Ga naar inhoud

Vista loopt vast


Aanbevolen berichten

Hallo,

Ik zit met een probleem dat ik hier, na wat googelen, in het archief ook tegenkom. Ik hoop dus dat jullie mij kunnen helpen/adviseren.

Vista blokkeert sinds een paar dagen, op mijn laptop, enkele seconden of minuten na het opstarten. Ik kan enkel uitschakelen en in veilige modus werken. (Ik kan me niet herinneren, of het na updates ofzo was...)

Ik heb nog niet veel geprobeerd, enkel eens systeemherstel gedaan.

Ik heb (in veilige modus) MBAM en Hijackthis gedownload en laten scannen. Hieronder volgen de logjes:

Alvast bedankt.

Johan

Malwarebytes Anti-Malware (-evaluatieversie-) 1.65.1.1000

www.malwarebytes.org

Databaseversie: v2012.10.27.06

Windows Vista Service Pack 2 x86 NTFS (Veilige modus/netwerkmogelijkheden)

Internet Explorer 9.0.8112.16421

Johan :: LAPTOP [administrator]

Realtime bescherming: Uitgeschakeld

27/10/2012 19:44:01

mbam-log-2012-10-27 (19-44-01).txt

Scantype: Volledige scan (C:\|D:\|E:\|)

Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scanopties: P2P

Objecten gescand: 428014

Verstreken tijd: 3 uur/uren, 25 minuut/minuten, 43 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:13:40, on 27/10/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\DllHost.exe

C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe

C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\36PCETFO\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {76a39c95-086b-44df-bb69-b9e158ecffcf} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\NotebookSecurity\Webfilter\AvkWebIE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\NotebookSecurity\Webfilter\AvkWebIE.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: (no name) - {76a39c95-086b-44df-bb69-b9e158ecffcf} - (no file)

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [EPSON SX230 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHKE.EXE /FU "C:\Users\Johan\AppData\Local\Temp\E_SB295.tmp" /EF "HKCU"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: G DATA Keyboard Protector Service (KbdLockService) - G DATA Software Sp. z o.o. - C:\Windows\System32\KbdLockService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TopSecret Service (TSNxGService) - G DATA Software - C:\Program Files\G DATA\NotebookSecurity\TSNxG\TSNxGService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--

End of file - 11325 bytes

Link naar reactie
Delen op andere sites

  • Reacties 28
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {76a39c95-086b-44df-bb69-b9e158ecffcf} - (no file)

O3 - Toolbar: (no name) - {76a39c95-086b-44df-bb69-b9e158ecffcf} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.

3. Dubbelklik op "Combofix.exe" om de tool te starten.

4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

Link naar reactie
Delen op andere sites

Hallo,

dit zorgt voor problemen.

HJT gaat goed.

Antivirus uitschakelen lukt niet in veilige modus. Uiteindelijk maar met remover verwijderd...

Eerste keer ComboFix: het programma startte, na een tijdje deed hij een restart, waarna hij in normale modus ging en uitmondde in een zwart scherm. Toen ik trouwens de PC nog eens herstartte in normale modus, kreeg ik ook enkel zwart scherm.

Tweede keer (ik heb elke keer ComboFix verwijderd en opnieuw gedownload): scan, waarna hij aangaf 'Log rapport wordt voorbereid'. Het blauwe scherm sloot toen automatisch, waarna er niets meer gebeurde. Heb in de map C:ComboFix wel ComboFix.txt gevonden, maar de inhoud was zeer beperkt. Zie hieronder.

Derde keer: zelfde gang van zaken. Deze keer nog minder inhoud in txt.

Het ziet er precies niet zo goed uit:-)

ComboFix 12-10-29.05 - Johan 29/10/2012 22:15:21.2.4 - x86 NETWORK

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.2549 [GMT 1:00]

Gestart vanuit: C:\Users\Johan\Desktop\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

---- Voorgaande Run -------

C:\Program Files\Acer\Acer Bio Protection\PwdFilter.dll

C:\ProgramData\Roaming\Intel\Wireless\Settings\Settings.ini

C:\Users\Johan\Documents\~WRL0003.tmp

C:\Users\Johan\Documents\~WRL3402.tmp

C:\Windows\system32\URTTemp\regtlib.exe

en

ComboFix 12-10-31.03 - Johan 31/10/2012 18:09:36.3.4 - x86 NETWORK

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.32.1043.18.3069.2541 [GMT 1:00]

Gestart vanuit: C:\Users\Johan\Desktop\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Nieuw herstelpunt werd aangemaakt

Dat is alles.

Link naar reactie
Delen op andere sites

Download RSIT.

Sla het op je Bureaublad op.

Dubbelklik op RSIT om het te starten.

Klik op Continue in het disclaimer venster.

Zodra de scan beëindigd is, zullen twee logs openen. Post de inhoud van log.txt (zal gemaximaliseerd zijn) en info.txt (zal geminimaliseerd zijn) in je volgende antwoord.

