Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Trojaans paard

None
27 antwoorden
  • Hey iedereen
    Ik denk dat ik het trojaans paard trojan.win32.Pakes.mxw heb. Ik was iets aan het downloaden toen Kaspersky opeens een melding gaf van een trojaans paard. ik weet niet of het erg is.
    Op google zeiden ze dat het een false positive kan zijn. Maar meer ook niet

    zou iemand kunne kijken?

    Keb al gescand met malwarebytes maar die vind niks.

    hieronder vind u het hijackthis log

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:48:00, on 6/06/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\Thomas De Sterck\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Program Files (x86)\Visual studio 2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O4 - Global Startup: SRS Premium Sound.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Thomas De Sterck\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas De Sterck\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 15056 bytes
  • Hoi Thomas, je gebruikt Windows 7, je gebruikt Kaspersky en je gebruikt volkomen onnodig Teatimer van Spybot!
    Dat is in Windows 7 echt niet nodig en is eerder een stoorzender!

    Ook ten behoeve van de eventuele fix, dient Teatimer gedeaktiveerd te worden!

    [b:bb1f9b2a45]Deaktiveer
  • Ok ik heb teatimer en SDhelper uitgezet. Ik had deze gewoon maar ingeschakeld omdat het bij spybot zat. Dacht dat ze nuttig waren.

    Hieronder vind je het malwarebytes logje


    Malwarebytes' Anti-Malware 1.51.0.1200
    www.malwarebytes.org

    Databaseversie: 6798

    Windows 6.1.7601 Service Pack 1
    Internet Explorer 8.0.7601.17514

    7/06/2011 19:56:12
    mbam-log-2011-06-07 (19-56-12).txt

    Scantype: Snelle scan
    Objecten gescand: 169809
    Verstreken tijd: 5 minuut/minuten, 8 seconde(n)

    Geheugenprocessen geïnfecteerd: 0
    Geheugenmodulen geïnfecteerd: 0
    Registersleutels geïnfecteerd: 0
    Registerwaarden geïnfecteerd: 0
    Registerdata geïnfecteerd: 0
    Mappen geïnfecteerd: 0
    Bestanden geïnfecteerd: 0

    Geheugenprocessen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden geïnfecteerd:
    (Geen kwaadaardige objecten gedetecteerd)
  • Hoi Thomas, doe het volgende:

    [b:859a3a3a9d]Welk programma[/b:859a3a3a9d]: ComboFix
    [b:859a3a3a9d]Waarvoor/waarom[/b:859a3a3a9d]: Zeer specialistische scanner om Windows diepgaand te onderzoeken
    en zo mogelijk op te schonen.
    [b:859a3a3a9d]Moeilijkheidsgraad[/b:859a3a3a9d]: Min of meer lastige voorbereidingsfase, dus lees alles eerst goed.
    [b:859a3a3a9d]Downloadlokatie[/b:859a3a3a9d]: Dit programma absoluut naar het bureaublad downloaden!
    [b:859a3a3a9d]Download ComboFix via één van deze locaties[/b:859a3a3a9d]:
    [list:859a3a3a9d][*:859a3a3a9d][b:859a3a3a9d]Bleepingcomputer[/b:859a3a3a9d]
    [*:859a3a3a9d][b:859a3a3a9d]ForoSpyware[/b:859a3a3a9d]
    [*:859a3a3a9d][b:859a3a3a9d]Geekstogo[/b:859a3a3a9d][/list:u:859a3a3a9d]
    [b:859a3a3a9d]Hier[/b:859a3a3a9d] zie je hoe je ComboFix moet gebruiken.

    Antivirusprogramma en actieve malwarescanners dienen al voor de ComboFix start gedeaktiveert zijn!
    [b:859a3a3a9d]Hier[/b:859a3a3a9d] en [b:859a3a3a9d]hier[/b:859a3a3a9d] vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

    [b:859a3a3a9d]Voor alle duidelijkheid nogmaals[/b:859a3a3a9d]: ComboFix dient vanaf het bureaublad gestart te worden.

    [b:859a3a3a9d]Opmerkingen[/b:859a3a3a9d]:
    [list:859a3a3a9d][*:859a3a3a9d] Bij gebruik van Windows XP zal er mogelijk gevraagd worden, om de "Recovery Console" te installeren! Sta dit dan toe (hiervoor is een actieve internet verbinding vereist).
    [*:859a3a3a9d]Vista- en Windows 7 gebruikers starten Combofix op via rechtsklik met Administratorrechten.
    [*:859a3a3a9d]Alle openstaande programma's en webpagina's dienen afgesloten te zijn.[/list:u:859a3a3a9d]
    [b:859a3a3a9d]ComboFix is opgestart[/b:859a3a3a9d]:
    [list:859a3a3a9d][*:859a3a3a9d]Niet in het zwarte venster klikken, hierdoor kan ComboFix of zelfs Windows geheel "bevriezen"!
    [*:859a3a3a9d]Combofix sluit tijdens de scan de internet verbinding – probeer deze tussentijds niet te herstellen!
    [*:859a3a3a9d]Het kan voorkomen dat de computer meerdere malen opnieuw opgestart moet worden, dit is normaal.
    [*:859a3a3a9d]Wanneer ComboFix gereed is, zal het het een logbestand voor je maken.
    [*:859a3a3a9d]Post de inhoud van dit logbestand in je volgende bericht.
    [*:859a3a3a9d]Indien het log niet opstart, is dit terug tevinden in C:\ComboFix.txt[/list:u:859a3a3a9d]
    [b:859a3a3a9d]Belangrijke opmerking[/b:859a3a3a9d]:
    [list:859a3a3a9d][*:859a3a3a9d][b:859a3a3a9d]
  • Hier is het log van combofix


