Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

svp controle, onverklaarbare vastlopers

None
9 antwoorden
  • Win 7 , atomatische updates, maar zaak loopt meest rare momenten vast. Ook Inet hangt af en toe. MBAM geeft geen infecties dus maar HJT logje
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:51:30, on 4-9-2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe
    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe" -agent
    O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe" -RESTART
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 10507 bytes
  • Hallo Anjo, ik zie dat het een 64-bit versie van Windows 7 betreft.

    Heb je deze Windows 7 nieuw met PC gekocht - of in een bestaande PC geïnstalleerd?
    En heb je vooraf de Windows Upgrade Advisor gebruikt?

    Op welke manier wordt het vastlopen gekenmerkt? Bevriezen van beeld?

    Doe in ieder geval het volgende:
    [list:0f4a6c216a][*:0f4a6c216a] Gebruikers van Windows Vista en Windows 7 starten het tool middels rechtsklik en daarbij dan kiezend voor Als Administrator uitvoeren!
    [*:0f4a6c216a] klik\Dubbelklik op RSIT.exe om het tool te starten.
    [*:0f4a6c216a] Klik op Continue in het disclaimer venster.
    [*:0f4a6c216a] Nadat de scan beëindigd is, zullen twee logs openen.
    [*:0f4a6c216a] Post log.txt (deze zal gemaximaliseerd zijn) en dito info.txt (deze zal geminimaliseerd zijn)[/list:u:0f4a6c216a]
    [b:0f4a6c216a]Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt overigens nog het volgende:[/b:0f4a6c216a]
    [list:0f4a6c216a][*:0f4a6c216a] Dan dient RSIT in compatibiliteitsmodus uitgevoerd te worden.
    [*:0f4a6c216a] Middels rechtsklik op RSIT.exe kies je voor Eigenschappen
    [*:0f4a6c216a] klik nu op de tab Compatibiliteit
    [*:0f4a6c216a] Vink Dit programma uitvoeren in compatibiliteitsmodus voor aan en kies vervolgens voor Windows XP (Service Pack 3)[/list:u:0f4a6c216a]
  • Nieuwe PC met legale Win7 Prof.
    Advisor geeft alles ok , mogelijke upgrade naar ultimate, maar die draait op laptop
    log
    info.txt logfile of random's system information tool 1.08 2010-09-04 16:10:24