Link naar reactie
Delen op andere sites

log:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Johan at 2012-11-01 11:23:20

Microsoft® Windows Vista™ Home Premium Service Pack 2

System drive C: has 64 GB (28%) free of 232 GB

Total RAM: 3069 MB (81% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:23:59, on 1/11/2012

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Johan\Desktop\RSIT.exe

C:\Program Files\trend micro\Johan.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\NotebookSecurity\Webfilter\AvkWebIE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - (no file)

O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files\G DATA\NotebookSecurity\Webfilter\AvkWebIE.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - (no file)

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O20 - Winlogon Notify: AWinNotifyVitaKey MC3000 - C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe

O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe

O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe

O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iGroupTec Service (IGBASVC) - Unknown owner - C:\Program Files\Acer\Acer Bio Protection\BASVC.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: G DATA Keyboard Protector Service (KbdLockService) - G DATA Software Sp. z o.o. - C:\Windows\System32\KbdLockService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: TopSecret Service (TSNxGService) - G DATA Software - C:\Program Files\G DATA\NotebookSecurity\TSNxG\TSNxGService.exe

O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe

O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe

O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--

End of file - 9131 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-klik Onderhoud.job

C:\Windows\tasks\Ad-Aware Update (Weekly).job

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\tas8sf3d.default

prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

prefs.js - "keyword.URL" - "http://search.avg.com/?d=4d5a4afd&i=23&tp=ab&nt=1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"=C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.4.402.287 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088]

"Description"=RealMedia Plugin

"Path"=C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006]

"Description"=RealPlayer Version Plugin

"Path"=C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]

"Description"=

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

GoogleDesktopMozilla.dll

GoogleDesktopMozillaStub.js

GoogleDesktopMozillaStub.xpt

nppl3260.xpt

nsIQTScriptablePlugin.xpt

nsJSRealPlayerPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

np-mswmp.dll

nppdf32.dll

nppl3260.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

nprpjplug.dll

QuickTimePlugin.class

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\

avg_igeared.xml

bing.xml

bolcom-nl.xml

google.xml

googledesktop.xml

marktplaats-nl.xml

wikipedia-nl.xml

yahoo-nl.xml

C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\tas8sf3d.default\extensions\

{20a82645-c095-46ed-80e3-08825760534b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]

G DATA WebFilter - C:\Program Files\G DATA\NotebookSecurity\Webfilter\AvkWebIE.dll [2008-09-19 656968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}]

AVG Do Not Track

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A2F9B1-01A2-4AA5-87D1-45B6B8505E96}]

ShowBarObj Class - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-07-29 312880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2009-06-10 2571064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll [2009-06-10 736240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29 142896]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2009-06-10 2571064]

{0124123D-61B4-456f-AF86-78C53A0790C5} - G DATA WebFilter - C:\Program Files\G DATA\NotebookSecurity\Webfilter\AvkWebIE.dll [2008-09-19 656968]

{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23 937416]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-11 919008]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2012-04-18 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Steam"=C:\Program Files\Steam\Steam.exe [2012-08-04 1353080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-07-31 38872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2008-07-24 147456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BkupTray]

C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [2008-04-25 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]

C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe [2008-07-24 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

C:\Program Files\DAEMON Tools Lite\daemon.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eAudio]

C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe [2008-05-30 544768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]

C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [2008-07-29 526896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]

C:\Windows\ehome\ehTray.exe [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]

C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe [2008-08-01 405504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\G DATA AntiVirus Trayapplication]

C:\Program Files\G DATA\NotebookSecurity\AVKTray\AVKTray.exe [2008-09-19 995912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GDFirewallTray]

C:\Program Files\G DATA\NotebookSecurity\Firewall\GDFirewallTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-21 30192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]

C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2008-07-20 182808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LManager]

C:\PROGRA~1\LAUNCH~1\LManager.exe [2008-06-16 809480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

C:\Windows\system32\NvCpl.dll [2008-12-05 13601312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

C:\Windows\system32\NvMcTray.dll [2008-12-05 92704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie]

C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2008-07-18 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetI]

C:\Windows\PLFSetI.exe [2008-06-30 200704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]

C:\Windows\RtHDVCpl.exe [2008-05-07 6139904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-04 1037608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TSNxG4Tray]

C:\Program Files\G DATA\NotebookSecurity\TSNxG\TSNxGTray.exe [2008-09-18 243272]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]

C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WindowsWelcomeCenter]

oobefldr.dll,ShowWelcomeCenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZPdtWzdVitaKey MC3000]

C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe [2009-06-10 3719680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk]

C:\PROGRA~1\Acer\ACERVC~1\AcerVCM.exe [2009-01-07 1216512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Barbarian Invasion.lnk]

C:\PROGRA~1\ACTIVI~1\ROME-T~1\ROMETW~1.EXE [2005-08-19 15389913]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-04-24 723760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Uninstall Barbarian Invasion.lnk]

C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll [2002-12-02 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Play Rome Total War Online with GameSpy Arcade.lnk]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rome - Total War.lnk]

C:\PROGRA~1\ACTIVI~1\ROME-T~1\RomeTW.exe [2004-09-24 8884224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Johan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Uninstall Rome - Total War.lnk]

C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe [2003-11-10 761856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AWinNotifyVitaKey MC3000]

C:\Program Files\Acer\Acer Bio Protection\WinNotify.dll [2009-06-10 3162624]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"EnableLUA"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"VIDC.VP70"=vp7vfw.dll