    ComboFix 11-06-07.03 - Thomas De Sterck 08/06/2011 14:17:29.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2989.1763 [GMT 2:00]
    Gestart vanuit: c:\users\Thomas De Sterck\Desktop\ComboFix.exe
    AV: Kaspersky Anti-Virus *Disabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06}
    SP: Kaspersky Anti-Virus *Disabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\esupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021\Desktop_.ini
    c:\programdata\FullRemove.exe
    c:\users\Thomas De Sterck\AppData\Roaming\chrtmp
    c:\windows\system32\service
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2011-05-08 to 2011-06-08 ))))))))))))))))))))))))))))))
    .
    .
    2011-06-08 15:33 . 2011-06-08 15:33 ——– d—–w- c:\users\Default\AppData\Local\temp
    2011-06-08 15:33 . 2011-06-08 15:33 ——– d—–w- c:\windows\system32\config\systemprofile\AppData\Local\temp
    2011-06-07 17:46 . 2011-05-09 22:00 8718160 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1B0D060B-3D0C-49AC-A569-22012EABB6CA}\mpengine.dll
    2011-06-01 16:32 . 2011-06-01 16:32 ——– d—–w- c:\program files (x86)\Common Files\Java
    2011-06-01 16:31 . 2011-06-01 16:31 ——– d—–w- c:\program files (x86)\Java
    2011-05-25 08:42 . 2011-04-22 22:15 27520 —-a-w- c:\windows\system32\drivers\Diskdump.sys
    2011-05-23 15:30 . 2011-05-23 15:30 ——– d—–w- c:\users\Thomas De Sterck\AppData\Local\TechSmith
    2011-05-23 15:26 . 2011-05-23 15:26 ——– d—–w- c:\windows\SysWow64\QuickTime
    2011-05-23 15:26 . 2011-05-23 15:26 ——– d—–w- c:\program files (x86)\QuickTime
    2011-05-23 15:26 . 2011-05-23 15:26 ——– d—–w- c:\program files (x86)\Common Files\TechSmith Shared
    2011-05-23 15:26 . 2011-05-23 15:26 ——– d—–w- c:\programdata\TechSmith
    2011-05-19 04:01 . 2011-04-09 06:58 142336 —-a-w- c:\windows\system32\poqexec.exe
    2011-05-19 04:01 . 2011-04-09 05:56 123904 —-a-w- c:\windows\SysWow64\poqexec.exe
    2011-05-17 15:49 . 2011-05-17 15:49 ——– d—–w- c:\users\Thomas De Sterck\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2011-05-17 15:27 . 2011-06-07 17:49 404640 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-05-12 18:02 . 2011-05-12 18:02 ——– d-sh–w- c:\users\Thomas De Sterck\wc
    2011-05-12 18:01 . 2011-05-12 18:02 ——– d—–w- c:\users\Thomas De Sterck\AppData\Local\Universe Sandbox
    2011-05-12 18:01 . 2011-05-12 18:02 ——– d-sh–w- c:\users\Thomas De Sterck\AppData\Roaming\wyUpdate AU
    2011-05-11 05:55 . 2011-04-09 07:02 5562240 —-a-w- c:\windows\system32
    toskrnl.exe
    2011-05-11 05:55 . 2011-04-09 06:02 3967872 —-a-w- c:\windows\SysWow64
    tkrnlpa.exe
    2011-05-11 05:55 . 2011-04-09 06:02 3912576 —-a-w- c:\windows\SysWow64
    toskrnl.exe
    2011-05-11 05:55 . 2011-03-25 03:29 343040 —-a-w- c:\windows\system32\drivers\usbhub.sys
    2011-05-11 05:55 . 2011-03-25 03:29 98816 —-a-w- c:\windows\system32\drivers\usbccgp.sys
    2011-05-11 05:55 . 2011-03-25 03:29 325120 —-a-w- c:\windows\system32\drivers\usbport.sys
    2011-05-11 05:55 . 2011-03-25 03:29 52736 —-a-w- c:\windows\system32\drivers\usbehci.sys
    2011-05-11 05:55 . 2011-03-25 03:29 25600 —-a-w- c:\windows\system32\drivers\usbohci.sys
    2011-05-11 05:55 . 2011-03-25 03:29 30720 —-a-w- c:\windows\system32\drivers\usbuhci.sys
    2011-05-11 05:55 . 2011-03-25 03:28 7936 —-a-w- c:\windows\system32\drivers\usbd.sys
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-06-07 17:42 . 2011-04-17 07:35 45056 —-a-w- c:\windows\system32\acovcnt.exe
    2011-06-01 16:31 . 2010-12-23 11:43 472808 —-a-w- c:\windows\SysWow64\deployJava1.dll
    2011-05-29 07:11 . 2011-03-11 10:45 39984 —-a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys
    2011-05-29 07:11 . 2011-03-11 10:45 25912 —-a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-21 01:14 . 2011-05-06 18:05 2478272 —-a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
    2011-05-15 16:39 . 2011-01-04 16:47 268952 —-a-w- c:\windows\SysWow64\PnkBstrB.exe
    2011-05-15 16:39 . 2011-01-04 16:47 268952 —-a-w- c:\windows\SysWow64\PnkBstrB.xtr
    2011-05-15 16:38 . 2011-01-04 16:47 268952 —-a-w- c:\windows\SysWow64\PnkBstrB.ex0
    2011-03-12 12:08 . 2011-04-27 13:35 1465344 —-a-w- c:\windows\system32\XpsPrint.dll
    2011-03-12 11:23 . 2011-04-27 13:35 870912 —-a-w- c:\windows\SysWow64\XpsPrint.dll
    2011-03-11 06:41 . 2011-04-27 13:34 189824 —-a-w- c:\windows\system32\drivers\storport.sys
    2011-03-11 06:41 . 2011-04-27 13:34 1659776 —-a-w- c:\windows\system32\drivers
    tfs.sys
    2011-03-11 06:41 . 2011-04-27 13:34 148352 —-a-w- c:\windows\system32\drivers
    vraid.sys
    2011-03-11 06:41 . 2011-04-27 13:34 166272 —-a-w- c:\windows\system32\drivers
    vstor.sys
    2011-03-11 06:41 . 2011-04-27 13:34 410496 —-a-w- c:\windows\system32\drivers\iaStorV.sys
    2011-03-11 06:41 . 2011-04-27 13:34 27008 —-a-w- c:\windows\system32\drivers\amdxata.sys
    2011-03-11 06:41 . 2011-04-27 13:34 107904 —-a-w- c:\windows\system32\drivers\amdsata.sys
    2011-03-11 06:34 . 2011-04-15 02:15 1359872 —-a-w- c:\windows\system32\mfc42u.dll
    2011-03-11 06:34 . 2011-04-15 02:15 1395712 —-a-w- c:\windows\system32\mfc42.dll
    2011-03-11 06:33 . 2011-04-27 13:34 2565632 —-a-w- c:\windows\system32\esent.dll
    2011-03-11 06:30 . 2011-04-27 13:34 96768 —-a-w- c:\windows\system32\fsutil.exe
    2011-03-11 05:33 . 2011-04-15 02:15 1164288 —-a-w- c:\windows\SysWow64\mfc42u.dll
    2011-03-11 05:33 . 2011-04-15 02:15 1137664 —-a-w- c:\windows\SysWow64\mfc42.dll
    2011-03-11 05:33 . 2011-04-27 13:34 1699328 —-a-w- c:\windows\SysWow64\esent.dll
    2011-03-11 05:31 . 2011-04-27 13:34 74240 —-a-w- c:\windows\SysWow64\fsutil.exe
    2009-04-08 17:31 . 2009-04-08 17:31 106496 —-a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
    2008-08-12 04:45 . 2008-08-12 04:45 155648 —-a-w- c:\program files (x86)\Common Files\MSIactionall.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
    @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
    [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
    2007-06-02 00:08 143360 —-a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-11-03 2429]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-22 98304]
    "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-06-25 6806144]
    "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
    "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
    "Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
    "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe" [2010-05-07 344736]
    "AdobeCS4ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
    "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
    "Malwarebytes' Anti-Malware"="d:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
    .
    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2010-11-3 12862]
    SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-11-3 156952]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 0 (0x0)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    "PromptOnSecureDesktop"= 0 (0x0)
    "EnableLinkedConnections"= 1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=c:\progra~2\KASPER~1\KASPER~1\mzvkbd3.dll
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    R1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-03 135664]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-03 135664]
    R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 VSPerfDrv100;Performance Tools Driver 10.0;d:\program files (x86)\Visual studio 2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
    R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys [x]
    R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
    S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
    S2 MBAMService;MBAMService;d:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
    S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
    S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
    S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
    S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
    S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [x]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [x]
    .
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-03 15:49]
    .
    2011-06-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-03 15:49]
    .
    .
    ——— x86-64 ———–
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
    @="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
    [HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
    2007-06-01 23:52 159744 —-a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
    @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
    [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
    2009-11-26 05:49 70656 —-a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
    @="{64174815-8D98-4CE6-8646-4C039977D808}"
    [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
    2009-11-26 05:49 70656 —-a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
    "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2009-11-19 307768]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://google.be/
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Free YouTube Download - c:\users\Thomas De Sterck\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    IE: Free YouTube to MP3 Converter - c:\users\Thomas De Sterck\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.0.1
    FF - ProfilePath - c:\users\Thomas De Sterck\AppData\Roaming\Mozilla\Firefox\Profiles\r7urnoa9.default\
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
    Wow6432Node-HKLM-Run-NWEReboot - (no file)
    Toolbar-Locked - (no file)
    HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
    HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
    AddRemove-K_Series_ScreenSaver_EN - c:\windows\system32\K_Series_ScreenSaver_EN.scr
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_USERS\S-1-5-21-3662699763-2461931660-4105734476-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
    "??"=hex:f7,90,f8,ed,5b,5c,5b,6a,82,22,e8,ef,36,17,cc,c2,e8,b3,a2,74,b1,6e,ec,
    c0,aa,b9,55,9b,bc,a5,31,74,3b,e3,f2,bb,58,c0,32,4d,b0,a9,a0,5a,c0,38,92,aa,\
    "??"=hex:5d,19,5e,8c,bc,f4,26,6b,bd,57,03,06,9f,dd,34,69
    .
    [HKEY_USERS\S-1-5-21-3662699763-2461931660-4105734476-1001\Software\SecuROM\License information*]
    "datasecu"=hex:d7,36,68,74,e5,50,ce,a2,ce,dc,b0,10,6d,97,bd,c0,38,85,6d,51,49,
    21,81,3b,75,30,3e,2a,27,19,30,36,9f,06,77,97,e2,dd,ce,00,d2,07,a2,85,05,15,\
    "rkeysecu"=hex:4c,32,6a,33,f7,ff,de,8d,0a,a7,7f,1e,3e,93,67,a5
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10r_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10r_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10r.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10r.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10r.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10r.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2011-06-08 17:39:33
    ComboFix-quarantined-files.txt 2011-06-08 15:39
    .
    Pre-Run: 19 569 967 104 bytes beschikbaar
    Post-Run: 19 444 396 032 bytes beschikbaar
    .
    - - End Of File - - BF0F3625DC7890EC7F41760CF3959024





  • Hoi Thomas, heeft die PC van jou een Intel of AMD processor?

    En hoe draait Windows momenteel na de scan?
  • Er zit een intel I5 processor in.