    ======Uninstall list======

    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS2"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ExploitShield"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gadget"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ISP News"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure NRS"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure ORSP Client"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
    –>"C:\Program Files (x86)\Internetbeveiliging\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Web Filter"
    Adobe Flash Player 10 ActiveX–>C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
    Adobe Reader 9.3.4 - Nederlands–>MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-A93000000001}
    Adobe Shockwave Player 11.5–>"C:\Windows\system32\Adobe\Shockwave 11\uninstaller.exe"
    Advertising Center–>MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D}
    AnyDVD–>"C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files (x86)\SlySoft\AnyDVD"
    AutoUnpack 4.4.4–>"C:\Program Files (x86)\AutoUnpack\unins000.exe"
    CameraHelperMsi–>MsiExec.exe /I{15634701-BACE-4449-8B25-1567DA8C9FD3}
    Catalyst Control Center - Branding–>MsiExec.exe /I{1FF713E1-FE5E-4AD0-9C8C-B2E877846B45}
    CCleaner–>"C:\Program Files (x86)\CCleaner\uninst.exe"
    CloneDVD 5.0.0.1–>"C:\Program Files (x86)\CloneDVD5\unins000.exe"
    CloneDVD2–>"C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe" /D="C:\Program Files (x86)\Elaborate Bytes\CloneDVD2"
    CorelDRAW Graphics Suite X4 - Capture–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF012}
    CorelDRAW Graphics Suite X4 - Content–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF016}
    CorelDRAW Graphics Suite X4 - Draw–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF013}
    CorelDRAW Graphics Suite X4 - Filters–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF017}
    CorelDRAW Graphics Suite X4 - FontNav–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF019}
    CorelDRAW Graphics SUite X4 - ICA–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF010}
    CorelDRAW Graphics Suite X4 - IPM–>MsiExec.exe /I{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}
    CorelDRAW Graphics Suite X4 - Lang NL–>MsiExec.exe /I{A6C27FFF-75EF-4B5B-A64E-F9E128994908}
    CorelDRAW Graphics Suite X4 - PP–>MsiExec.exe /I{7F05E704-30A6-421A-97A7-8EEB1C7FF014}
    CorelDRAW Graphics Suite X4 - VBA–>MsiExec.exe /I{BF439B41-0252-48DE-8B8B-0430CB26A181}
    CorelDRAW Graphics Suite X4–>MsiExec.exe /I{44A27085-0616-4181-A0C3-81C7ECA17F73}
    CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension–>c:\Program Files (x86)\Common Files\Corel\Shared\Shell Extension\Uninst.exe
    CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension–>MsiExec.exe /X{CE2DA11A-917F-4CF5-AB55-755EC115DD10}
    CorelDRAW(R) Graphics Suite X4–>C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X4\Setup\SetupARP.exe /arp
    Definition update for Microsoft Office 2010 (KB982726)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{691FAD36-EC97-46FA-9F96-4CA91C126ECA}" "1043" "0"
    DolbyFiles–>MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}
    DriverMax 5–>"C:\Program Files (x86)\Innovative Solutions\DriverMax\unins000.exe"
    erLT–>MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
    F-Secure PSC Prerequisites–>MsiExec.exe /I{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}
    GetDataBack for FAT–>"C:\Program Files (x86)\Runtime Software\GetDataBack\Uninstall.exe" "C:\Program Files (x86)\Runtime Software\GetDataBack\install.log" -u
    GetDataBack for NTFS–>"C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\Uninstall.exe" "C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\install.log" -u
    Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    HijackThis 2.0.2–>"C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe" /uninstall
    HiJackThis–>MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}
    HydraVision–>MsiExec.exe /X{FB6DE932-24CA-D1C0-2FD8-1DFCE4A33CC5}
    ImgBurn–>"C:\Program Files (x86)\ImgBurn\uninstall.exe"
    Junk Mail filter update–>MsiExec.exe /I{8E5233E1-7495-44FB-8DEB-4BE906D59619}
    Logitech-webcamsoftware–>"C:\Program Files (x86)\Common Files\LogiShrd\Installer\{D40EB009-0499-459c-A8AF-C9C110766215}\setup.exe" /lang=NLD /guid="{D40EB009-0499-459c-A8AF-C9C110766215}"
    LWS Facebook–>MsiExec.exe /I{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}
    LWS Gallery–>MsiExec.exe /I{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}
    LWS Help_main–>MsiExec.exe /I{1651216E-E7AD-4250-92A1-FB8ED61391C9}
    LWS Launcher–>MsiExec.exe /I{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}
    LWS Motion Detection–>MsiExec.exe /I{71E66D3F-A009-44AB-8784-75E2819BA4BA}
    LWS Pictures And Video–>MsiExec.exe /I{08610298-29AE-445B-B37D-EFBE05802967}
    LWS Video Mask Maker–>MsiExec.exe /I{EED027B7-0DB6-404B-8F45-6DFEE34A0441}
    LWS Webcam Software–>MsiExec.exe /I{8937D274-C281-42E4-8CDB-A0B2DF979189}
    LWS WLM Plugin–>MsiExec.exe /I{9DAEA76B-E50F-4272-A595-0124E826553D}
    LWS YouTube Plugin–>MsiExec.exe /I{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}
    Malwarebytes' Anti-Malware–>"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    MediaMonkey 3.2–>"C:\Program Files (x86)\MediaMonkey\unins000.exe"
    Menu Templates - Starter Kit–>MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C}
    Microsoft Choice Guard–>MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
    Microsoft Office Access MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0015-0413-0000-0000000FF1CE}
    Microsoft Office Excel MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0016-0413-0000-0000000FF1CE}
    Microsoft Office Groove MUI (Dutch) 2010–>MsiExec.exe /X{90140000-00BA-0413-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0044-0413-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (Dutch) 2010–>MsiExec.exe /X{90140000-00A1-0413-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (Dutch) 2010–>MsiExec.exe /X{90140000-001A-0413-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0018-0413-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2010–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