"VIDC.XVID"=xvidvfw.dll

"VIDC.HFYU"=huffyuv.dll

"VIDC.YV12"=yv12vfw.dll

"msacm.ac3acm"=ac3acm.acm

"msacm.lameacm"=lameACM.acm

"VIDC.FFDS"=ff_vfw.dll

"vidc.dvsd"=pdvcodec.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-11-01 11:23:20 ----D---- C:\rsit

2012-11-01 11:23:20 ----D---- C:\Program Files\trend micro

2012-10-31 19:44:33 ----SHD---- C:\$RECYCLE.BIN

2012-10-31 18:19:00 ----D---- C:\Windows\temp

2012-10-31 18:07:54 ----D---- C:\ComboFix

2012-10-29 19:10:54 ----A---- C:\Windows\zip.exe

2012-10-29 19:10:54 ----A---- C:\Windows\SWSC.exe

2012-10-29 19:10:54 ----A---- C:\Windows\SWREG.exe

2012-10-29 19:10:54 ----A---- C:\Windows\sed.exe

2012-10-29 19:10:54 ----A---- C:\Windows\PEV.exe

2012-10-29 19:10:54 ----A---- C:\Windows\NIRCMD.exe

2012-10-29 19:10:54 ----A---- C:\Windows\MBR.exe

2012-10-29 19:10:54 ----A---- C:\Windows\grep.exe

2012-10-29 18:48:46 ----D---- C:\Qoobox

2012-10-29 18:48:14 ----D---- C:\Windows\erdnt

2012-10-27 18:41:53 ----D---- C:\Users\Johan\AppData\Roaming\Malwarebytes

2012-10-27 18:41:38 ----D---- C:\ProgramData\Malwarebytes

2012-10-27 18:41:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-10-27 18:41:33 ----A---- C:\Windows\system32\drivers\mbam.sys

2012-10-27 16:01:17 ----D---- C:\Program Files\Mozilla Firefox

2012-10-19 19:14:54 ----A---- C:\Windows\ntbtlog.txt

2012-10-02 17:23:19 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys

2012-10-02 17:19:41 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

======List of files/folders modified in the last 1 month======

2012-11-01 11:23:20 ----RD---- C:\Program Files

2012-10-31 19:48:18 ----D---- C:\Windows\System32

2012-10-31 19:48:18 ----D---- C:\Windows\inf

2012-10-31 19:48:18 ----A---- C:\Windows\system32\PerfStringBackup.INI

2012-10-31 19:42:56 ----D---- C:\Windows\system32\catroot2

2012-10-31 18:19:09 ----D---- C:\Windows

2012-10-31 18:19:09 ----A---- C:\Windows\system.ini

2012-10-31 18:16:42 ----D---- C:\Windows\system32\drivers

2012-10-31 18:15:32 ----D---- C:\Windows\AppPatch

2012-10-31 18:15:30 ----D---- C:\Program Files\Common Files

2012-10-29 21:04:46 ----D---- C:\Windows\system32\drivers\etc

2012-10-29 19:37:30 ----SHD---- C:\System Volume Information

2012-10-29 19:31:23 ----D---- C:\Windows\system32\config

2012-10-29 18:53:47 ----D---- C:\ProgramData\MFAData

2012-10-29 18:53:47 ----D---- C:\ProgramData\AVG2012

2012-10-29 18:53:31 ----SHD---- C:\Windows\Installer

2012-10-29 18:47:30 ----D---- C:\ProgramData\G DATA

2012-10-27 19:28:49 ----D---- C:\Program Files\Mozilla Maintenance Service

2012-10-27 18:41:38 ----D---- C:\ProgramData

2012-10-27 11:39:14 ----D---- C:\Windows\Tasks

2012-10-27 11:21:45 ----D---- C:\Program Files\Steam

2012-10-27 11:21:10 ----D---- C:\Windows\system32\Tasks

2012-10-18 18:20:35 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2012-10-18 17:36:31 ----D---- C:\Windows\system32\catroot

2012-10-18 17:36:30 ----D---- C:\Windows\winsxs

2012-10-17 22:47:24 ----D---- C:\Windows\system32\nl-NL

2012-10-17 22:47:19 ----D---- C:\Windows\system32\wbem

2012-10-17 22:46:07 ----D---- C:\Windows\system32\spool

2012-10-17 22:46:07 ----D---- C:\Windows\system32\Msdtc

2012-10-17 22:46:07 ----D---- C:\Windows\system32\CodeIntegrity

2012-10-17 22:46:06 ----D---- C:\Windows\rescache

2012-10-17 22:46:06 ----D---- C:\ProgramData\pdf995

2012-10-17 22:46:05 ----D---- C:\Windows\registration

2012-10-10 23:19:56 ----D---- C:\ProgramData\Microsoft Help

2012-10-02 17:23:18 ----DC---- C:\Windows\system32\DRVSTORE

2012-10-02 17:23:14 ----D---- C:\Program Files\iTunes

2012-10-02 17:19:51 ----D---- C:\Program Files\iPod

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AlfaFF;AlfaFF File System mini-filter; C:\Windows\system32\Drivers\AlfaFF.sys [2008-09-01 49424]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-07-20 324120]

R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2011-02-15 64512]

R0 PSDFilter;PSDFilter; C:\Windows\system32\DRIVERS\psdfilter.sys [2008-07-29 18992]

R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-06-10 721904]

R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824]

R1 GLogin;GLogin; C:\Windows\system32\drivers\GLogin.sys [2008-01-29 39544]