    De computer gaat precies sneller. :d
    De programma's gaan sneller open en zo.
  • Mooi dat het sneller gaat nu.

    Maar ik vroeg dat omdat in het log van ComboFix twee verschillende drivers aantrof voor het zelfde!

    Namelijk van Intel en NVidia!

    Wat heb jij van NVidia in jouw PC zitten!
  • Oei eh niet direct iets van Nvidia. Kan ik dit ergens opzoeken?
    op de laptop staan plakkers van Intel, ATI mobility radeon, Energystar maar zie niks van Nvidia staan
  • Dan lijkt mij het beste, dat we dat ver gaan onderzoeken!
    Want hoe zijn dan o.a. de NVIDIA raiddrivers in jouw Windows terecht gekomen?

    Doe daarom het volgende:

    [b:146675afab]Welk programma[/b:146675afab]: RSIT
    [b:146675afab]Waarvoor/waarom[/b:146675afab]: geeft een zeer uitgebreid overzicht van Windows
    [b:146675afab]Moeilijkheidsgraad[/b:146675afab]: geen
    [b:146675afab]Downloadlokatie[/b:146675afab]: Dit programma absoluut naar het bureaublad downloaden!
    [b:146675afab]Download RSIT[/b:146675afab] [b:146675afab]hier[/b:146675afab]

    [b:146675afab]Het gebruik van RSIT,[/b:146675afab]
    [list:146675afab][*:146675afab]Windows 2000 en Windows XP: start RSIT middels dubbelklik op de snelkoppeling.
    [*:146675afab]Windows Vista en Windows 7: start RSIT middels rechtsklik op de snelkoppeling en kies dan voor "Uitvoeren als administrator".[/list:u:146675afab]
    [b:146675afab]Nadat de scan beëindigd is, zullen twee logs openen.[/b:146675afab]
    [list:146675afab][*:146675afab] Post vervolgens de inhoud van 'log.txt' ('log.txt' zal gemaximaliseerd zijn)
    [*:146675afab] En post ook 'info.txt' ('info.txt' zal eerst geminimaliseerd zijn in de Taakbalk)
    [*:146675afab] Indien je [b:146675afab]info.txt[/b:146675afab] niet vindt, kijk dan in C:\ er naar.[/list:u:146675afab]
    [b:146675afab]Voor gebruikers van Windows Vista 64-bit- of Windows 7 64-bit geldt nog het volgende:[/b:146675afab]
    [list:146675afab][*:146675afab]RSIT dient dan namelijk in 'compatibiliteitsmodus' uitgevoerd te worden.
    [*:146675afab] Middels rechtsklik op 'RSIT.exe' kies je voor 'Eigenschappen',
    [*:146675afab] klik nu op de tab 'Compatibiliteit'.
    [*:146675afab] Vink 'Dit programma uitvoeren in compatibiliteitsmodus' aan en kies vervolgens voor 'Windows XP Service Pack 3'[/list:u:146675afab]
    RSIT produceert een behoorlijk groot log, dus kan het gebeuren, dat je het log moet splitsen en in twee of meerdere keren moet posten.
  • euh ik heb geen idee hoe deze drivers er zijn opgekomen?
    maar euh wat zijn dat raiddrivers?

    Ik zal RSIT straks doen omdat ik nog even wat moet leren voor mijn examen :s
  • Raid is een oplossing met meerdere gelijkwaardige HD's om meer tempo te krijgen!

    Daarvoor zijn niet alleen dus specifieke drivers voor nodig (in Windows), maar de hardware moet het ook ondersteunen!
  • Dit is log.txt

    Logfile of random's system information tool 1.08 (written by random
    andom)
    Run by Thomas De Sterck at 2011-06-08 20:01:20
    Microsoft Windows 7 Home Premium Service Pack 3
    System drive C: has 19 GB (16%) free of 119 GB
    Total RAM: 2989 MB (58% free)

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 20:03:05, on 8/06/2011
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
    C:\Users\Thomas De Sterck\Desktop\RSIT.exe
    C:\Program Files (x86)\trend micro\Thomas De Sterck.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Program Files (x86)\Visual studio 2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
    O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKUS\S-1-5-18\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Default user')
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O4 - Global Startup: SRS Premium Sound.lnk = ?
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Free YouTube Download - C:\Users\Thomas De Sterck\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
    O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Thomas De Sterck\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: &Virtueel Toetsenbord - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: C&ontrole van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll
    O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 13613 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
    Windows Live Family Safety Browser Helper Class - C:\Program Files (x86)\Windows Live\Family Safety\fssbho.dll [2008-12-08 61792]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
    IEVkbdBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\ievkbd.dll [2010-05-07 68280]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    Search Helper - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04 92504]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
    Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-03 256112]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-11-03 761840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
    Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
    Google Dictionary Compression sdch - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-11-03 458736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-06-01 41760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDA57003-0068-4ed2-9D32-4D1EC707D94D}]
    Microsoft Web Test Recorder 10.0 Helper - D:\Program Files (x86)\Visual studio 2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2010-03-19 61360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    Windows Live Toolbar Helper - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
    FilterBHO Class - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\klwtbbho.dll [2010-05-25 191160]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-11-03 256112]
    {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08 1067352]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "UpdateLBPShortCut"=C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
    "UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]
    "Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-11-03 2429]
    "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-01-22 98304]
    "ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-06-25 6806144]
    "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624]
    "HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
    "Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-07-02 1597440]
    "BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
    "AVP"=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-05-07 344736]
    "AdobeCS4ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [2008-08-14 611712]
    "AdobeCS5.5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360]
    "Malwarebytes' Anti-Malware"=D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-05-29 449584]
    "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
    "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
    SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"="C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"=credssp.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\AppInfo]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\BFE]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\bowser]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\dfsc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Dot3Svc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Eaphost]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\EFS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\IKEEXT]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\KeyIso]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\MPSDrv]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\MPSSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\mrxsmb]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\mrxsmb10]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\mrxsmb20]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\NativeWifiP]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork
    discap]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork
    etprofm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\NlaSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Nsi]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork
    siproxy.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\NTDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\PolicyAgent]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Power]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\ProfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\rdbss]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\rdpencdd.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\RpcEptMapper]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\sacsvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\SCardSvr]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\SWPRV]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\TabletInputService]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\TBS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\TrustedInstaller]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\VaultSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\VDS]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\vmms]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\volmgr.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\volmgrx.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\Wlansvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfPf]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfRd]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfSvc]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\WudfUsbccidDriver]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot
    etwork\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "ConsentPromptBehaviorAdmin"=5
    "ConsentPromptBehaviorUser"=3
    "EnableUIADesktopToggle"=0
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableLinkedConnections"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=28
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======File associations======

    .js - edit - C:\Windows\System32\Notepad.exe %1

    ======List of files/folders created in the last 1 months======

    2011-06-08 20:01:20 —-D—- C:\rsit
    2011-06-08 20:01:20 —-D—- C:\Program Files (x86)\trend micro
    2011-06-08 18:07:28 —-SHD—- C:\$RECYCLE.BIN
    2011-06-08 17:39:34 —-A—- C:\ComboFix.txt
    2011-06-08 14:15:27 —-A—- C:\Windows\zip.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\SWSC.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\SWREG.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\sed.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\PEV.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\NIRCMD.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\MBR.exe
    2011-06-08 14:15:27 —-A—- C:\Windows\grep.exe
    2011-06-08 14:15:16 —-D—- C:\Windows\ERDNT
    2011-06-08 14:15:12 —-D—- C:\ComboFix
    2011-06-08 14:15:07 —-D—- C:\Qoobox
    2011-06-01 18:32:07 —-D—- C:\Program Files (x86)\Common Files\Java
    2011-06-01 18:31:46 —-A—- C:\Windows\SysWOW64\javaws.exe
    2011-06-01 18:31:45 —-A—- C:\Windows\SysWOW64\javaw.exe
    2011-06-01 18:31:45 —-A—- C:\Windows\SysWOW64\java.exe
    2011-06-01 18:31:36 —-D—- C:\Program Files (x86)\Java
    2011-05-23 17:26:39 —-D—- C:\Windows\SysWOW64\QuickTime
    2011-05-23 17:26:26 —-D—- C:\Program Files (x86)\QuickTime
    2011-05-23 17:26:23 —-D—- C:\Program Files (x86)\Common Files\TechSmith Shared
    2011-05-23 17:26:21 —-D—- C:\ProgramData\TechSmith
    2011-05-19 06:01:31 —-A—- C:\Windows\SysWOW64\poqexec.exe
    2011-05-17 17:49:49 —-D—- C:\Users\Thomas De Sterck\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    2011-05-12 20:01:56 —-SHD—- C:\Users\Thomas De Sterck\AppData\Roaming\wyUpdate AU
    2011-05-11 07:55:45 —-A—- C:\Windows\SysWOW64
    toskrnl.exe
    2011-05-11 07:55:45 —-A—- C:\Windows\SysWOW64
    tkrnlpa.exe