    Microsoft Office Professional Plus 2010–>MsiExec.exe /X{91140000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (Dutch) 2010–>MsiExec.exe /X{90140000-001F-0413-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2010–>MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2010–>MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (German) 2010–>MsiExec.exe /X{90140000-001F-0407-0000-0000000FF1CE}
    Microsoft Office Proofing (Dutch) 2010–>MsiExec.exe /X{90140000-002C-0413-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (Dutch) 2010–>MsiExec.exe /X{90140000-0019-0413-0000-0000000FF1CE}
    Microsoft Office ScreenTip Language 2010 - English–>MsiExec.exe /X{90140000-00BD-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (Dutch) 2010–>MsiExec.exe /X{90140000-006E-0413-0000-0000000FF1CE}
    Microsoft Office Word MUI (Dutch) 2010–>MsiExec.exe /X{90140000-001B-0413-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack–>MsiExec.exe /I{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}
    Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Sync Framework Runtime Native v1.0 (x86)–>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework Services Native v1.0 (x86)–>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148–>MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Movie Templates - Starter Kit–>MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0}
    MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP2 (KB954430)–>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    MSXML 4.0 SP2 (KB973688)–>MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
    Nero 9–>C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-0180-PZ5K-188L-H7PX-358A-3491-47W5"
    Nero BurnRights–>MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB}
    Nero ControlCenter–>MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}
    Nero CoverDesigner–>MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}
    Nero Disc Copy Gadget–>MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3}
    Nero DiscSpeed–>MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C}
    Nero DriveSpeed–>MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A}
    Nero InfoTool–>MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139}
    Nero Installer–>MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF}
    Nero PhotoSnap–>MsiExec.exe /X{9E82B934-9A25-445B-B8DF-8012808074AC}
    Nero Recode–>MsiExec.exe /X{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}
    Nero Rescue Agent–>MsiExec.exe /X{368BA326-73AD-4351-84ED-3C0A7A52CC53}
    Nero ShowTime–>MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}
    Nero StartSmart–>MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2}
    Nero Vision–>MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B}
    Nero WaveEditor–>MsiExec.exe /X{A209525B-3377-43F4-B886-32F6B6E7356F}
    NeroBurningROM–>MsiExec.exe /X{D025A639-B9C9-417D-8531-208859000AF8}
    NeroExpress–>MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270}
    neroxml–>MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    PixiePack Codec Pack–>MsiExec.exe /I{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}
    Radiotracker–>MsiExec.exe /I{4319241C-3DAD-42FE-965D-4D580795785C}
    Scherminfotaal van Microsoft Office 2010 - Nederlands–>MsiExec.exe /X{90140000-00BD-0413-0000-0000000FF1CE}
    Security Update for CAPICOM (KB931906)–>MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Security Update for CAPICOM (KB931906)–>MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
    Skype Toolbars–>MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A}
    Skype™ 4.2–>MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
    SoundTrax–>MsiExec.exe /X{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}
    TeamViewer 5–>C:\Program Files (x86)\TeamViewer\Version5\uninstall.exe
    TomTom HOME 2.7.5.2014–>C:\Program Files (x86)\TomTom HOME 2\Uninstall TomTom HOME.exe
    TomTom HOME Visual Studio Merge Modules–>MsiExec.exe /I{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}
    Update for Microsoft Office 2010 (KB2202188)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1043" "0"
    Update for Microsoft Outlook Social Connector (KB983403)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{91140000-0011-0000-0000-0000000FF1CE}" "{3D462F23-F81B-4740-B4B4-ED2A07E9AC23}" "1043" "0"
    Update voor Microsoft Outlook Social Connector (KB983403)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-001A-0413-0000-0000000FF1CE}" "{5B72E0A9-5AEB-413E-B6DE-C2857DC1E8E3}" "1043" "0"
    UseNeXT–>"Z:\UseNext2\UseNeXT\unins000.exe"
    VLC media player 1.1.4–>C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
    Windows 7 Upgrade Advisor–>MsiExec.exe /I{0DC66F25-C58F-40d3-86BC-CA29C6D99BF8}
    Windows Live - Hulpprogramma voor uploaden–>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Live aanmeldhulp–>MsiExec.exe /I{1BD6AE96-4742-4498-9D03-9451C7E5A214}
    Windows Live Call–>MsiExec.exe /I{C20C2630-B3A7-44BA-BDD0-31E256AE490E}
    Windows Live Communications Platform–>MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}
    Windows Live Essentials–>C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials–>MsiExec.exe /I{EB5A3E9D-91CF-4C97-B816-72DE0625ACA3}
    Windows Live Mail–>MsiExec.exe /I{2869F5EA-93C3-48E5-80DF-DB696BC84A91}
    Windows Live Messenger–>MsiExec.exe /X{CC38A00D-7EED-46CE-9281-D1D97B81F22A}
    Windows Live Movie Maker–>MsiExec.exe /X{32061277-9F45-4C3B-8299-D106D5A502ED}
    Windows Live Photo Gallery–>MsiExec.exe /X{6FEC9863-5EF2-4A07-9D0B-CA81B47E3F59}
    Windows Live Sync–>MsiExec.exe /X{E34F703A-1C9D-4B1F-ABBE-D7E8800B860D}
    Windows Live Toolbar–>MsiExec.exe /X{41DFDD57-21B7-4C48-8C75-FFB35696CA8B}
    Windows Live Writer–>MsiExec.exe /X{35CA031C-D3CD-4A28-8D9B-C71466C4F045}
    Ziggo uitgebreide internetbeveiliging–>"C:\Program Files (x86)\Internetbeveiliging\FSGUI\PostInstall.exe" /tUnInstall