R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]

R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\drivers\GEARAspiWDM.sys [2012-08-21 26840]

R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2007-12-18 54784]

R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E60x86.sys [2008-05-19 47104]

R3 NETw5v32;Stuurprogramma voor Intel® Wireless WiFi Link Adapter onder Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752]

R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2008-01-30 14848]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-04 196784]

S0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys []

S1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]

S1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2010-01-01 26024]

S1 gdwfpcd;G DATA WFP CD; C:\Windows\system32\drivers\gdwfpcd32.sys [2009-06-10 39880]

S1 GRD;G DATA Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2009-06-10 29128]

S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-07-18 61424]

S2 cpuz132;cpuz132; \??\C:\Windows\system32\drivers\cpuz132_x32.sys [2009-03-27 12672]

S2 int15;int15; \??\C:\Windows\system32\drivers\int15.sys [2007-01-26 69632]

S2 NTIPPKernel;NTIPPKernel; \??\C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368]

S2 PSDNServ;PSDNServ; C:\Windows\system32\DRIVERS\PSDNServ.sys [2008-07-29 16944]

S2 psdvdisk;PSDVdisk; C:\Windows\system32\DRIVERS\PSDVdisk.sys [2008-07-29 60464]

S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2008-02-29 1202560]

S3 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys []

S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]

S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]

S3 BthPort;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2011-04-21 508416]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-06-17 30208]

S3 btwaudio;Bluetooth-audioapparaat; C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 79664]

S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 81200]

S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 16432]

S3 catchme;catchme; \??\C:\Users\Johan\AppData\Local\Temp\catchme.sys []

S3 Dot4;Microsoft IEEE-1284.4-stuurprogramma; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]

S3 Dot4Print;Stuurprogramma voor printerklasse voor IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]

S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]

S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-05-07 2134424]

S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [2011-02-15 15232]

S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-09-29 22856]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-09-24 45600]

S3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-12-05 7538560]

S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]

S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-02-15 43520]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 vfs101x;vfs101x; C:\Windows\system32\drivers\vfs101x.sys [2008-05-26 40752]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2007-12-11 12800]

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]

S2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

S2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 BUNAgentSvc;NTI Backup Now 5 Agent Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]

S2 CLHNService;CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 eDataSecurity Service;eDataSecurity Service; C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [2008-07-29 500784]

S2 ETService;Empowering Technology Service; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2008-06-02 24576]

S2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-04-30 815104]

S2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

S2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]

S2 IGBASVC;iGroupTec Service; C:\Program Files\Acer\Acer Bio Protection\BASVC.exe [2009-06-10 3520512]

S2 KbdLockService;G DATA Keyboard Protector Service; C:\Windows\System32\KbdLockService.exe [2008-01-29 173432]

S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]

S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]

S2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]

S2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2007-12-06 110592]

S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S2 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056]

S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072]

S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-12-05 203296]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-04-30 466944]

S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2007-01-09 272024]

S2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2008-07-19 233472]

S2 TSNxGService;TopSecret Service; C:\Program Files\G DATA\NotebookSecurity\TSNxG\TSNxGService.exe [2008-09-18 304712]

S2 TuneUp.ProgramStatisticsSvc;@%SystemRoot%\System32\TUProgSt.exe,-1; C:\Windows\System32\TUProgSt.exe [2009-08-03 603904]

S2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-21 21504]

S2 vfsFPService;Validity Fingerprint Service; C:\Windows\system32\vfsFPService.exe [2008-05-26 599344]

S2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-18 250808]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]

S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2011-03-21 30192]

S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-06-10 138168]

S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-05-15 87288]

S3 TuneUp.Defrag;@%SystemRoot%\System32\TuneUpDefragService.exe,-1; C:\Windows\System32\TuneUpDefragService.exe [2009-08-03 362240]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------

info:

info.txt logfile of random's system information tool 1.09 2012-11-01 11:24:02

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

-->MsiExec /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A450831D-25F6-4F42-9662-D000B25E0D82}\Setup.exe" -uninstall

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AA4BF92B-2AAF-11DA-9D78-000129760D75}\Setup.exe" -uninstall

32 Bit HP CIO Components Installer-->MsiExec.exe /I{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}

Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall

Acer Arcade Deluxe-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" /z-uninstall

Acer Bio Protection

AAV 6.0.00.15-->"C:\Program Files\Acer\Acer Bio Protection\uninstall.exe"

Acer Crystal Eye Webcam 3.0.6.3-->C:\Program Files\InstallShield Installation Information\{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}\setup.exe -runfromtemp -l0x0009 -removeonly

Acer eAudio Management-->"C:\Program Files\InstallShield Installation Information\{57265292-228A-41FA-9AEC-4620CBCC2739}\Setup.exe" -uninstall

Acer eDataSecurity Management-->C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSnstHelper.exe -Operation UNINSTALL

Acer Empowering Technology-->"C:\Program Files\InstallShield Installation Information\{8F1B6239-FEA0-450A-A950-B05276CE177C}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer ePower Management-->"C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer eRecovery Management-->"C:\Program Files\InstallShield Installation Information\{7F811A54-5A09-4579-90E1-C93498E230D9}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer eSettings Management-->"C:\Program Files\InstallShield Installation Information\{13D85C14-2B85-419F-AC41-C7F21E68B25D}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer GridVista-->C:\Windows\GVUni.exe GridV.UNI

Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x13 -removeonly

Acer Product Registration-->"C:\Program Files\InstallShield Installation Information\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}\setup.exe" -runfromtemp -l0x0013 -removeonly

Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly

Acer VCM-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}\setup.exe" -l0x13 -removeonly

Ad-Aware-->"C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe" REMOVE=TRUE MODIFY=FALSE

Ad-Aware-->C:\ProgramData\{2162CCC0-3A5F-4887-B51F-CE5F195B3620}\Ad-Aware90Install.exe

Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -maintain plugin

Adobe Reader 9.5.2 - Nederlands-->MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A95000000001}

Adobe Shockwave Player 11.5-->"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"

Agere Systems HDA Modem-->agrsmdel

Apple Application Support-->MsiExec.exe /I{63EC2120-1742-4625-AA47-C6A8AEC9C64C}

Apple Mobile Device Support-->MsiExec.exe /I{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver-->"C:\Program Files\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0013 -removeonly

AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"

Bonjour-->MsiExec.exe /X{79155F2B-9895-49D7-8612-D92580E0DE5B}

BS.Player FREE-->"C:\Program Files\Webteh\BSplayer\uninstall.exe"

C:\Program Files\Acer GameZone\GameConsole-->"C:\Program Files\Acer GameZone\GameConsole\unins000.exe"

CloneDVD2-->"C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files\Elaborate Bytes\CloneDVD2"

CPUID CPU-Z 1.52.2-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"

CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

CyberLink PowerDirector-->"C:\Program Files\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\setup.exe" /z-uninstall

D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe

Download Navigator-->MsiExec.exe /X{44715246-18E9-4EDF-AA03-94E4B4F80EA8}

EA Download Manager-->C:\Program Files\Electronic Arts\EADM\Uninstall.exe

EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r

EPSON SX230 Series Printer Uninstall-->C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FINSHKE.EXE /R /APD /P:"EPSON SX230 Series"

EpsonNet Print-->C:\Program Files\InstallShield Installation Information\{3E31400D-274E-4647-916C-2CACC3741799}\ENPSETUP.exe -runfromtemp -l0x0009 -EPSON -removeonly

eSobi v2-->C:\Program Files\InstallShield Installation Information\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\setup.exe -runfromtemp -l0x0413

ffdshow [rev 1324] [2007-07-01]-->"C:\Program Files\The FilmMachine\ffdshow\unins000.exe"

FIFA 10-->MsiExec.exe /X{11202615-E557-4ECF-9B86-F59C81E52909}

Free iPod Video Converter 1.34-->"C:\Program Files\Free iPod Video Converter\unins000.exe"

G DATA NotebookSecurity-->MsiExec.exe /I{7EF66DF5-F152-4CA2-BEA4-CC24ACEC08F3}

Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

HP Photosmart All-In-One Driver Software 10.0 Rel .2-->C:\Program Files\HP\Digital Imaging\{86D3D561-D1FD-4d57-8395-20030467E0F9}\setup\hpzscr01.exe -datfile hposcr21.dat -onestop

Intel PROSet Wireless-->Intel PROSet Wireless

Intel® Matrix Storage Manager-->C:\Program Files\Intel\Intel Matrix Storage Manager\Uninstall\imsmudlg.exe -uninstall

ITECIR-->C:\Program Files\InstallShield Installation Information\{40580068-9B10-40B5-9548-536CE88AB23C}\setup.exe -runfromtemp -l0x0013 -removeonly

iTunes-->MsiExec.exe /I{0F6F6876-6334-4977-B5DD-CFC12E193420}

JMicron JMB38X Flash Media Controller-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{26604C7E-A313-4D12-867F-7C6E7820BE4C}\ShieldInstall.exe" -l0x9 -removeonly

Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

K-Lite Codec Pack 5.2.0 (Full)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Launch Manager-->C:\Windows\UNINST32.EXE LManager.UNI

Malwarebytes Anti-Malware versie 1.65.1.1000-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Medal of Honor Allied Assault Spearhead-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x13

Medal of Honor Allied Assault-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x13

Medal of Honor Pacific Assault-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}\setup.exe" -l0x13 -removeonly

Medieval II Total War : Kingdoms : Americas-->C:\Program Files\InstallShield Installation Information\{75983B66-804C-40D1-BA13-64DAF652A6F1}\setup.exe -runfromtemp -l0x0009 -removeonly

Medieval II Total War : Kingdoms : Britannia-->C:\Program Files\InstallShield Installation Information\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}\setup.exe -runfromtemp -l0x0009 -removeonly

Medieval II Total War : Kingdoms : Crusades-->C:\Program Files\InstallShield Installation Information\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}\setup.exe -runfromtemp -l0x0009 -removeonly

Medieval II Total War : Kingdoms : Teutonic-->C:\Program Files\InstallShield Installation Information\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}\setup.exe -runfromtemp -l0x0009 -removeonly

Medieval II Total War-->C:\Program Files\InstallShield Installation Information\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}\setup.exe -runfromtemp -l0x0009 -removeonly

Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 3.5 Language Pack SP1 - nld-->MsiExec.exe /I{101738D7-D805-37A9-BB91-1F2C351782BF}

Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft .NET Framework 4 Client Profile NLD Language Pack-->MsiExec.exe /X{2617FA1F-0C04-3ABB-AF64-7D5B6620C341}

Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client

Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1D12BC91-360E-424C-97C4-813651313660}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0413-0000-0000000FF1CE} /uninstall {26257879-B20D-4D30-A429-B387A4890929}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}

Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}

Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL

Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}

Microsoft Office OneNote MUI (Dutch) 2007-->MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}

Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}

Microsoft Office Suite Activation Assistant-->MsiExec.exe /X{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual J# .NET Redistributable Package 1.1-->MsiExec.exe /X{1A655D51-1423-48A3-B748-8F5A0BE294C8}

Microsoft Works-->MsiExec.exe /I{A2A0A82F-025F-458D-A0CD-9BB2320804B5}

Movavi Video Converter 11-->C:\Program Files\Movavi Video Converter 11\uninst.exe

Mozilla Firefox 16.0.1 (x86 nl)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Mythic Mahjong-->"C:\Program Files\Acer GameZone\Mythic Mahjong\Uninstall.exe" "C:\Program Files\Acer GameZone\Mythic Mahjong\install.log"

NBA 2K9-->"C:\Program Files\Steam\steam.exe" steam://uninstall/7740

Need for Speed Underground 2-->C:\Program Files\EA GAMES\Need for Speed Underground 2\EAUninstall.exe

NTI Backup Now 5-->C:\Program Files\InstallShield Installation Information\{12EFA1A4-AC3B-443C-8143-237EDE760403}\setup.exe -runfromtemp -l0x0413

NTI Media Maker 8-->C:\Program Files\InstallShield Installation Information\{2413930C-8309-47A6-BC61-5EF27A4222BC}\setup.exe -runfromtemp -l0x0413

NVIDIA Drivers-->C:\Windows\system32\nvuninst.exe UninstallGUI

NVIDIA PhysX-->MsiExec.exe /X{DD1865F0-AD73-40FB-B23E-1822E02396FF}

OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}

Orion-->MsiExec.exe /X{5B63A470-9334-44D1-AF61-6CE2DB565AE9}

Pdf995-->C:\Program Files\pdf995\setup.exe uninstall

PhotoNow!-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall

QuickTime-->MsiExec.exe /I{0E64B098-8018-4256-BA23-C316A43AD9B0}

Real Alternative 1.7.5-->"C:\Program Files\Real Alternative\unins000.exe"

Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709

Rome - Total War-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A642BB6B-CA1D-4142-8DD4-318C3F3DC834} /l1033

Rome: Total War - Barbarian Invasion-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD69C8CB-6964-432C-98AB-A5A09ED50EEA}\setup.exe" -l0x9

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {3E0806DB-3085-378A-840A-F0D3AE3609D1} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7E97AB83-C1FE-38DE-B848-877E0A4BD81E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DB31DEDD-BF95-31E7-A9B7-5480561CEFF3} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {67A5F99B-5EBA-3812-8D2E-BC251490DD3F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {8DDEFC7E-0C61-3D11-AFC6-5414F2DAFD01} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4952F442-5C1A-38EB-8C23-B18EFE77E20C} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {9EC88EA8-4ABE-393C-87BD-90EABB1C4C9B} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {86BB5A25-8CC3-33CE-A393-CF28901682B2} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {16EEC04A-B924-37E0-97CF-422DCEFC1B63} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {C4D978AA-2668-3404-96DE-96E2AFC62FD7} /parameterfolder Client

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {31C0F635-15AD-4AA3-A3C6-B542B403D0EE}

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {3069CE04-082C-4669-9BA1-E6AA66330C1F}

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7}

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {7BCF7F6B-4AC0-4915-83B2-5CFF6BE9BF77}

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition -->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {075C2272-0881-46D3-B3A5-1D83D6940270}

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {728D9A6A-2206-31E8-9F65-C3EABEFCF53E} /parameterfolder ClientLP

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\setup.exe /uninstallpatch {2CE2EB39-45C8-32D4-8A99-5529C38F1B99} /parameterfolder ClientLP

Segoe UI-->MsiExec.exe /I{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}

Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}

Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - nld\setup.exe

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\ClientLP\Setup.exe /repair /x86 /lcid 1043 /parameterfolder ClientLP

The FilmMachine 1.6.1-->"C:\Program Files\The FilmMachine\unins000.exe"

The Rise of Atlantis-->"C:\Program Files\Acer GameZone\The Rise of Atlantis\Uninstall.exe" "C:\Program Files\Acer GameZone\The Rise of Atlantis\install.log"

TopSecret Biometrics Components-->C:\Program Files\InstallShield Installation Information\{C8BCC14C-2807-4C2D-A659-843427BF82E2}\setup.exe -runfromtemp -l0x0015 -removeonly

TuneUp Utilities 2009-->MsiExec.exe /I{55A29068-F2CE-456C-9148-C869879E2357}

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-002F-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5E9CF3A4-ADB3-3080-A8BF-976A28340758} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {81EBB9D7-173C-32E3-B477-149C8DE075E4} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D9961AC-7C99-36A2-9EF0-34678AED5384} /parameterfolder Client

Update voor Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {5CF7002F-6F49-4482-9564-5614FBE560FA}

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}

Update voor Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {A66AE6A1-8D8C-4102-BC18-38CBDE40F809}

