shared MUI (Greek) 2007-->MsiExec.exe /X{90120000-006E-0408-0000-0000000FF1CE}

Microsoft Office Shared MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-006E-040D-0000-0000000FF1CE}

Microsoft Office Shared MUI (Italian) 2007-->MsiExec.exe /X{90120000-006E-0410-0000-0000000FF1CE}

Microsoft Office Shared MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-006E-0816-0000-0000000FF1CE}

Microsoft Office Shared MUI (Spanish) 2007-->MsiExec.exe /X{90120000-006E-0C0A-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Word 2007 Help - Aggiornamento (KB963665)-->msiexec /package {90120000-001B-0410-0000-0000000FF1CE} /uninstall {E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}

Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665)-->msiexec /package {90120000-001B-0404-0000-0000000FF1CE} /uninstall {AD30F628-2AAE-43E0-A0D8-CDFA976E6A9E}

Microsoft Office Word 2007 Help Actualización (KB963665)-->msiexec /package {90120000-001B-0C0A-0000-0000000FF1CE} /uninstall {377BA42A-1C84-45D6-94B8-6D00887D172D}

Microsoft Office Word MUI (Chinese (Traditional)) 2007-->MsiExec.exe /X{90120000-001B-0404-0000-0000000FF1CE}

Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}

Microsoft Office Word MUI (Greek) 2007-->MsiExec.exe /X{90120000-001B-0408-0000-0000000FF1CE}

Microsoft Office Word MUI (Hebrew) 2007-->MsiExec.exe /X{90120000-001B-040D-0000-0000000FF1CE}

Microsoft Office Word MUI (Italian) 2007-->MsiExec.exe /X{90120000-001B-0410-0000-0000000FF1CE}

Microsoft Office Word MUI (Portuguese (Portugal)) 2007-->MsiExec.exe /X{90120000-001B-0816-0000-0000000FF1CE}

Microsoft Office Word MUI (Spanish) 2007-->MsiExec.exe /X{90120000-001B-0C0A-0000-0000000FF1CE}

Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}

Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

Mise à jour Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040C-0000-0000000FF1CE} /uninstall {B761869A-B85C-40E2-994C-A1CE78AC8F2C}

Mise à jour Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-040C-0000-0000000FF1CE} /uninstall {51EFB347-1F3D-4BAC-8B79-F056B904FE21}

Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040C-0000-0000000FF1CE} /uninstall {C3DCA38E-005E-41BA-A52A-7C3429F351C3}

Mise à jour Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040C-0000-0000000FF1CE} /uninstall {81536A04-DBFB-4DB3-978F-0F284590C223}

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}

Norton AntiVirus-->C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV\2454B0AB\17.7.0.12\InstStub.exe /X

òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-040D-0000-0000000FF1CE} /uninstall {18E2D7BF-CC18-4CE8-B875-D2934B6086E2}

òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-040D-0000-0000000FF1CE} /uninstall {54B50AC9-2088-4F43-B39A-0F10F53D425E}

òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-040D-0000-0000000FF1CE} /uninstall {CAB664CE-BBA4-4A81-A358-6CC6F7852FC9}

Piggly-->"C:\Program Files (x86)\Asus\Game Park\Piggly\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Piggly\install.log"

QuestDns 1.0 build 111-->C:\Program Files (x86)\QuestDns\uninstall.exe

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly

Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\Setup.exe" -runfromtemp -l0x0009 -removeonly

Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}

Security Update for 2007 Microsoft Office System (KB2277947)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5857EE21-03D0-482E-9620-5A30B314A2AE}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}

Security Update for 2007 Microsoft Office System (KB976321)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7F207DCA-3399-40CB-A968-6E5991B1421A}

Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

Security Update for 2007 Microsoft Office System (KB982312)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {B0EC5722-241F-4CDA-83B4-AA5846B6F9F4}

Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}

Security Update for 2007 Microsoft Office System (KB982331)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {E8766951-2B6C-4022-86E8-80D2D1762B76}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