    ======List of files/folders modified in the last 1 months======

    2011-06-08 20:01:28 —-D—- C:\Windows\Temp
    2011-06-08 20:01:20 —-RD—- C:\Program Files (x86)
    2011-06-08 18:11:19 —-D—- C:\Windows\System32
    2011-06-08 18:11:19 —-D—- C:\Windows\inf
    2011-06-08 18:08:08 —-D—- C:\ProgramData\Kaspersky Lab
    2011-06-08 18:07:01 —-A—- C:\Windows\SysWOW64\log.txt
    2011-06-08 17:33:51 —-D—- C:\Windows
    2011-06-08 17:33:51 —-A—- C:\Windows\system.ini
    2011-06-08 17:33:01 —-D—- C:\ProgramData
    2011-06-08 14:23:37 —-D—- C:\Windows\SysWOW64\drivers
    2011-06-08 14:23:37 —-D—- C:\Windows\SysWOW64
    2011-06-08 14:23:37 —-D—- C:\Windows\AppPatch
    2011-06-08 14:23:34 —-D—- C:\Program Files (x86)\Common Files
    2011-06-07 19:46:50 —-SHD—- C:\System Volume Information
    2011-06-07 19:41:09 —-HD—- C:\Program Files (x86)\InstallShield Installation Information
    2011-06-06 21:31:55 —-SHD—- C:\Windows\Installer
    2011-06-06 21:31:55 —-D—- C:\Config.Msi
    2011-06-02 11:12:09 —-D—- C:\Program Files (x86)\Internet Explorer
    2011-06-01 22:19:17 —-D—- C:\ProgramData\Adobe
    2011-06-01 22:18:37 —-SD—- C:\Users\Thomas De Sterck\AppData\Roaming\Microsoft
    2011-06-01 22:18:37 —-D—- C:\Users\Thomas De Sterck\AppData\Roaming\Adobe
    2011-06-01 18:38:36 —-D—- C:\Program Files (x86)\Common Files\Adobe
    2011-06-01 18:38:32 —-D—- C:\Program Files (x86)\Adobe
    2011-06-01 18:31:37 —-A—- C:\Windows\SysWOW64\deployJava1.dll
    2011-06-01 13:23:37 —-D—- C:\Windows\Prefetch
    2011-05-29 20:01:17 —-A—- C:\Windows\NeroDigital.ini
    2011-05-25 20:46:43 —-D—- C:\Windows\winsxs
    2011-05-22 21:22:05 —-RD—- C:\Program Files
    2011-05-21 03:06:59 —-D—- C:\Program Files (x86)\Common Files\Merge Modules
    2011-05-17 18:41:51 —-D—- C:\ProgramData\regid.1986-12.com.adobe
    2011-05-17 17:49:41 —-D—- C:\Program Files (x86)\Common Files\Adobe AIR
    2011-05-15 18:39:05 —-A—- C:\Windows\SysWOW64\PnkBstrB.exe
    2011-05-12 07:46:52 —-D—- C:\Windows\Minidump

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R0 amdxata;amdxata; C:\Windows\system32\drivers\amdxata.sys []
    R0 AsDsm;AsDsm; C:\Windows\SysWOW64\drivers\AsDsm.sys []
    R0 CLFS;@%SystemRoot%\system32\clfs.sys,-100; C:\Windows\System32\CLFS.sys []
    R0 CNG;CNG; C:\Windows\System32\Drivers\cng.sys []
    R0 FileInfo;@%SystemRoot%\system32\drivers\fileinfo.sys,-100; C:\Windows\system32\drivers\fileinfo.sys []
    R0 fvevol;@%SystemRoot%\system32\drivers\fvevol.sys,-100; C:\Windows\System32\DRIVERS\fvevol.sys []
    R0 hwpolicy;@%systemroot%\system32\drivers\hwpolicy.sys,-101; C:\Windows\System32\drivers\hwpolicy.sys []
    R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
    R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys []
    R0 KSecPkg;KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys []
    R0 lullaby;lullaby; C:\Windows\system32\DRIVERS\lullaby.sys []
    R0 msahci;msahci; C:\Windows\system32\drivers\msahci.sys []
    R0 msisadrv;msisadrv; C:\Windows\system32\drivers\msisadrv.sys []
    R0 pcw;Performance Counters for Windows Driver; C:\Windows\System32\drivers\pcw.sys []
    R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
    R0 spldr;Security Processor Loader Driver; C:\Windows\SysWOW64\drivers\spldr.sys []
    R0 vdrvroot;Microsoft Virtual Drive Enumerator-stuurprogramma; C:\Windows\system32\drivers\vdrvroot.sys []
    R0 volmgr;Stuurprogramma voor Volumebeheer; C:\Windows\system32\drivers\volmgr.sys []
    R0 volmgrx;@%SystemRoot%\system32\drivers\volmgrx.sys,-100; C:\Windows\System32\drivers\volmgrx.sys []
    R0 Wdf01000;Kernel Mode Driver Frameworks service; C:\Windows\system32\drivers\Wdf01000.sys []
    R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys []
    R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys []
    R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []
    R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys []
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys []
    R1 nsiproxy;@%SystemRoot%\system32\drivers
    siproxy.sys,-2; C:\Windows\system32\drivers
    siproxy.sys []
    R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys []
    R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []
    R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys []
    R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
    R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys []
    R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []
    R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
    R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys []
    R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys []
    R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys []
    R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys []
    R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys []
    R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys []
    R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys []
    R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
    R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []
    R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys []
    R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys []
    R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys []
    R3 CompositeBus;Stuurprogramma voor Composite Bus Enumerator; C:\Windows\system32\drivers\CompositeBus.sys []
    R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys []
    R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []
    R3 HDAudBus;Microsoft UAA Bus-stuurprogramma voor High Definition Audio; C:\Windows\system32\drivers\HDAudBus.sys []
    R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys []
    R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\Windows\system32\DRIVERS\hidusb.sys []
    R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys []
    R3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys []
    R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys []
    R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys []
    R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []
    R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys []
    R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
    R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []
    R3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys [2009-02-24 255552]
    R3 monitor;Microsoft Monitor Class Function Driver Service; C:\Windows\system32\DRIVERS\monitor.sys []
    R3 mouhid;Stuurprogramma voor muis-HID; C:\Windows\system32\DRIVERS\mouhid.sys []
    R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys []
    R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys []
    R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys []
    R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []
    R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS
    wifi.sys []
    R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []
    R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys []
    R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
    R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys []
    R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys []
    R3 tunnel;Stuurprogramma voor Microsoft IPv6 Tunnel-minipoortadapter; C:\Windows\system32\DRIVERS\tunnel.sys []
    R3 umbus;UMBus Enumerator-stuurprogramma; C:\Windows\system32\drivers\umbus.sys []
    R3 usbccgp;Microsoft algemeen hoofd-USB-stuurprogramma; C:\Windows\system32\DRIVERS\usbccgp.sys []
    R3 vwifibus;Virtual WiFi Bus Driver; C:\Windows\system32\DRIVERS\vwifibus.sys []
    R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
    R3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys []
    R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []
    S1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys []
    S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\drivers\1394ohci.sys []
    S3 AcpiPmi;Stuurprogramma voor ACPI-compatibele energiemeter; C:\Windows\system32\drivers\acpipmi.sys []
    S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys []
    S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys []
    S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys []
    S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\drivers\agp440.sys []
    S3 amdide;amdide; C:\Windows\system32\drivers\amdide.sys []
    S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys []
    S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []
    S3 amdsata;amdsata; C:\Windows\system32\drivers\amdsata.sys []
    S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []
    S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []
    S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys []
    S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys []
    S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []
    S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
    S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys []
    S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys []
    S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys []
    S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys []
    S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys []
    S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys []
    S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys []
    S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
    S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys []
    S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []
    S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys []
    S3 ErrDev;Stuurprogramma voor Microsoft Hardware Error Device; C:\Windows\system32\drivers\errdev.sys []
    S3 exfat;exFAT File System Driver; C:\Windows\SysWOW64\drivers\exfat.sys []
    S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys []
    S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []
    S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []
    S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys []
    S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []
    S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys []
    S3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []
    S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys []
    S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys []
    S3 HpSAMD;HpSAMD; C:\Windows\system32\drivers\HpSAMD.sys []
    S3 iaStorV;Intel RAID Controller Windows 7; C:\Windows\system32\drivers\iaStorV.sys []
    S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys []
    S3 IPMIDRV;IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys []
    S3 iScsiPrt;iScsiPort-stuurprogramma; C:\Windows\system32\drivers\msiscsi.sys []
    S3 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\Windows\system32\DRIVERS\kbdhid.sys []
    S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys []
    S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys []
    S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []
    S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys []
    S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys []
    S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []
    S3 mpio;Stuurprogramma voor Microsoft mulitpad bus; C:\Windows\system32\drivers\mpio.sys []
    S3 msdsm;Specifieke module voor Microsoft multipadapparaat; C:\Windows\system32\drivers\msdsm.sys []
    S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []
    S3 MsRPC;MsRPC; C:\Windows\SysWOW64\drivers\MsRPC.sys []
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
    S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []
    S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS
    discap.sys []
    S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS
    frd960.sys []
    S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\drivers
    v_agp.sys []
    S3 nvraid;nvraid; C:\Windows\system32\drivers
    vraid.sys []
    S3 nvstor;nvstor; C:\Windows\system32\drivers
    vstor.sys []
    S3 ohci1394;1394 OHCI Compliant Host Controller (oude versie); C:\Windows\system32\drivers\ohci1394.sys []
    S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys []
    S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys []
    S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys []
    S3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []
    S3 sbp2port;SBP-2 Transport/Protocol-busstuurprogramma; C:\Windows\system32\drivers\sbp2port.sys []
    S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []
    S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
    S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys []
    S3 sffdisk;SFF Storage Class-stuurprogramma; C:\Windows\system32\drivers\sffdisk.sys []
    S3 sffp_mmc;Stuurprogramma volgens SFF-opslagprotocol voor MMC; C:\Windows\system32\drivers\sffp_mmc.sys []
    S3 sffp_sd;Stuurprogramma volgens SFF-opslagprotocol voor SDBus; C:\Windows\system32\drivers\sffp_sd.sys []
    S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []
    S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys []
    S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys []
    S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys []
    S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []
    S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys []
    S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys []
    S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
    S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys []
    S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\drivers\uliagpkx.sys []
    S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []
    S3 usbcir;eHome-infraroodontvanger (USBCIR); C:\Windows\system32\drivers\usbcir.sys []
    S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys []
    S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\Windows\system32\drivers\USBSTOR.SYS []
    S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\Windows\system32\drivers\usbuhci.sys []
    S3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys []
    S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys []
    S3 vhdmp;vhdmp; C:\Windows\system32\drivers\vhdmp.sys []
    S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys []
    S3 VSPerfDrv100;Performance Tools Driver 10.0; \??\D:\Program Files (x86)\Visual studio 2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [2010-03-17 68440]
    S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys []
    S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys []
    S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []
    S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
    S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
    S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys []
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
    S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys []
    S4 RsFx0103;RsFx0103 Driver; C:\Windows\system32\DRIVERS\RsFx0103.sys []
    S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []
    R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
    R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
    R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
    R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 AVP;Kaspersky Anti-Virus-service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe [2010-05-07 344736]
    R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-10-01 262144]
    R2 MBAMService;MBAMService; D:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640]
    R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2009-03-30 57617752]
    R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-05-04 503080]
    R2 NlaSvc;@%SystemRoot%\System32
    lasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 nsi;@%SystemRoot%\system32
    sisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-01-04 75136]
    R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
    R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2008-12-04 226640]
    R2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []
    R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-07-10 157720]
    R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
    R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R2 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe []
    R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
    R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
    R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2010-11-05 42856]
    R3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe []
    R3 netprofm;@%SystemRoot%\system32
    etprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
    R3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    R3 TurboBoost;TurboBoost; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-08-06 118672]
    R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    R3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-03 135664]
    S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
    S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []
    S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2010-11-20 696832]
    S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 127488]
    S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-12-22 655624]
    S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
    S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-03 135664]
    S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-11-03 182768]
    S3 idsvc;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2010-11-05 856400]
    S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
    S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
    S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]
    S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe []
    S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2010-11-20 194048]
    S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe []
    S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []
    S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe []
    S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
    S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
    S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
    S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
    S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
    S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
    S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
    S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 NetTcpPortSharing;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
    S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-03-30 427880]
    S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2009-03-30 254808]