Validity Sensors software-->MsiExec.exe /X{567E8236-C414-4888-8211-3D61608D57AE}

Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}

Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\Windows\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

WIDCOMM Bluetooth Software 6.0.1.5000-->MsiExec.exe /X{03D1988F-469F-4843-8E6E-E5FE9D17889D}

Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{2A07C35B-8384-4DA4-9A95-442B6C89A073}

Windows Live ID Sign-in Assistant-->MsiExec.exe /I{61AD15B2-50DB-4686-A739-14FE180D4429}

Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}

Windows Live Mail-->MsiExec.exe /I{D588365A-AE39-4F27-BDAE-B4E72C8E900C}

Windows Live MIME IFilter-->MsiExec.exe /I{AF844339-2F8A-4593-81B3-9F4C54038C4E}

Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}

Windows Live Movie Maker-->MsiExec.exe /X{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}

Windows Live Photo Common-->MsiExec.exe /X{9BD262D0-B788-4546-A0A5-F4F56EC3834B}

Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}

Windows Live Photo Gallery-->MsiExec.exe /X{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}

Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}

Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

Windows Live Sync-->MsiExec.exe /X{CD19EDD9-1632-4002-9212-7478E4BA0423}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{0BE5C4DB-8EA2-483D-BD71-D7EB09040CDE}

Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

Windows Live Writer Resources-->MsiExec.exe /X{14B441B7-774D-4170-98EA-A13667AE6218}

Windows Live Writer-->MsiExec.exe /X{7E017923-16F8-4E32-94EF-0A150BD196FE}

Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}

Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

WinRAR-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AS: Lavasoft Ad-Watch Live! (disabled)

AS: Windows Defender

======System event log======

Computer Name: laptop

Event Code: 7036

Message: De NTI Backup Now 5 Backup Service-service heeft nu de status wordt uitgevoerd.

Record Number: 352589

Source Name: Service Control Manager

Time Written: 20120222164137.000000-000

Event Type: Informatie

User:

Computer Name: laptop

Event Code: 7036

Message: De Net Driver HPZ12-service heeft nu de status wordt uitgevoerd.

Record Number: 352588

Source Name: Service Control Manager

Time Written: 20120222164137.000000-000

Event Type: Informatie

User:

Computer Name: laptop

Event Code: 7036

Message: De MobilityService-service heeft nu de status wordt uitgevoerd.

Record Number: 352587

Source Name: Service Control Manager

Time Written: 20120222164137.000000-000

Event Type: Informatie

User:

Computer Name: laptop

Event Code: 7036

Message: De Network Location Awareness-service heeft nu de status wordt uitgevoerd.

Record Number: 352586

Source Name: Service Control Manager

Time Written: 20120222164137.000000-000

Event Type: Informatie

User:

Computer Name: laptop

Event Code: 7036

Message: De LightScribeService Direct Disc Labeling Service-service heeft nu de status wordt uitgevoerd.

Record Number: 352585

Source Name: Service Control Manager

Time Written: 20120222164137.000000-000

Event Type: Informatie

User:

=====Application event log=====

Computer Name: laptop

Event Code: 0

Message:

Record Number: 64442

Source Name: iPod Service

Time Written: 20110303084543.000000-000

Event Type: Informatie

User:

Computer Name: laptop

Event Code: 1

Message: Client van Certificate Services is gestart.

Record Number: 64441

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20110303084523.028891-000

Event Type: Informatie

User: laptop\Johan

Computer Name: laptop

Event Code: 1

Message: Client van Certificate Services is gestart.

Record Number: 64440

Source Name: Microsoft-Windows-CertificateServicesClient

Time Written: 20110303084523.028891-000

Event Type: Informatie

User: NT AUTHORITY\SYSTEEM

Computer Name: laptop

Event Code: 10

Message: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Record Number: 64439

Source Name: Microsoft-Windows-WMI

Time Written: 20110303084450.000000-000

Event Type: Fout

User:

Computer Name: laptop

Event Code: 7500

Message: Intel RAID-controller: Onbekende controller

Aantal seriële ATA-poorten: 4

Versie RAID Option ROM: Onbekend

Stuurprogrammaversie: 8.5.0.1032

Versie RAID-module: 8.5.0.1032

Versie taalresources van RAID-module: Bestand niet gevonden

Versie van wizard Volume maken: 8.5.0.1032

Versie taalresources voor wizard Volume maken: Bestand niet gevonden

Versie van wizard Volume maken op basis van bestaande harde schijf: 8.5.0.1032

Versie taalresources voor wizard Volume maken op basis van bestaande harde schijf: Bestand niet gevonden

Versie van wizard Volume wijzigen: 8.5.0.1032

Versie taalresources voor wizard Volume wijzigen: Bestand niet gevonden

Versie van wizard Volume verwijderen: 8.5.0.1032

Versie taalresources voor wizard Volume verwijderen: Bestand niet gevonden

ISDI-bibliotheekversie: 8.5.0.1032

Versie hulpmiddel voor gebruikersmeldingen van controleprogramma voor gebeurtenissen: 8.5.0.1032

Versie taalresources voor hulpmiddel voor gebruikersmeldingen van controleprogramma voor gebeurtenissen: Bestand niet gevonden