Security Update for Microsoft Office Access 2007 (KB979440)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A4E43D5-858F-49BD-BA72-8F30E1793060}

Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

Security Update for Microsoft Office Excel 2007 (KB982308)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C3F9A0DC-A5D1-4BB6-870E-2953E5A2487B}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

Security Update for Microsoft Office InfoPath 2007 (KB979441)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}

Security Update for Microsoft Office Outlook 2007 (KB980376)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {48113C06-9BA2-4D54-A731-D1D2C5B3144A}

Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

Security Update for Microsoft Office PowerPoint 2007 (KB982158)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

Security Update for Microsoft Office Publisher 2007 (KB982124)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}

Security Update for Microsoft Office Word 2007 (KB2251419)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7E9103DA-253F-41FF-9E83-7C83806C77DA}

ShopperReports-->"C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReportsUninstaller.exe" Web

Smileyville-->"C:\Program Files (x86)\Asus\Game Park\Smileyville\Uninstall.exe" "C:\Program Files (x86)\Asus\Game Park\Smileyville\install.log"

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}

Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}

Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}

Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}

Update for Microsoft Office OneNote 2007 (KB980729)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {329050A9-EF80-40F9-B633-74508F54C1FF}

Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}

Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}

Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}

Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}

Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}

Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}

Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}

Update for Outlook 2007 Junk Email Filter (kb2279264)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {01D475AB-57B1-44CC-8A8F-3A6B0FA4989F}

Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}

Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}

Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}

Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}

Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}

Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}

Veetle TV 0.9.17-->C:\Users\Bart\Downloads\Veetle\UninstallVeetleTV.exe

Windows Live - Hulpprogramma voor uploaden-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Live Call-->MsiExec.exe /I{2A8F82E8-7B86-4AFD-BFBC-2BA4C2CF52DB}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{562B9CA4-6E52-4F87-ACEC-912FC004F1F0}

Windows Live Mail-->MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}

Windows Live Messenger-->MsiExec.exe /X{10F5387D-1728-423A-A578-B00982CF2646}

Windows Live Photo Gallery-->MsiExec.exe /X{11005483-57F9-400C-BF9F-CBC47540705A}

Windows Live Sync-->MsiExec.exe /X{CD19EDD9-1632-4002-9212-7478E4BA0423}

Windows Live Toolbar-->MsiExec.exe /X{E51109E7-3818-4BC2-B3FD-A59AC2378A2B}

Windows Live Writer-->MsiExec.exe /X{35CA031C-D3CD-4A28-8D9B-C71466C4F045}

WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}

Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}

Xvid 1.2.1 final uninstall-->"C:\Program Files (x86)\Xvid\unins000.exe"

======System event log======

Computer Name: pcbart

Event Code: 7036

Message: De Volume Shadow Copy-service heeft nu de status gestopt.

Record Number: 2154

Source Name: Service Control Manager

Time Written: 20100311151946.410613-000

Event Type: Informatie

User:

Computer Name: pcbart

Event Code: 18

Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?vrijdag ?12 ?maart ?2010 om 3:00:

- KB979895: Update voor het filter voor ongewenste e-mail in Outlook 2007

- KB963671: Update voor de Help voor Microsoft Script Editor

- KB978506: Update voor de compatibiliteitsweergavelijst in Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB971468: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB976264: Update voor Windows 7 voor x64-systemen

- KB977863: Cumulatieve update voor Media Center voor Windows 7 x64-systemen

- KB976662: Update voor Windows 7 voor x64-systemen

- KB978207: Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB978262: Cumulatieve beveiligingsupdate voor ActiveX Killbits voor Windows 7 voor x64-systemen

- KB975560: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB979306: Update voor Windows 7 voor x64-systemen

- KB967642: Update voor het 2007 Microsoft Office system

- KB963673: Updates voor de Help voor algemene onderdelen voor 2007 Microsoft Office system

- KB978637: Update voor Windows 7 voor x6 uur

Record Number: 2153

Source Name: Microsoft-Windows-WindowsUpdateClient

Time Written: 20100311151728.055913-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEM

Computer Name: pcbart

Event Code: 18

Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?vrijdag ?12 ?maart ?2010 om 3:00:

- KB979895: Update voor het filter voor ongewenste e-mail in Outlook 2007

- KB963671: Update voor de Help voor Microsoft Script Editor

- KB978506: Update voor de compatibiliteitsweergavelijst in Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB971468: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB976264: Update voor Windows 7 voor x64-systemen

- KB977863: Cumulatieve update voor Media Center voor Windows 7 x64-systemen

- KB976662: Update voor Windows 7 voor x64-systemen

- KB978207: Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB978262: Cumulatieve beveiligingsupdate voor ActiveX Killbits voor Windows 7 voor x64-systemen

- KB975560: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB979306: Update voor Windows 7 voor x64-systemen

- KB967642: Update voor het 2007 Microsoft Office system

- KB963673: Updates voor de Help voor algemene onderdelen voor 2007 Microsoft Office system

- KB978637: Update voor Windows 7 voor x6 uur

Record Number: 2152

Source Name: Microsoft-Windows-WindowsUpdateClient

Time Written: 20100311151728.055913-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEM

Computer Name: pcbart

Event Code: 18

Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?vrijdag ?12 ?maart ?2010 om 3:00:

- KB979895: Update voor het filter voor ongewenste e-mail in Outlook 2007

- KB963671: Update voor de Help voor Microsoft Script Editor

- KB978506: Update voor de compatibiliteitsweergavelijst in Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB971468: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB976264: Update voor Windows 7 voor x64-systemen

- KB977863: Cumulatieve update voor Media Center voor Windows 7 x64-systemen

- KB976662: Update voor Windows 7 voor x64-systemen

- KB978207: Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB978262: Cumulatieve beveiligingsupdate voor ActiveX Killbits voor Windows 7 voor x64-systemen

- KB975560: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB979306: Update voor Windows 7 voor x64-systemen

- KB967642: Update voor het 2007 Microsoft Office system

- KB963673: Updates voor de Help voor algemene onderdelen voor 2007 Microsoft Office system

- KB978637: Update voor Windows 7 voor x6 uur

Record Number: 2151

Source Name: Microsoft-Windows-WindowsUpdateClient

Time Written: 20100311151728.055913-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEM

Computer Name: pcbart

Event Code: 18

Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op ?vrijdag ?12 ?maart ?2010 om 3:00:

- KB979895: Update voor het filter voor ongewenste e-mail in Outlook 2007

- KB963671: Update voor de Help voor Microsoft Script Editor

- KB978506: Update voor de compatibiliteitsweergavelijst in Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB971468: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB976264: Update voor Windows 7 voor x64-systemen

- KB977863: Cumulatieve update voor Media Center voor Windows 7 x64-systemen

- KB976662: Update voor Windows 7 voor x64-systemen

- KB978207: Cumulatieve beveiligingsupdate voor Internet Explorer 8 voor Windows 7 voor x64-systemen

- KB978262: Cumulatieve beveiligingsupdate voor ActiveX Killbits voor Windows 7 voor x64-systemen

- KB975560: Beveiligingsupdate voor Windows 7 voor x64-systemen

- KB979306: Update voor Windows 7 voor x64-systemen

- KB967642: Update voor het 2007 Microsoft Office system

- KB963673: Updates voor de Help voor algemene onderdelen voor 2007 Microsoft Office system

- KB978637: Update voor Windows 7 voor x6 uur

Record Number: 2150

Source Name: Microsoft-Windows-WindowsUpdateClient

Time Written: 20100311151728.055913-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: pcbart

Event Code: 4625

Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.

Record Number: 1029

Source Name: Microsoft-Windows-EventSystem

Time Written: 20100311080854.000000-000

Event Type: Informatie

User:

Computer Name: pcbart

Event Code: 1532

Message: De User Profile-service is gestopt.

Record Number: 1028

Source Name: Microsoft-Windows-User Profiles Service

Time Written: 20100217124709.439088-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEM

Computer Name: WIN-FQADO1OVS9N

Event Code: 1003

Message: De Windows Search-service is gestart.