    ======System event log======

    Computer Name: 37L4247E29-32
    Event Code: 7036
    Message: De Cryptographic Services-service heeft nu de status stopped.
    Record Number: 5
    Source Name: Service Control Manager
    Time Written: 20090714051424.262212-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 7036
    Message: De Windows Modules Installer-service heeft nu de status stopped.
    Record Number: 4
    Source Name: Service Control Manager
    Time Written: 20090714051424.168612-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 7036
    Message: De Software Protection-service heeft nu de status stopped.
    Record Number: 3
    Source Name: Service Control Manager
    Time Written: 20090714051424.059412-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 7036
    Message: De Windows Event Log-service heeft nu de status stopped.
    Record Number: 2
    Source Name: Service Control Manager
    Time Written: 20090714051424.012612-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 7036
    Message: De Volume Shadow Copy-service heeft nu de status stopped.
    Record Number: 1
    Source Name: Service Control Manager
    Time Written: 20090714051423.934612-000
    Event Type: Informatie
    User:

    =====Application event log=====

    Computer Name: 37L4247E29-32
    Event Code: 900
    Message: De Software Protection-service wordt gestart.

    Record Number: 5
    Source Name: Microsoft-Windows-Security-SPP
    Time Written: 20100704095107.000000-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 5617
    Message: Subsystemen van Windows Management Instrumentation-service zijn geïnitialiseerd
    Record Number: 4
    Source Name: Microsoft-Windows-WMI
    Time Written: 20100704094910.000000-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 5615
    Message: De Windows Management Instrumentation-service is gestart
    Record Number: 3
    Source Name: Microsoft-Windows-WMI
    Time Written: 20100704094903.000000-000
    Event Type: Informatie
    User:

    Computer Name: 37L4247E29-32
    Event Code: 1531
    Message: De User Profile-service is gestart.


    Record Number: 2
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20100704094856.718750-000
    Event Type: Informatie
    User: NT AUTHORITY\SYSTEM

    Computer Name: 37L4247E29-32
    Event Code: 4625
    Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.
    Record Number: 1
    Source Name: Microsoft-Windows-EventSystem
    Time Written: 20100704094857.000000-000
    Event Type: Informatie
    User:

    =====Security event log=====

    Computer Name: 37L4247E29-32
    Event Code: 4735
    Message: Er is een lokale groep met beveiliging gewijzigd.

    Onderwerp:
    Beveiligings-id: S-1-5-18
    Accountnaam: 37L4247E29-32$
    Accountdomein: WORKGROUP
    Aanmeldings-id: 0x3e7

    Groep:
    Beveiligings-id: S-1-5-32-551
    Naam van groep: Back-upoperators
    Domein van groep: Builtin

    Gewijzigde kenmerken:
    SAM-accountnaam: -
    SID-geschiedenis: -

    Aanvullende gegevens:
    Bevoegdheden: -
    Record Number: 5
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100704094833.093750-000
    Event Type: Controle geslaagd
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4731
    Message: Er is een lokale groep met beveiliging gemaakt.

    Onderwerp:
    Beveiligings-id: S-1-5-18
    Accountnaam: 37L4247E29-32$
    Accountdomein: WORKGROUP
    Aanmeldings-id: 0x3e7

    Nieuwe groep:
    Beveiligings-id: S-1-5-32-551
    Naam van groep: Back-upoperators
    Domein van groep: Builtin

    Kenmerken:
    SAM-accountnaam: Back-upoperators
    SID-geschiedenis: -

    Aanvullende gegevens:
    Bevoegdheden: -
    Record Number: 4
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100704094833.062500-000
    Event Type: Controle geslaagd
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4902
    Message: De tabel voor controlebeleid per gebruiker is gemaakt.

    Aantal elementen: 0
    Beleids-id: 0x304a5
    Record Number: 3
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100704094832.328125-000
    Event Type: Controle geslaagd
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4624
    Message: Er is een account aangemeld.