Versie controleprogramma voor gebeurtenissen: 8.5.0.1032

Harde schijf 0

Gebruik: Onbekend gebruik harde schijf

Status: Normaal

Apparaatpoort: 0

Locatie apparaatpoort: Intern

Huidige SATA-overdrachtmodus: Generatie 2

Model: WDC WD5000BEVT-22ZAT0

Serienummer: WD-WXNY08NW1842

Firmware: 01.01A01

Ondersteuning voor geïntegreerde opdrachtwachtrijen: Ja

Systeemschijf: Ja

Grootte: 465.7 GB

Grootte van fysieke sector: 512 bytes

Grootte van logische sector: 512 bytes

Harde schijf 1

Gebruik: Onbekend gebruik harde schijf

Status: Normaal

Apparaatpoort: 1

Locatie apparaatpoort: Intern

Huidige SATA-overdrachtmodus: Generatie 2

Model: WDC WD5000BEVT-22ZAT0

Serienummer: WD-WXNY08NM2753

Firmware: 01.01A01

Ondersteuning voor geïntegreerde opdrachtwachtrijen: Ja

Systeemschijf: Nee

Grootte: 465.7 GB

Grootte van fysieke sector: 512 bytes

Grootte van logische sector: 512 bytes

Niet gebruikte poort 0

Apparaatpoort: 5

Locatie apparaatpoort: Extern

CD/DVD-station 0

Apparaatpoort: 4

Locatie apparaatpoort: Intern

Huidige SATA-overdrachtmodus: Generatie 1

Model: Slimtype BD E DS4E1S

Serienummer: 810150311543

Firmware: EA12

Record Number: 64438

Source Name: IAANTmon

Time Written: 20110303084442.000000-000

Event Type: Informatie

User:

=====Security event log=====

Computer Name: laptop

Event Code: 4648

Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: LAPTOP$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:

Accountnaam: Johan

Accountdomein: laptop

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:

Naam van doelserver: localhost

Aanvullende gegevens: localhost

Procesgegevens:

Proces-id: 0x410

Procesnaam: C:\Windows\System32\winlogon.exe

Netwerkgegevens:

Netwerkadres: 127.0.0.1

Poort: 0

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

Record Number: 69749

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110506115421.894800-000

Event Type: Controle geslaagd

User:

Computer Name: laptop

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 69748

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110506115400.054800-000

Event Type: Controle geslaagd

User:

Computer Name: laptop

Event Code: 4624

Message: Er is een account aangemeld.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: LAPTOP$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldingstype: 5

Nieuwe aanmelding:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Procesgegevens:

Proces-id: 0x380

Naam proces: C:\Windows\System32\services.exe

Netwerkgegevens:

Naam van werkstation:

Netwerkadres van bron: -

Poort van bron: -

Gedetailleerde verificatiegegevens:

Aanmeldingsproces: Advapi

Verificatiepakket: Negotiate

Doorgezette services: -

Pakketnaam (alleen NTLM): -

Sleutellengte: 0

Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.

- Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.

- In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.

- Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.

- Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.

Record Number: 69747

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110506115400.054800-000

Event Type: Controle geslaagd

User:

Computer Name: laptop

Event Code: 4648

Message: Poging tot aanmelden met expliciete referenties.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: LAPTOP$

Accountdomein: WORKGROUP

Aanmeldings-id: 0x3e7

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Account waarvan de referenties zijn gebruikt:

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

Doelserver:

Naam van doelserver: localhost

Aanvullende gegevens: localhost

Procesgegevens:

Proces-id: 0x380

Procesnaam: C:\Windows\System32\services.exe

Netwerkgegevens:

Netwerkadres: -

Poort: -

Deze gebeurtenis wordt gegenereerd wanneer een proces probeert zich op een account aan te melden door expliciet de referenties van die account op te geven. Meestal gebeurt dit in batchconfiguraties zoals geplande taken, of bij gebruik van de opdracht Uitvoeren als.

Record Number: 69746

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110506115400.054800-000

Event Type: Controle geslaagd

User:

Computer Name: laptop

Event Code: 4672

Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

Onderwerp:

Beveiligings-id: S-1-5-18

Accountnaam: SYSTEEM

Accountdomein: NT AUTHORITY

Aanmeldings-id: 0x3e7

Bevoegdheden: SeAssignPrimaryTokenPrivilege

SeTcbPrivilege

SeSecurityPrivilege

SeTakeOwnershipPrivilege

SeLoadDriverPrivilege

SeBackupPrivilege

SeRestorePrivilege

SeDebugPrivilege

SeAuditPrivilege

SeSystemEnvironmentPrivilege

SeImpersonatePrivilege

Record Number: 69745

Source Name: Microsoft-Windows-Security-Auditing

Time Written: 20110506115359.664800-000

Event Type: Controle geslaagd

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Acer\Empowering Technology\eDataSecurity;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\Windows Live\Shared;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\QuickTime\QTSystem

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=x86

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"USERNAME"=SYSTEM

"windir"=%SystemRoot%

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel

"PROCESSOR_REVISION"=170a

"NUMBER_OF_PROCESSORS"=4

"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat

"DFSTRACINGON"=FALSE

"Pathtem"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64

"NTIPath"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86;C:\Program Files\Acer\Empowering Technology\eDataSecurity\x64;C:\Program Files\NewTech Infosystems\NTI Backup Now 5\;

"asl.log"=Destination=file

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip

"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

Link naar reactie
Delen op andere sites


×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.