Record Number: 1027

Source Name: Microsoft-Windows-Search

Time Written: 20100217124700.000000-000

Event Type: Informatie

User:

Computer Name: WIN-FQADO1OVS9N

Event Code: 1013

Message: De Windows Search-service is normaal gestopt.

Record Number: 1026

Source Name: Microsoft-Windows-Search

Time Written: 20100217124658.000000-000

Event Type: Informatie

User:

Computer Name: WIN-FQADO1OVS9N

Event Code: 103

Message: Windows (3060) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.

Record Number: 1025

Source Name: ESENT

Time Written: 20100217124658.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: WIN-FQADO1OVS9N

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 292

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100217124659.907471-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-FQADO1OVS9N

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: WIN-FQADO1OVS9N$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x1f0

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 291

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100217124659.907471-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-FQADO1OVS9N

Event Code: 4738

Message: Er is een gebruikersaccount gewijzigd.

Onderwerp:

Beveiligings-id: S-1-5-21-636757620-3361418551-2839337521-500

Accountnaam: Administrator

Accountdomein: WIN-FQADO1OVS9N

Aanmeldings-id: 0x295b6

Doelaccount:

Beveiligings-id: S-1-5-21-636757620-3361418551-2839337521-500

Accountnaam: Administrator

Accountdomein: WIN-FQADO1OVS9N

Gewijzigde kenmerken:

SAM-accountnaam: -

Weergavenaam: -

Principal-naam van gebruiker: -

Basismap: -

Basisstation: -

Pad naar script: -

Pad naar profiel: -

Gebruikerswerkstations: -

Wachtwoord voor het laatst ingesteld: -

Account verloopt op: -

Primaire groeps-id: -

Mag overdragen aan: -

Oude UAC-waarde: 0x210

Nieuwe UAC-waarde: 0x211

Gebruikersaccountbeheer:

Account uitgeschakeld

Gebruikersparameters: -

SID-geschiedenis: -

Aantal uren aangemeld: -

Aanvullende gegevens:

Bevoegdheden: -

Record Number: 290

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100217124651.686257-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-FQADO1OVS9N

Event Code: 4725

Message: Er is een gebruikersaccount uitgeschakeld.

Onderwerp:

Beveiligings-id: S-1-5-21-636757620-3361418551-2839337521-500

Accountnaam: Administrator

Accountdomein: WIN-FQADO1OVS9N

Aanmeldings-id: 0x295b6

Doelaccount:

Beveiligings-id: S-1-5-21-636757620-3361418551-2839337521-500

Accountnaam: Administrator

Accountdomein: WIN-FQADO1OVS9N

Record Number: 289

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20100217124651.686257-000

Event Type: Controle geslaagd

User:

Computer Name: WIN-FQADO1OVS9N

Event Code: 1102

Message: Het controlelogboek is gewist.

Onderwerp:

Beveiligings-id: S-1-5-21-636757620-3361418551-2839337521-500

Accountnaam: Administrator

Domeinnaam: WIN-FQADO1OVS9N

Aanmeldings-id: 0x295b6

Record Number: 288

Source Name: Microsoft-Windows-Eventlog

Time Written: 20100217124638.800634-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"NUMBER_OF_PROCESSORS"=2

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"configsetroot"=%SystemRoot%\ConfigSetRoot

-----------------EOF-----------------

[kape]

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop AFBAgent

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete AFBAgent

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc stop “QuestDns Service”

Druk op Enter.

Ga naar Start – Uitvoeren/Zoekopdracht en tik in: sc delete “QuestDns Service”

Druk op Enter.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O4 - HKLM\..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd

O4 - HKLM\..\Run: [ClickPotatoLiteSA] "C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSA.exe"

O4 - Global Startup: FancyStart daemon.lnk = ?

O4 - Global Startup: SRS Premium Sound.lnk = ?

O9 - Extra button: ClickPotato - {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} - C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSABHO.dll

O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll

O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll

Klik op 'Fix checked' om de items te verwijderen.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw HijackThis log.