    Onderwerp:
    Beveiligings-id: S-1-0-0
    Accountnaam: -
    Accountdomein: -
    Aanmeldings-id: 0x0

    Aanmeldingstype: 0

    Nieuwe aanmelding:
    Beveiligings-id: S-1-5-18
    Accountnaam: SYSTEM
    Accountdomein: NT AUTHORITY
    Aanmeldings-id: 0x3e7
    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Procesgegevens:
    Proces-id: 0x4
    Naam proces:

    Netwerkgegevens:
    Naam van werkstation: -
    Netwerkadres van bron: -
    Poort van bron: -

    Gedetailleerde verificatiegegevens:
    Aanmeldingsproces: -
    Verificatiepakket: -
    Doorgezette services: -
    Pakketnaam (alleen NTLM): -
    Sleutellengte: 0

    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

    De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
    Record Number: 2
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100704094828.984375-000
    Event Type: Controle geslaagd
    User:

    Computer Name: 37L4247E29-32
    Event Code: 4608
    Message: Windows wordt opgestart.

    Deze gebeurtenis wordt in het logboek geregistreerd wanneer LSASS.EXE wordt gestart en het subsysteem voor controle wordt geïnitialiseerd.
    Record Number: 1
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20100704094828.796875-000
    Event Type: Controle geslaagd
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "NUMBER_OF_PROCESSORS"=2
    "PROCESSOR_LEVEL"=16
    "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION"=0602

    —————–EOF—————–

    Logfile of random's system information tool 1.08 (written by random
    andom)
    Run by Anjo at 2010-09-04 16:10:22
    Microsoft Windows 7 Professional
    System drive C: has 149 GB (63%) free of 238 GB
    Total RAM: 4095 MB (64% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 16:10:23, on 4-9-2010
    Platform: Windows 7 (WinNT 6.00.3504)
    MSIE: Internet Explorer v8.00 (8.00.7600.16385)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe
    C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
    C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
    C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
    C:\Program Files (x86)\Internetbeveiliging\Common\FSLAUNCH.EXE
    C:\Users\Anjo\Desktop\RSIT.exe
    C:\Program Files (x86)\Trend Micro\HijackThis\Anjo.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
    O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\Internetbeveiliging\NRS\iescript\baselitmus.dll
    O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\Internetbeveiliging\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\Internetbeveiliging\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe" -agent
    O4 - HKCU\..\Run: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe" -RESTART
    O4 - HKCU\..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Google Sidewiki… - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files (x86)\Internetbeveiliging\Anti-Virus\fsgk32st.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\Common\FSMA32.EXE
    O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\Internetbeveiliging\ORSP Client\fsorsp.exe
    O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 12408 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2009-01-14 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
    Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-08 804136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    Office Document Cache Handler - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL [2010-02-28 561552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C6867EB7-8350-4856-877F-93CF8AE3DC9C}]
    Browsing Protection Class - C:\Program Files (x86)\Internetbeveiliging\NRS\iescript\baselitmus.dll [2010-09-04 570088]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]
    {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - Browsing Protection Toolbar - C:\Program Files (x86)\Internetbeveiliging\NRS\iescript\baselitmus.dll [2010-09-04 570088]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [2010-05-07 165208]
    "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-10-01 98304]
    "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
    "Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
    "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
    "F-Secure Manager"=C:\Program Files (x86)\Internetbeveiliging\Common\FSM32.EXE [2009-08-05 199264]
    "F-Secure TNB"=C:\Program Files (x86)\Internetbeveiliging\FSGUI\TNBUtil.exe [2009-08-05 2349664]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080]
    "TomTomHOME.exe"=C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2010-06-24 247144]
    "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2010-05-13 26192168]
    "DriverMax"=C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe [2010-03-01 9216928]
    "DriverMax_RESTART"=C:\Program Files (x86)\Innovative Solutions\DriverMax\devices.exe [2010-03-01 9216928]
    "AnyDVD"=C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [2010-07-27 4455360]

    C:\Users\Anjo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    OneNote 2010 Schermopname en Snel starten.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\AFD]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoActiveDesktop"=1
    "NoActiveDesktopChanges"=1
    "ForceActiveDesktopOn"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1
    .js - open - C:\Windows\System32\WScript.exe "%1" %*