    —————–EOF—————–


































































  • Dit is info.txt

    info.txt logfile of random's system information tool 1.08 2011-06-08 20:03:13

    ======Uninstall list======

    –>C:\Program Files (x86)\Ahead
    ero\uninstall\UNNERO.exe /UNINSTALL
    –>C:\Windows\UNNeroVision.exe /UNINSTALL
    –>C:\Windows\UNNMP.exe /UNINSTALL
    –>MsiExec /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
    18 Wheels of Steel - Across America–>D:\PROGRA~1\Valusoft\18WHEE~1\UNWISE.EXE D:\PROGRA~1\Valusoft\18WHEE~1\INSTALL.LOG
    18 Wheels of Steel American Long Haul 1.00–>D:\Program Files (x86)\18 Wheels of Steel American Long Haul\Uninstall.exe
    Acrobat.com–>MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
    Adobe AIR–>C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR–>MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
    Adobe Anchor Service CS4–>MsiExec.exe /I{1618734A-3957-4ADD-8199-F973763109A8}
    Adobe CSI CS4–>MsiExec.exe /I{0F723FC1-7606-4867-866C-CE80AD292DAF}
    Adobe Device Central CS4–>MsiExec.exe /I{67F0E67A-8E93-4C2C-B29D-47C48262738A}
    Adobe Download Assistant–>msiexec /qb /x {66336E9B-5482-B5FB-94F0-405874EE3541}
    Adobe Download Assistant–>MsiExec.exe /I{66336E9B-5482-B5FB-94F0-405874EE3541}
    Adobe Dreamweaver CS4–>C:\Program Files (x86)\Common Files\Adobe\Installers\acce07fd2c8fe7f9e3f26243e626578\Setup.exe –uninstall=1
    Adobe Dreamweaver CS5.5–>C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe –appletID="DWA_UI" –appletVersion="1.0" –mode="Uninstall" –mediaSignature="{0215A652-E081-4B09-9333-DC85AAB67FFA}"
    Adobe ExtendScript Toolkit CS4–>MsiExec.exe /I{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}
    Adobe Extension Manager CS4–>MsiExec.exe /I{054EFA56-2AC1-48F4-A883-0AB89874B972}
    Adobe Flash Player 10 ActiveX–>C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10r_ActiveX.exe -maintain activex
    Adobe Flash Player 10 Plugin–>C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe -maintain plugin
    Adobe Reader X (10.0.1) - Nederlands–>MsiExec.exe /I{AC76BA86-7AD7-1043-7B44-AA0000000001}
    Adobe Search for Help–>MsiExec.exe /I{F0E64E2E-3A60-40D8-A55D-92F6831875DA}
    Adobe Service Manager Extension–>MsiExec.exe /I{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}
    Adobe Setup–>MsiExec.exe /I{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}
    Adobe Update Manager CS4–>MsiExec.exe /I{05308C4E-7285-4066-BAE3-6B50DA6ED755}
    ASUS AI Recovery–>MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}
    ASUS AP Bank–>"C:\Program Files (x86)\ASUS\ASUS AP Bank\unins000.exe"
    ASUS CopyProtect–>MsiExec.exe /I{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}
    ASUS Data Security Manager–>MsiExec.exe /X{FA2092C5-7979-412D-A962-6485274AE1EE}
    ASUS FancyStart–>MsiExec.exe /I{2B81872B-A054-48DA-BE3B-FA5C164C303A}
    ASUS LifeFrame3–>MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
    ASUS Live Update–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9
    ASUS MultiFrame–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9
    ASUS SmartLogon–>MsiExec.exe /I{64452561-169F-4A36-A2FF-B5E118EC65F5}
    ASUS Splendid Video Enhancement Technology–>MsiExec.exe /I{0969AF05-4FF6-4C00-9406-43599238DE0D}
    ASUS Virtual Camera–>MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}
    ASUS WebStorage–>C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe
    ATK Package–>MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}
    Boingo Wi-Fi–>MsiExec.exe /X{B653A2EC-D816-4498-A4FD-651047AB9DC9}
    Bookworm Deluxe–>C:\Program Files (x86)\Asus\Game Park\Bookworm Deluxe\Uninstall.exe
    Camtasia Studio 7–>MsiExec.exe /I{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}
    Capitalism II–>MsiExec.exe /I{B21D0BC6-C31A-4A70-8079-97BAC6D56C6F}
    Catalyst Control Center - Branding–>MsiExec.exe /I{AB3C268A-E54B-4F6D-BF97-2DFCEEFA94F5}
    Choice Guard–>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
    Connect–>MsiExec.exe /I{B29AD377-CC12-490A-A480-1452337C618D}
    ControlDeck–>MsiExec.exe /I{5B65EF64-1DFA-414A-8C94-7BB726158E21}
    Cooking Dash–>C:\Program Files (x86)\Asus\Game Park\Cooking Dash\Uninstall.exe
    Crystal Reports for Visual Studio–>MsiExec.exe /I{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}
    CyberLink LabelPrint–>"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
    CyberLink LabelPrint–>"C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe" /z-uninstall
    CyberLink Power2Go–>"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
    CyberLink Power2Go–>"C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe" /z-uninstall
    De Sims™ 3–>"C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -runfromtemp -l0x0013 -removeonly
    Definition update for Microsoft Office 2010 (KB982726)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}" "1033" "0"
    DivX Subtitle Displayer 4.54–>"D:\Program Files (x86)\DivX Subtitle Displayer\unins000.exe"
    Dotfuscator Software Services - Community Edition–>MsiExec.exe /X{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}
    EA Download Manager–>C:\Program Files (x86)\Electronic Arts\EADM\EADMUI\EADMUninstall.exe
    EpicBot–>C:\Program Files (x86)\EpicBot\uninst.exe
    Football Manager 2011–>"C:\Program Files (x86)\Sports Interactive\Football Manager 2011\Uninstall_Football Manager 2011\Uninstall Football Manager 2011.exe"
    Free Audio CD to MP3 Converter version 1.3.8.324–>"C:\Program Files (x86)\DVDVideoSoft\Free Audio CD to MP3 Converter\unins000.exe"
    Free Audio Converter version 2.2.16.324–>"C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\unins000.exe"
    Free Studio version 5.0.4–>"D:\Program Files (x86)\Free Studio\unins000.exe"
    Free YouTube Download version 2.10.33.324–>"C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\unins000.exe"
    Game Park Console–>"C:\Program Files (x86)\Asus\Game Park\GameConsole\unins000.exe"
    Google Chrome–>"C:\Program Files (x86)\Google\Chrome\Application\12.0.742.91\Installer\setup.exe" –uninstall –system-level
    Google Toolbar for Internet Explorer–>"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe" /uninstall
    Google Toolbar for Internet Explorer–>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
    Google Update Helper–>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Governor of Poker–>C:\Program Files (x86)\Asus\Game Park\Governor of Poker\Uninstall.exe
    GTA San Andreas–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
    High-Definition Video Playback–>MsiExec.exe /X{237CCB62-8454-43E3-B158-3ACD0134852E}
    Hotel Dash Suite Success–>C:\Program Files (x86)\Asus\Game Park\Hotel Dash Suite Success\Uninstall.exe
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB945282)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946040)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946308)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB946344)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947540)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB947789)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB948127)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (KB951708)–>C:\Windows\SysWOW64\msiexec.exe /package {DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (KB944899)–>C:\Windows\SysWOW64\msiexec.exe /package {90A80D89-A0E4-33C1-B13D-B93CB3496867} /uninstall /qb+ REBOOTPROMPT=""
    Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2455033)–>C:\Windows\SysWOW64\msiexec.exe /package {BC0464FA-A0BA-3E38-85BF-DC5B3A401F48} /uninstall {533F5F1D-F17E-3ECD-990C-C430069A54A5} /qb+ REBOOTPROMPT=""
    Intel(R) Management Engine Components–>C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
    Intel(R) Turbo Boost Technology Driver–>C:\Program Files (x86)\Intel\Intel(R) Turbo Boost Technology Driver\Uninstall\setup.exe -uninstall -iips
    Java(TM) 6 Update 25–>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}
    Jewel Quest 3–>C:\Program Files (x86)\Asus\Game Park\Jewel Quest 3\Uninstall.exe
    JMicron Ethernet Adapter NDIS Driver–>"C:\Program Files (x86)\JMicron\JME_DIR\setup.exe" delpkg
    JMicron Flash Media Controller Driver–>"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg
    Junk Mail filter update–>MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