[bartderidder]

heb terug gescand met RSIT, hjti kon ik niet selecteren

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Databaseversie: 4422

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

12/08/2010 20:19:32

mbam-log-2010-08-12 (20-19-32).txt

Scantype: Snelle scan

Objecten gescand: 136696

Verstreken tijd: 5 minuut/minuten, 29 seconde(n)

Geheugenprocessen geïnfecteerd: 2

Geheugenmodulen geïnfecteerd: 1

Registersleutels geïnfecteerd: 144

Registerwaarden geïnfecteerd: 5

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 22

Bestanden geïnfecteerd: 37

Geheugenprocessen geïnfecteerd:

C:\ProgramData\QuestDns\questdns111.exe (Adware.QuestDns) -> Unloaded process successfully.

C:\Program Files (x86)\QuestDns\questdns.exe (Adware.QuestDns) -> Unloaded process successfully.

Geheugenmodulen geïnfecteerd:

C:\Program Files (x86)\QuestDns\questdns.dll (Adware.QuestDns) -> Delete on reboot.

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\clickpotatoliteax.info (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{c55ca95c-324b-451c-b2d2-6e895aa75fec} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{30b15818-e110-4527-9c05-46ace5a3460d} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{618aad04-921f-44c2-be38-c0818af69861} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{b5d2ed96-62f9-4c2c-956d-e425b1f67337} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d3a412e8-1e4b-47d2-9b12-f88291f5afbb} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1602f07d-8bf3-4c08-bdd6-dddb1c48aedc} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1602f07d-8bf3-4c08-bdd6-dddb1c48aedc} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ac6d819e-aa8f-4418-a3bb-d165c1b18bb5} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ac6d819e-aa8f-4418-a3bb-d165c1b18bb5} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\clickpotatoliteax.info.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\clickpotatoliteax.userprofiles (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\clickpotatoliteax.userprofiles.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\menubuttonie.buttonie (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{814baa91-dc22-4350-87d6-0c86e93f7f08} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{419eda30-6dff-432c-b534-e15d899abee4} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7a3d6d17-9dd5-4c60-8076-d1784dabaf8c} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\menubuttonie.buttonie.1 (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.asyncreporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{f1a1892c-2a6c-4817-98b4-ff81443cba20} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e25da6d6-c365-46cf-abaf-dc5893135d7a} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{09325003-167c-483d-a4ba-8b3122abb432} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{6dd76b7b-6423-4df0-9a07-84a6cad973a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7f6cfb6a-9227-4bb8-b941-f2b067e76f51} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ab0ee208-df60-4fa7-a617-c4269760033e} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e12aeab6-7d12-4c07-8e36-5892efb4dafb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e2f2c137-a782-4fb5-81af-086156f5eb0a} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f1d06c9f-51f0-4476-bede-5ddf91be304e} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{f3a32df2-7413-4fb1-b575-1ac920a17b76} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.asyncreporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.cntntdic (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{02aed140-2b62-4b49-8b3b-179020cc39b9} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{17bf1e05-c0e8-413c-bd1f-a481eea3b8e9} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{83b2fe06-ba20-4f7d-96c6-6fc3a4e877d3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{b32966a2-f7c2-4362-a6cf-399ec8b44110} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cc7bd6f1-565c-47ce-a5bb-9c935e77b59d} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cfc16189-8a92-4a29-a940-60248385f426} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.cntntdic.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.cntntdisp (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.cntntdisp.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.dwnldr (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.dwnldr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbax (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbax.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbguru (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbguru.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbinfoband (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.hbinfoband.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebutton (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebutton.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebuttona (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.iebuttona.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.kopff (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{573f4abb-a1a2-44ed-9ba9-a8dad40aac46} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{71e02280-5212-45c3-b174-4d5a35da254f} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{396cfc12-932d-496b-a0a8-5d7201e105e1} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{60da826c-b1c6-4358-bdec-4837ced45470} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{74c22317-5b90-471f-9ad2-fec049870a16} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c1089f63-7afc-4538-b0eb-bea0f4225a57} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.kopff.