    ======List of files/folders created in the last 1 months======

    2010-09-04 16:10:22 —-D—- C:\rsit
    2010-09-04 16:07:10 —-D—- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
    2010-09-04 13:53:39 —-D—- C:\Program Files (x86)\MediaMonkey
    2010-09-04 12:39:31 —-A—- C:\Windows\SysWOW64\drivers\fsbts.sys
    2010-09-04 12:39:01 —-A—- C:\Windows\SysWOW64\PerfStringBackup.INI
    2010-09-04 12:38:35 —-D—- C:\Program Files (x86)\Internetbeveiliging
    2010-09-04 12:38:08 —-D—- C:\ProgramData\fssg
    2010-09-04 12:37:31 —-D—- C:\ProgramData\f-secure
    2010-09-04 11:27:42 —-D—- C:\Program Files (x86)\Trend Micro
    2010-09-02 15:36:29 —-D—- C:\Users\Anjo\AppData\Roaming\vlc
    2010-09-02 15:06:10 —-D—- C:\ProgramData\Fighters
    2010-08-25 18:57:19 —-A—- C:\Windows\SysWOW64\oleaut32.dll
    2010-08-17 21:58:21 —-D—- C:\Program Files (x86)\CCleaner
    2010-08-17 14:36:06 —-D—- C:\ProgramData\Symantec
    2010-08-17 14:36:06 —-D—- C:\ProgramData\Norton
    2010-08-17 14:36:05 —-D—- C:\ProgramData\NortonInstaller
    2010-08-17 12:49:58 —-D—- C:\Program Files (x86)\AutoUnpack
    2010-08-17 11:53:18 —-D—- C:\Users\Anjo\AppData\Roaming\Google
    2010-08-17 11:07:20 —-D—- C:\Windows\SysWOW64\Adobe
    2010-08-16 20:46:03 —-D—- C:\Program Files (x86)\Runtime Software
    2010-08-11 09:20:08 —-A—- C:\Windows\SysWOW64\mshtml.dll
    2010-08-11 09:20:07 —-A—- C:\Windows\SysWOW64\ieframe.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\wininet.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\urlmon.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\mstime.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\msfeedsbs.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\jsproxy.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\ieui.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\iepeers.dll
    2010-08-11 09:20:06 —-A—- C:\Windows\SysWOW64\iedkcs32.dll
    2010-08-11 09:20:05 —-A—- C:\Windows\SysWOW64\msfeedssync.exe
    2010-08-11 09:20:04 —-A—- C:\Windows\SysWOW64\msxml3.dll
    2010-08-11 09:20:04 —-A—- C:\Windows\SysWOW64\iccvid.dll
    2010-08-11 09:20:00 —-A—- C:\Windows\SysWOW64\schannel.dll
    2010-08-11 09:19:58 —-A—- C:\Windows\SysWOW64
    toskrnl.exe
    2010-08-11 09:19:58 —-A—- C:\Windows\SysWOW64
    tkrnlpa.exe
    2010-08-11 09:19:57 —-A—- C:\Windows\SysWOW64\rtutils.dll
    2010-08-10 17:41:07 —-D—- C:\ProgramData\Adobe
    2010-08-10 17:41:05 —-D—- C:\Program Files (x86)\Common Files\Adobe
    2010-08-10 17:41:05 —-D—- C:\Program Files (x86)\Adobe
    2010-08-10 17:40:17 —-D—- C:\ProgramData\Google
    2010-08-10 17:40:17 —-D—- C:\Program Files (x86)\Google

    ======List of files/folders modified in the last 1 months======

    2010-09-04 16:10:23 —-D—- C:\Windows\Temp
    2010-09-04 16:07:50 —-D—- C:\Windows\System32
    2010-09-04 16:07:11 —-SHD—- C:\Windows\Installer
    2010-09-04 16:07:10 —-RD—- C:\Program Files (x86)
    2010-09-04 16:07:03 —-SHD—- C:\System Volume Information
    2010-09-04 16:06:37 —-D—- C:\Windows\Prefetch
    2010-09-04 16:05:56 —-D—- C:\Users\Anjo\AppData\Roaming\Skype
    2010-09-04 16:03:17 —-D—- C:\Windows\SysWOW64\logishrd
    2010-09-04 15:32:55 —-D—- C:\Windows
    2010-09-04 12:39:31 —-D—- C:\Windows\SysWOW64\drivers
    2010-09-04 12:39:12 —-D—- C:\Windows\SysWOW64
    2010-09-04 12:39:12 —-D—- C:\Windows\inf
    2010-09-04 12:38:08 —-HD—- C:\ProgramData
    2010-09-04 08:36:42 —-D—- C:\Windows\winsxs
    2010-09-03 13:23:43 —-D—- C:\Users\Anjo\AppData\Roaming\UseNeXT
    2010-09-02 15:59:29 —-D—- C:\Users\Anjo\AppData\Roaming\dvdcss
    2010-09-02 15:32:14 —-D—- C:\Windows\Tasks
    2010-09-02 15:13:42 —-D—- C:\Windows\Minidump
    2010-09-02 15:05:40 —-RD—- C:\Program Files
    2010-08-31 10:06:23 —-D—- C:\Windows\AppCompat
    2010-08-31 10:06:23 —-D—- C:\Program Files (x86)\TomTom HOME 2
    2010-08-31 10:06:23 —-D—- C:\Program Files (x86)\Common Files\logishrd
    2010-08-31 10:06:11 —-D—- C:\Windows\registration
    2010-08-31 10:06:01 —-D—- C:\Windows\Microsoft.NET
    2010-08-31 10:05:12 —-RSD—- C:\Windows\assembly
    2010-08-29 20:11:19 —-SD—- C:\Users\Anjo\AppData\Roaming\Microsoft
    2010-08-29 20:06:53 —-RSD—- C:\Windows\Fonts
    2010-08-26 10:22:57 —-D—- C:\Windows\AppPatch
    2010-08-17 21:59:02 —-D—- C:\Windows\debug
    2010-08-17 11:36:09 —-D—- C:\Windows\SysWOW64\Macromed
    2010-08-17 11:07:21 —-D—- C:\Windows\Downloaded Program Files
    2010-08-11 09:29:03 —-D—- C:\Windows\SysWOW64\migration
    2010-08-11 09:29:03 —-D—- C:\Program Files (x86)\Internet Explorer
    2010-08-11 09:21:56 —-D—- C:\ProgramData\Microsoft Help
    2010-08-10 17:41:51 —-D—- C:\Users\Anjo\AppData\Roaming\Adobe
    2010-08-10 17:41:05 —-D—- C:\Program Files (x86)\Common Files