    K_Series_ScreenSaver_EN–>C:\Windows\system32\K_Series_ScreenSaver_EN.scr /u
    Kaspersky Anti-Virus 2011–>MsiExec.exe /I{66F1F013-008F-4875-B283-5A814B820347}
    Kaspersky Anti-Virus 2011–>MsiExec.exe /I{66F1F013-008F-4875-B283-5A814B820347}
    kuler–>MsiExec.exe /I{098727E1-775A-4450-B573-3F441F1CA243}
    Luxor 3–>C:\Program Files (x86)\Asus\Game Park\Luxor 3\Uninstall.exe
    Magic ISO Maker v5.5 (build 0281)–>D:\PROGRA~1\MagicISO\UNWISE.EXE D:\PROGRA~1\MagicISO\INSTALL.LOG
    MagicDisc 2.7.106–>C:\PROGRA~2\MAGICD~1\UNWISE.EXE C:\PROGRA~2\MAGICD~1\INSTALL.LOG
    Mahjongg dimensions–>C:\Program Files (x86)\Asus\Game Park\Mahjongg dimensions\Uninstall.exe
    Malwarebytes' Anti-Malware versie 1.51.0.1200–>"D:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft .NET Framework 4 Multi-Targeting Pack–>MsiExec.exe /I{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}
    Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools–>MsiExec.exe /X{40416836-56CC-4C0E-A6AF-5C34BADCE483}
    Microsoft ASP.NET MVC 2–>MsiExec.exe /X{1803A630-3C38-4D2B-9B9A-0CB37243539C}
    Microsoft Office Access MUI (English) 2010–>MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2010–>MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2010–>MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2010–>MsiExec.exe /X{90140000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2010–>MsiExec.exe /X{90140000-0044-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2010–>MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2010–>MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2010–>MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Professional Plus 2010–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
    Microsoft Office Professional Plus 2010–>MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2010–>MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2010–>MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2010–>MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2010–>MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2010–>MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2010–>MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2010–>MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2010–>MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}
    Microsoft Search Enhancement Pack–>MsiExec.exe /I{299CF645-48C7-4FA1-8BCD-5CE200CF180D}
    Microsoft Silverlight 3 SDK–>MsiExec.exe /X{2012098D-EEE9-4769-8DD3-B038050854D4}
    Microsoft Silverlight–>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]–>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft SQL Server 2008 Browser–>MsiExec.exe /X{C688457E-03FD-4941-923B-A27F4D42A7DD}
    Microsoft SQL Server 2008 R2 Data-Tier Application Framework–>MsiExec.exe /I{0DDCEC37-369C-484B-B16D-B4413FD42FB9}
    Microsoft SQL Server 2008 R2 Data-Tier Application Project–>MsiExec.exe /I{E5AE9031-79A5-4627-9641-BEFA82819B08}
    Microsoft SQL Server 2008 R2 Management Objects–>MsiExec.exe /I{4E968D9C-21A7-4915-B698-F7AEB913541D}
    Microsoft SQL Server 2008 R2 Transact-SQL Language Service–>MsiExec.exe /I{78C3657E-742C-40B1-9F53-E5A921D40F17}
    Microsoft SQL Server Compact 3.5 SP1 Design Tools English–>MsiExec.exe /X{0C19D563-5F25-4621-BF10-01F741BD283F}
    Microsoft SQL Server Compact 3.5 SP2 ENU–>MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497}
    Microsoft SQL Server Database Publishing Wizard 1.4–>MsiExec.exe /I{ACE28263-76A4-4BF5-B6F4-8BD719595969}
    Microsoft SQL Server System CLR Types–>MsiExec.exe /I{2A2F3AE8-246A-4252-BB26-1BEB45627074}
    Microsoft Sync Framework Runtime Native v1.0 (x86)–>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
    Microsoft Sync Framework SDK v1.0 SP1–>MsiExec.exe /I{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}
    Microsoft Sync Framework Services Native v1.0 (x86)–>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
    Microsoft Visual Basic 2008 Express Edition with SP1 - ENU–>C:\Program Files (x86)\Microsoft Visual Studio 9.0\Microsoft Visual Basic 2008 Express Edition with SP1 - ENU\setup.exe
    Microsoft Visual Basic 2008 Express Edition with SP1 - ENU–>MsiExec.exe /X{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053–>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
    Microsoft Visual C++ 2005 Redistributable - KB2467175–>MsiExec.exe /X{a0fe116e-9a8a-466f-aee0-625cb7c207e3}
    Microsoft Visual C++ 2005 Redistributable–>MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148–>MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570–>MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17–>MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148–>MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974–>MsiExec.exe /X{B7E38540-E355-3503-AFD7-635B2F2F76E1}
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729–>MsiExec.exe /X{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}
    Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319–>MsiExec.exe /X{6A86554B-8928-30E4-A53C-D7337689134D}
    Microsoft Visual F# 2.0 Runtime–>MsiExec.exe /X{729A3000-BC8A-3B74-BA5D-5068FE12D70C}
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140)–>C:\Windows\SysWOW64\msiexec.exe /package {90A80D89-A0E4-33C1-B13D-B93CB3496867} /uninstall /qb+ REBOOTPROMPT=""
    Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools–>MsiExec.exe /X{14DD7530-CCD2-3798-B37D-3839ED6A441C}
    Microsoft Visual Studio 2010 SharePoint Developer Tools–>MsiExec.exe /X{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}
    Microsoft Visual Studio 2010 Ultimate - ENU–>D:\Program Files (x86)\Visual studio 2010\Microsoft Visual Studio 2010 Ultimate - ENU\setup.exe
    Microsoft Visual Studio Macro Tools–>msiexec.exe /uninstall {6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
    Microsoft Visual Studio Macro Tools–>MsiExec.exe /X{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}
    Microsoft WSE 3.0 Runtime–>MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
    Microsoft_VC80_CRT_x86–>MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
    Microsoft_VC80_MFC_x86–>MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
    Microsoft_VC80_MFCLOC_x86–>MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
    Microsoft_VC90_ATL_x86–>MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
    Microsoft_VC90_CRT_x86–>MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
    Microsoft_VC90_MFC_x86–>MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
    Microsoft_VC90_MFCLOC_x86–>MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
    Mozilla Firefox 4.0.1 (x86 nl)–>C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
    MSVCRT–>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
    MSXML 4.0 SP3 Parser (KB973685)–>MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44}
    MySQL Connector/ODBC 3.51–>MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723}
    Nero 10 ClipartPack–>MsiExec.exe /X{96ED4B78-300E-4033-AE6C-C115CEB4DF07}
    Nero 10 Menu TemplatePack 1–>MsiExec.exe /X{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}
    Nero 10 Menu TemplatePack 2–>MsiExec.exe /X{E712C273-7564-4C8E-AA59-0FA19BC35117}
    Nero 10 Menu TemplatePack 3–>MsiExec.exe /X{92146419-AE44-4C8B-A48B-0ABB1B5EC026}
    Nero 10 Menu TemplatePack Basic–>MsiExec.exe /X{63AA3EAB-23BB-48B2-9AD0-44F878075604}
    Nero 10 Movie ThemePack 1–>MsiExec.exe /X{43FBAB46-5969-4200-9958-1FF81FEE506F}
    Nero 10 Movie ThemePack 2–>MsiExec.exe /X{70F19404-B96C-4EBB-AD2B-3574F8736197}
    Nero 10 Movie ThemePack 3–>MsiExec.exe /X{DD238642-14C7-4D54-8BD7-FAD6DEA9999B}
    Nero 10 Movie ThemePack 4–>MsiExec.exe /X{A70B0C7B-3527-4D53-A694-E9492ECE9EE1}
    Nero 10 Movie ThemePack Basic–>MsiExec.exe /X{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}
    Nero 10 PiP EffectPack 1–>MsiExec.exe /X{EF3A4DAE-F16F-4AC1-87BB-FE00A784084F}
    Nero 10 Sample ImagePack–>MsiExec.exe /X{ACD15FDF-FC42-4175-B477-576F92FF2256}
    Nero 10 Sample Videos–>MsiExec.exe /X{92A10E9D-EA00-4A46-8F22-EEA660992D61}
    Nero 10 Video TransitionPack 1–>MsiExec.exe /X{85BEC8F6-9AA3-43FF-B56B-8276277137B3}
    Nero BackItUp 10 Help (CHM)–>MsiExec.exe /X{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}
    Nero BackItUp 10–>MsiExec.exe /X{68AB6930-5BFF-4FF6-923B-516A91984FE6}