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillanvgtntrpr.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{5fe0ceae-cb69-40af-a323-40f94257dacb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{65a16874-2ed0-460e-a547-5fe2ec3a13a7} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{2721a8e5-bfdb-4562-9912-9e0531ca616c} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.mozillapsexecuter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reportdata (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reportdata.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reporter (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.reporter.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.rprtctrl (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.rprtctrl.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.scopes (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.scopes.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.stock (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.stock.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiate.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggerimmidiateorrandomts.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggeronceinday (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\shopperreports.triggeronceinday.1 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{21ba420e-161c-413a-b21e-4e42ae1f4226} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{453db0c5-f41c-4d97-8dd6-cc72ecd5f699} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{4afc07d0-59bb-46b8-b097-1a46e88eef71} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{6511ce4c-4722-40d0-ad3d-4afa2f50978a} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{9bec9b38-bf39-4899-806e-a1c5dfeb60a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{b86d82bf-d39f-439a-a07c-43eddc6f6ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{da6305b9-0869-4235-8c1d-533a65e639e5} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{e6961c59-cfce-4ccd-b794-bc78db98413a} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{f8b4ec8a-2407-4be0-aee2-0f430d65a90d} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{0d82acd6-a652-4496-a298-2bde705f4227} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{11c27351-716b-4052-9361-e3b0a3f8221c} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{7025e484-d4b0-441a-9f0b-69063bd679ce} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{8258b35c-05b8-4c0e-9525-9bccc70f8f2d} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{a89256ad-ec17-4a83-bef5-4b8bc4f39306} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{dee758b4-c3fb-4a5b-9939-848b9c77a2fb} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{acc62306-9a63-4864-bd2f-c8825d2d7ea6} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{b58926d6-cfb0-45d2-9c28-4b5a0f0368ae} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b58926d6-cfb0-45d2-9c28-4b5a0f0368ae} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{b58926d6-cfb0-45d2-9c28-4b5a0f0368ae} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a078f691-9c07-4af2-bf43-35e79eecf8b7} (Adware.Softomate) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89f88394-3828-4d03-a0cf-8203604c3da6} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{d4233f04-1789-483c-a137-731e8f113dd5} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{69725738-cd68-4f36-8d02-8c43722ee5da} (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b58926d6-cfb0-45d2-9c28-4b5a0f0368ae} (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\questdns (Adware.QuestDns) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\QuestDns (Adware.QuestDns) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestDns Service (Adware.QuestDns) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\BRNstIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\CmndFF.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\MenuButtonIE.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\mozillaps.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\Pltfrm.DLL (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperReportsSA (Adware.ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\clickpotatolitesa (Adware.ClickPotato) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\shopperreports 3.0.489.0 (Adware.HotBar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\shopperreports@shopperreports.com (ShopperReports) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\srs_it_e879027eb4765b5230aa94 (Malware.Trace) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\extensions\clickpotatolite@clickpotatolite.com (Adware.ClickPotato) -> Quarantined and deleted successfully.

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 (Adware.Seekmo) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Users\Bart\AppData\Roaming\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Users\Bart\AppData\Roaming\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0 (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox\extensions (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\plugins (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3 (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0 (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\QuestDns (Adware.QuestDns) -> Delete on reboot.

C:\ProgramData\QuestDns (Adware.QuestDns) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:

C:\ProgramData\QuestDns\questdns111.exe (Adware.QuestDns) -> Quarantined and deleted successfully.