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS
    vstor64.sys []
    R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys []
    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
    R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
    R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys []
    R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\Internetbeveiliging\HIPS\drivers\fshs.sys [2009-08-05 57920]
    R1 FSES;F-Secure Email Scanning Driver; C:\Windows\System32\drivers\fses.sys []
    R1 FSFW;F-Secure Firewall Driver; C:\Windows\System32\drivers\fsdfw.sys []
    R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\Internetbeveiliging\Anti-Virus\minifilter\fsvista.sys [2009-08-05 14904]
    R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
    R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
    R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
    R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2010-07-22 125888]
    R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
    R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys []
    R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\Internetbeveiliging\Anti-Virus\minifilter\fsgk.sys [2010-09-04 190120]
    R3 LVPr2M64;Logitech LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
    R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys []
    R3 LVUVC64;Logitech Webcam Pro 9000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys []
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS
    etr28x.sys []
    R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys []
    R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS
    vmf6264.sys []
    R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys []
    R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys []
    R3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
    S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS []
    S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
    S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys []
    S3 LVPr2Mon;LVPr2M64 Driver; C:\Windows\system32\DRIVERS\LVPr2M64.sys []
    S3 NVENETFD;NVIDIA nForce-netwerkcontroller; C:\Windows\system32\DRIVERS
    vm62x64.sys []
    S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
    S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
    S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
    S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys []
    S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
    S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
    S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
    S4 F-Secure Filter;F-Secure File System Filter; \??\C:\Program Files (x86)\Internetbeveiliging\Anti-Virus\Win2K\FSfilter.sys [2009-08-05 39776]
    S4 F-Secure Recognizer;F-Secure File System Recognizer; \??\C:\Program Files (x86)\Internetbeveiliging\Anti-Virus\Win2K\FSrec.sys [2009-08-05 25184]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
    R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 F-Secure Gatekeeper Handler Starter;FSGKHS; C:\Program Files (x86)\Internetbeveiliging\Anti-Virus\fsgk32st.exe [2009-08-05 215648]
    R2 FSMA;F-Secure Management Agent; C:\Program Files (x86)\Internetbeveiliging\Common\FSMA32.EXE [2009-08-05 186976]
    R2 LVPrcS64;Process Monitor; C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [2010-05-07 197976]
    R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2010-05-18 935208]
    R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
    R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
    R2 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-06-28 173352]
    R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2010-06-24 92008]
    R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-08-15 135664]
    S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 FSDFWD;F-Secure Anti-Virus Firewall Daemon; C:\Program Files (x86)\Internetbeveiliging\FWES\Program\fsdfwd.exe [2010-09-04 844384]
    S3 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\Internetbeveiliging\ORSP Client\fsorsp.exe [2010-09-04 58024]
    S3 fsssvc;De service Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-04-28 704872]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
    S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

    —————–EOF—————–












  • Hallo Anjo, je hebt naast de F-secure Firewall en de hopelijk gede-activeerde Windows firewall nog een andere firewall aktief!

    Namelijk: de NVIDIA nForce hardware firewall - dit is een buggy firewall van NVidia, welke nutteloos en overbodig is - maar wel voor conflicten kan zorgen!

    Ga daarom naar [b:4acd5da861]Start\Configuratiescherm\Programma’s en onderdelen[/b:4acd5da861] en verwijder daar de NVIDIA nForce-netwerkcontroller.