    Nero Burning ROM 10–>MsiExec.exe /X{7A5D731D-B4B3-490E-B339-75685712BAAB}
    Nero BurningROM 10 Help (CHM)–>MsiExec.exe /X{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}
    Nero BurnRights 10 Help (CHM)–>MsiExec.exe /X{555868C6-49FB-484F-BB43-8980651A1B00}
    Nero BurnRights 10–>MsiExec.exe /X{943CFD7D-5336-47AF-9418-E02473A5A517}
    Nero Control Center 10–>MsiExec.exe /X{6DFB899F-17A2-48F0-A533-ED8D6866CF38}
    Nero ControlCenter 10 Help (CHM)–>MsiExec.exe /X{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}
    Nero Core Components 10–>MsiExec.exe /X{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}
    Nero CoverDesigner 10 Help (CHM)–>MsiExec.exe /X{C3273C55-E1E4-41FF-8D69-0158090DB8D8}
    Nero CoverDesigner 10–>MsiExec.exe /X{FCF00A6E-FB58-477A-ABE9-232907105521}
    Nero DiscSpeed 10 Help (CHM)–>MsiExec.exe /X{C18A0418-442A-4186-AF98-D08F5054A2FC}
    Nero DiscSpeed 10–>MsiExec.exe /X{34490F4E-48D0-492E-8249-B48BECF0537C}
    Nero Dolby Files 10–>MsiExec.exe /X{C3580AC4-C827-4332-B935-9A282ED5BB97}
    Nero Express 10 Help (CHM)–>MsiExec.exe /X{33643918-7957-4839-92C7-EA96CB621A98}
    Nero Express 10–>MsiExec.exe /X{70550193-1C22-445C-8FA4-564E155DB1A7}
    Nero InfoTool 10 Help (CHM)–>MsiExec.exe /X{66049135-9659-4AAD-9169-9CCA269EBB3E}
    Nero InfoTool 10–>MsiExec.exe /X{F412B4AF-388C-4FF5-9B2F-33DB1C536953}
    Nero MediaHub 10 Help (CHM)–>MsiExec.exe /X{F467862A-D9CA-47ED-8D81-B4B3C9399272}
    Nero MediaHub 10–>MsiExec.exe /X{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}
    Nero Multimedia Suite 10 Platinum HD–>MsiExec.exe /I{277C1559-4CF7-44FF-8D07-98AA9C13AABD}
    Nero Recode 10 Help (CHM)–>MsiExec.exe /X{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}
    Nero Recode 10–>MsiExec.exe /X{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}
    Nero RescueAgent 10 Help (CHM)–>MsiExec.exe /X{92E25238-61A3-4ACD-A407-3C480EEF47A7}
    Nero RescueAgent 10–>MsiExec.exe /X{E337E787-CF61-4B7B-B84F-509202A54023}
    Nero SoundTrax 10 Help (CHM)–>MsiExec.exe /X{16987E99-C95C-4513-9239-7B44A0A71DB5}
    Nero SoundTrax 10–>MsiExec.exe /X{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}
    Nero StartSmart 10 Help (CHM)–>MsiExec.exe /X{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}
    Nero StartSmart 10–>MsiExec.exe /X{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}
    Nero Suite–>C:\Program Files (x86)\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""
    Nero Update–>MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}
    Nero Vision 10 Help (CHM)–>MsiExec.exe /X{329411A0-19F3-4740-874F-17400B126F27}
    Nero Vision 10–>MsiExec.exe /X{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}
    Nero WaveEditor 10 Help (CHM)–>MsiExec.exe /X{7A295D8F-484B-4FFB-89AB-C1FD497591FE}
    Nero WaveEditor 10–>MsiExec.exe /X{EDCDFAD5-DF80-4600-A493-E9DAD6810230}
    NVIDIA PhysX–>MsiExec.exe /X{DEA314C4-0929-4250-BC92-98E4C105F28D}
    OpenTTD 1.0.5–>D:\Program Files (x86)\Open TTD\uninstall.exe
    Plants vs Zombies–>C:\Program Files (x86)\Asus\Game Park\Plants vs Zombies\Uninstall.exe
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)–>C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)–>C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)–>C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Extended\setup.exe /uninstallpatch {3162617C-537F-3BB6-8D0C-C6021F442391} /parameterfolder Extended
    Security Update for Microsoft Excel 2010 (KB2466146)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D3B2D30-46D3-4DC0-BA73-85306B10E0AE}" "1033" "0"
    Security Update for Microsoft Office 2010 (KB2289078)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{1D1A4F08-2F17-475B-BA72-476CE5992FEE}" "1033" "0"
    Security Update for Microsoft Office 2010 (KB2289161)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{F134C2C6-30B3-4169-A325-58482B4CE6FC}" "1033" "0"
    Security Update for Microsoft PowerPoint 2010 (KB2519975)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}" "1033" "0"
    Security Update for Microsoft Publisher 2010 (KB2409055)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C3C277D5-36E3-4B1A-926A-175B2BC019CF}" "1033" "0"
    Security Update for Microsoft Word 2010 (KB2345000)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}" "1033" "0"
    Spybot - Search & Destroy–>"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
    SSIII Solo Ultratus 1.2–>C:\Program Files (x86)\SSIII Solo Ultratus\uninst.exe
    Stronghold 2–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{16D2C649-CBA8-44EE-B730-12584667D487}\setup.exe" -l0x9 -removeonly
    Suite Shared Configuration CS4–>MsiExec.exe /I{842B4B72-9E8F-4962-B3C1-1C422A5C4434}
    syncables desktop SE–>MsiExec.exe /X{341697D8-9923-445E-B42A-529E5A99CB7A}
    Tropico–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{818FB39B-1A57-4F1B-A54D-391C33D6C596}\setup.exe" -l0x9
    Uninstall 1.0.0.1–>"C:\Program Files (x86)\Common Files\DVDVideoSoft\unins000.exe"
    Update for Microsoft .NET Framework 4 Client Profile (KB2473228)–>C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client
    Update for Microsoft Office 2010 (KB2202188)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{86B7A074-265D-420C-9E1E-7A920EF0ECA7}" "1033" "0"
    Update for Microsoft Office 2010 (KB2413186)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{556146F7-74AE-4E0A-B64F-5B8B93469F61}" "1033" "0"
    Update for Microsoft Office 2010 (KB2413186)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B5516874-E926-4BFD-B412-D0E70112F244}" "1033" "0"
    Update for Microsoft Office 2010 (KB2413186)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{D6CE7280-6EE3-419A-8F47-DB111C040B1B}" "1033" "0"
    Update for Microsoft Office 2010 (KB2494150)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1033" "0"
    Update for Microsoft OneNote 2010 (KB2493983)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{309EEC22-83CE-4109-B019-BA9392FAA322}" "1033" "0"
    Update for Microsoft Outlook Social Connector (KB2441641)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}" "1033" "0"
    Update for Microsoft Outlook Social Connector (KB2441641)–>"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe"
    emovereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{10B78785-65AE-4FDB-B598-73A8EC8598B0}" "1033" "0"
    Update for Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (KB982305)–>C:\Windows\SysWOW64\msiexec.exe /package {BD430C50-784F-32CD-87E7-A8C47EE6107F} /uninstall /qb+ REBOOTPROMPT=""
    Uplink–>C:\PROGRA~2\STRATE~1\Uplink\UNWISE.EXE C:\PROGRA~2\STRATE~1\Uplink\INSTALL.LOG
    Victoria Revolutions 1.0–>"D:\Paradox Entertainement\unins000.exe"
    Victoria–>RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B}\Setup.exe" -l0x9
    Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU–>MsiExec.exe /X{112C23F2-C036-4D40-BED4-0CB47BF5555C}
    Windows Live - Hulpprogramma voor uploaden–>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
    Windows Live aanmeldhulp–>MsiExec.exe /I{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}
    Windows Live Call–>MsiExec.exe /I{362F80B4-9628-4100-B074-5A1BB6FCBBF3}
    Windows Live Communications Platform–>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
    Windows Live Essentials–>C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
    Windows Live Essentials–>MsiExec.exe /I{B3B4E65B-F8B9-46E8-9B30-4DE339DB3F1E}
    Windows Live Mail–>MsiExec.exe /I{B38B1F86-8202-482F-A289-A4806DFA498D}
    Windows Live Messenger–>MsiExec.exe /X{1A38EBE5-08BD-4E0D-AAB9-0DFECACE108B}
    Windows Live Photo Gallery–>MsiExec.exe /X{22B63288-28E5-4F8C-9BA4-5BD7F6A027E0}
    Windows Live Sync–>MsiExec.exe /X{A5F3E8C0-E949-40D0-B529-D34A4BCDA43C}
    Windows Live Toolbar–>MsiExec.exe /X{78046D8A-2E9F-4B85-B0FE-F5E53CF1FD10}
    Windows Live Writer–>MsiExec.exe /X{C8114985-F9C5-4A4A-885D-C6BA4AE8F231}
    WinFlash–>MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D}
    Wireless Console 3–>MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}
    Wolfenstein - Enemy Territory–>D:\PROGRA~1\WOLFEN~1\Uninstall\Unwise.exe /u D:\PROGRA~1\WOLFEN~1\Uninstall\Install.log
    World of Goo–>C:\Program Files (x86)\Asus\Game Park\World of Goo\Uninstall.exe
    Zoo Tycoon: Complete Collection–>"C:\Program Files (x86)\Microsoft Games\Zoo Tycoon\UNINSTAL.EXE"
    untemp /addremove