C:\Program Files (x86)\QuestDns\questdns.exe (Adware.QuestDns) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSA.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSAAX.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSABHO.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\Pltfrm.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\CntntCntr.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReports.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\CmndFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\mozillaps.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\BRNstIE.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAAbout.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAau.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSAEULA.mht (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA_hpk.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\ClickPotatoLiteSA\ClickPotatoLiteSA_kyf.dat (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteSAHook.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\ClickPotatoLiteUninstaller.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\chrome.manifest (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\install.rdf (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ClickPotatoLite\bin\10.0.519.0\firefox\extensions\plugins\npclntax_ClickPotatoLiteSA.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\link.ico (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\ShopperReportsUninstaller.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome.manifest (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\install.rdf (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\chrome\firefoxtoolbar.jar (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\ShopperReports3\bin\3.0.489.0\firefox\firefoxtoolbar\extensions\components\BRNstFF.xpt (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\About Us.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Customer Support.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClickPotato\ClickPotato Uninstall Instructions.lnk (Adware.ClickPotato) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\About Us.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\Customer Support.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShopperReports\ShopperReports Uninstall Instructions.lnk (Adware.ShopperReports) -> Quarantined and deleted successfully.

C:\Program Files (x86)\QuestDns\questdns.dll (Adware.QuestDns) -> Delete on reboot.

C:\Program Files (x86)\QuestDns\uninstall.exe (Adware.QuestDns) -> Quarantined and deleted successfully.

Logfile of random's system information tool 1.08 (written by random/random)

Run by Bart at 2010-08-12 20:26:11

Microsoft Windows 7 Home Premium

System drive C: has 77 GB (64%) free of 119 GB

Total RAM: 3071 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:26:27, on 12/08/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10i_ActiveX.exe

C:\Users\Bart\Desktop\RSIT.exe

C:\Program Files (x86)\trend micro\Bart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe

O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe

O4 - HKLM\..\Run: [setwallpaper] c:\programdata\SetWallpaper.cmd

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9468 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Symantec Intrusion Prevention - C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\IPSBHO.DLL [2010-05-14 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]

Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]

"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-09 6937216]

"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]

"Setwallpaper"=c:\programdata\SetWallpaper.cmd []

"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveAutoRun"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-12 20:10:43 ----D---- C:\Users\Bart\AppData\Roaming\Malwarebytes

2010-08-12 20:10:37 ----A---- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys

2010-08-12 20:10:36 ----D---- C:\ProgramData\Malwarebytes

2010-08-12 20:10:36 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2010-08-12 18:40:43 ----D---- C:\Program Files (x86)\trend micro

2010-08-12 18:40:42 ----D---- C:\rsit

2010-08-11 12:40:06 ----A---- C:\Windows\SysWOW64\mshtml.dll

2010-08-11 12:40:05 ----A---- C:\Windows\SysWOW64\ieframe.dll

2010-08-11 12:40:04 ----A---- C:\Windows\SysWOW64\urlmon.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\wininet.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\mstime.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\msfeedssync.exe

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\jsproxy.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\ieui.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\iepeers.dll

2010-08-11 12:40:03 ----A---- C:\Windows\SysWOW64\iedkcs32.dll

2010-08-11 12:39:53 ----A---- C:\Windows\SysWOW64\schannel.dll

2010-08-11 12:39:51 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe

2010-08-11 12:39:51 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe

2010-08-11 12:39:50 ----A---- C:\Windows\SysWOW64\rtutils.dll

2010-08-11 12:39:49 ----A---- C:\Windows\SysWOW64\iccvid.dll

2010-08-11 12:39:46 ----A---- C:\Windows\SysWOW64\msxml3.dll

2010-08-09 20:02:12 ----D---- C:\Users\Bart\AppData\Roaming\Tific

2010-08-09 17:24:13 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2010-08-03 10:42:27 ----A---- C:\Windows\SysWOW64\shell32.dll

2010-08-01 19:13:29 ----D---- C:\Program Files (x86)\Xvid

2010-08-01 19:13:29 ----A---- C:\Windows\SysWOW64\xvidvfw.dll

2010-08-01 19:13:29 ----A---- C:\Windows\SysWOW64\xvidcore.dll

======List of files/folders modified in the last 1 months======

2010-08-12 20:23:00 ----D---- C:\Windows\Temp

2010-08-12 20:21:25 ----SHD---- C:\System Volume Information

2010-08-12 20:20:42 ----RD---- C:\Program Files (x86)