    Ik ben benieuwd of hiermee je probleem ook verdwenen zal zijn.
  • Check toch ook even je geheugen met mem86…
    Ik lees nergens dat dit al gebeurd is en dit kan ook voor instabiliteit e.d. zorgen.
  • memtest geeft geen fouten. netwerkcontroler verwijderd.
    freeses niet alleen beeld, krijg dan geen enkel respons meer ook taakbeheer wil niet opkomen als Pc echt vastzit.zal nog eens trachten te kijken of ik iets met toolCD van Mobo kan uitvogelen, mss is er een bios update nodig . hoewel ik dat liever niet doe :wink:
    andere suggesties/

    fsecure geeft aantal trojans die ie niet kan verwijderen omdat ie de files niet kan openen, doet een ander progsel dat mss wel/
  • Hoi Anjo,
    voor de onderstaande tools geldt het opstarten ervan met administratorrechten!

    En dan het volgende:

    gebruik nu erst het tool WhoCrashed en sla de gegevens van de scan op in kladblok!
    Want het tool geeft mogelijk meer info omtrent je systeemproblemen.


    WhoCrashed introductie

    WhoCrashed beschrijving

    Download de [i:92d1632fcf]free home edition[/i:92d1632fcf] van [b:92d1632fcf]WhoCrashed[/b:92d1632fcf] naar je bureaublad via klik hier [img:92d1632fcf]http://i65.servimg.com/u/f65/11/35/67/12/whocra10.png[/img:92d1632fcf] en installeer het tool via klikken/dubbelklikken op "[b:92d1632fcf]whocrashedSetup.exe[/b:92d1632fcf]"

    Nadat 'WhoCrashed' is opgestart, klik je op de "[b:92d1632fcf]Analyze[/b:92d1632fcf]" knop.

    Selekteer nu de inhoud van het venster, kopieer dit en post het resultaat in je volgende post.


    [b:92d1632fcf]Download, installeer en blijf MBAM gebruiken[/b:92d1632fcf] (KLIK)
    (klik op de blaue knop om de gratis versie te downloaden!)
    [list:92d1632fcf][*:92d1632fcf] Al meteen na de installatie wil [b:92d1632fcf]MBAM[/b:92d1632fcf] zijn database opwaarderen – toestaan dus.
    [*:92d1632fcf] Ook bij herhaald gebruik: eerst MBAM updaten via de tab [b:92d1632fcf]Update[/b:92d1632fcf]!

    [*:92d1632fcf] Start [b:92d1632fcf]MBAM[/b:92d1632fcf] en kies voor [b:92d1632fcf]Snelle Scan[/b:92d1632fcf]

    [*:92d1632fcf] [b:92d1632fcf]N.B.: Vista- en Windows 7 gebruik(st)ers starten MBAM middels rechtsklikken en dan kiezen voor Als Administrator uitvoeren.[/b:92d1632fcf]

    [*:92d1632fcf] Het scannen kan een tijdje duren, dus wees geduldig.
    [*:92d1632fcf] Indien de scan voltooid is, klik dan op de knop [b:92d1632fcf]OK[/b:92d1632fcf]
    [*:92d1632fcf] Klik daarna op de knop [b:92d1632fcf]Bekijk Resultaten[/b:92d1632fcf] om de resultaten te zien.
    [*:92d1632fcf] Zorg ervoor, dat alles aangevinkt is.
    [*:92d1632fcf] Vervolgens klik je op: [b:92d1632fcf]Verwijder geselecteerde[/b:92d1632fcf] .
    [*:92d1632fcf] Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    [*:92d1632fcf] Het log wordt automatisch bewaard door [b:92d1632fcf]MBAM[/b:92d1632fcf] en dat kan je terugvinden door op de tab [b:92d1632fcf]Logs[/b:92d1632fcf] te klikken in [b:92d1632fcf]MBAM[/b:92d1632fcf] .

    [*:92d1632fcf] Indien [b:92d1632fcf]MBAM[/b:92d1632fcf] moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op [b:92d1632fcf]OK[/b:92d1632fcf] klikken!
    [*:92d1632fcf] Daarna zal [b:92d1632fcf]MBAM[/b:92d1632fcf] vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:92d1632fcf]


    Hierna post je de inhoud van het MBAM-log en de gegevens van WhoCrashed
  • :?
    Mag ik de heren bedanken voor de moeite en t meedenken.
    Ben ermee gestopt om alles uit te vogelen.
    Bij controle via taakbeheer bleek mn processor echt continu op 100% te staan.
    Ben aan een herinstallatie begonnen.
    THNXX anjo
  • Oké - succes ermee!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.