2010-08-12 20:19:32 ----HD---- C:\ProgramData

2010-08-12 20:10:37 ----D---- C:\Windows\SysWOW64\drivers

2010-08-12 20:02:29 ----SHD---- C:\Windows\Installer

2010-08-12 20:02:28 ----SD---- C:\Users\Bart\AppData\Roaming\Microsoft

2010-08-12 19:47:37 ----D---- C:\Windows

2010-08-12 18:58:28 ----D---- C:\Windows\Microsoft.NET

2010-08-12 18:58:27 ----RSD---- C:\Windows\assembly

2010-08-12 08:43:50 ----D---- C:\Windows\winsxs

2010-08-12 08:41:05 ----D---- C:\Windows\SysWOW64

2010-08-12 08:41:05 ----D---- C:\Windows\System32

2010-08-12 08:41:01 ----D---- C:\Windows\SysWOW64\migration

2010-08-12 08:41:01 ----D---- C:\Program Files (x86)\Internet Explorer

2010-08-12 00:02:12 ----D---- C:\ProgramData\Microsoft Help

2010-08-11 14:08:57 ----D---- C:\Windows\Prefetch

2010-08-09 20:16:28 ----D---- C:\Program Files (x86)\Microsoft

2010-08-09 20:00:09 ----D---- C:\Windows\Tasks

2010-08-09 20:00:09 ----D---- C:\Windows\inf

2010-08-09 20:00:09 ----D---- C:\ProgramData\P4G

2010-08-09 20:00:06 ----D---- C:\ProgramData\Norton

2010-08-09 20:00:04 ----D---- C:\Windows\registration

2010-08-09 19:59:28 ----SD---- C:\ProgramData\Microsoft

2010-08-09 19:59:25 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2010-08-09 17:24:21 ----D---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ***laby;***laby; C:\Windows\system32\DRIVERS\***laby.sys []

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAVx64\1107000.00C\SYMDS64.SYS []

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAVx64\1107000.00C\SYMEFA64.SYS []

R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\BASHDefs\20100719.001\BHDrvx64.sys [2010-07-20 945200]

R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NAVx64\1107000.00C\ccHPx64.sys []

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2010-05-27 475696]

R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\IPSDefs\20100809.001\IDSvia64.sys [2010-05-28 463408]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NAVx64\1107000.00C\SRTSPX64.SYS []

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAVx64\1107000.00C\Ironx64.SYS []

R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAVx64\1107000.00C\SYMTDIV.SYS []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-27 132656]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []

R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100812.002\ENG64.SYS [2010-08-09 117808]

R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_17.0.0.136\Definitions\VirusDefs\20100812.002\EX64.SYS [2010-08-09 1791536]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys []

R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []

R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NAVx64\1107000.00C\SRTSP64.SYS []

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS []

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys []

S3 RtsUIR;Realtek IR Driver; C:\Windows\system32\DRIVERS\Rts516xIR.sys []

S3 USBCCID;Realtek Smartcard Reader Driver; C:\Windows\system32\DRIVERS\RtsUCcid.sys []

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

R2 NAV;Norton AntiVirus; C:\Program Files (x86)\Norton AntiVirus\Engine\17.7.0.12\ccSvcHst.exe [2010-02-26 126392]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 OberonGameConsoleService;Oberon Media Game Console service; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]

R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]

S3 fsssvc;De service Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]

S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

-----------------EOF-----------------

[kape]

Oeps ... Malwarebytes heeft wel een behoorlijke berg rotzooi van de PC gehaald

Wil je HijackThis eens verwijderen van je PC. Heb je die toevallig zo C:\Program Files (x86)\trend micro\Bart.exe gedownload ? Mogelijk de reden dat dit niet werkt.

Download daarna HijackThis opnieuw, maar nu in de passende map C:\Program Files (x86)\trend micro\HijackThis ... en start daar het bestand hijackthis.exe manueel op. Dan even bekijken of scannen dan wél lukt ? Zo ja, maak op die manier een nieuw logje met HJT en hang dit in je volgende bericht.