    ======Security center information======

    AS: Spybot - Search and Destroy (disabled) (outdated)

    ======System event log======

    Computer Name: ThomasDeSterck
    Event Code: 7036
    Message: De Group Policy Client-service heeft nu de status wordt uitgevoerd.
    Record Number: 2783
    Source Name: Service Control Manager
    Time Written: 20101222180516.636056-000
    Event Type: Informatie
    User:

    Computer Name: ThomasDeSterck
    Event Code: 7036
    Message: De Themes-service heeft nu de status wordt uitgevoerd.
    Record Number: 2782
    Source Name: Service Control Manager
    Time Written: 20101222180516.636056-000
    Event Type: Informatie
    User:

    Computer Name: ThomasDeSterck
    Event Code: 7036
    Message: De Windows Audio-service heeft nu de status wordt uitgevoerd.
    Record Number: 2781
    Source Name: Service Control Manager
    Time Written: 20101222180516.636056-000
    Event Type: Informatie
    User:

    Computer Name: ThomasDeSterck
    Event Code: 7036
    Message: De Windows Audio Endpoint Builder-service heeft nu de status wordt uitgevoerd.
    Record Number: 2780
    Source Name: Service Control Manager
    Time Written: 20101222180516.589256-000
    Event Type: Informatie
    User:

    Computer Name: ThomasDeSterck
    Event Code: 7036
    Message: De Multimedia Class Scheduler-service heeft nu de status wordt uitgevoerd.
    Record Number: 2779
    Source Name: Service Control Manager
    Time Written: 20101222180516.526856-000
    Event Type: Informatie
    User:

    =====Application event log=====

    Computer Name: ThomasDeSterck
    Event Code: 4625
    Message: Het EventSystem-subsysteem onderdrukt gedurende 86400 seconden dubbele vermeldingen in het gebeurtenislogboek. De time-out voor onderdrukking kan worden ingesteld met de REG_DWORD-waarde SuppressDuplicateDuration in de volgende registersleutel: HKLM\Software\Microsoft\EventSystem\EventLog.
    Record Number: 891
    Source Name: Microsoft-Windows-EventSystem
    Time Written: 20101222081540.000000-000
    Event Type: Informatie
    User:

    Computer Name: ThomasDeSterck
    Event Code: 1532
    Message: De User Profile-service is gestopt.


    Record Number: 890
    Source Name: Microsoft-Windows-User Profiles Service
    Time Written: 20101103012250.307046-000
    Event Type: Informatie
    User: NT AUTHORITY\SYSTEM

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 1003
    Message: De Windows Search-service is gestart.

    Record Number: 889
    Source Name: Microsoft-Windows-Search
    Time Written: 20101103012243.000000-000
    Event Type: Informatie
    User:

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 1013
    Message: De Windows Search-service is normaal gestopt.

    Record Number: 888
    Source Name: Microsoft-Windows-Search
    Time Written: 20101103012242.000000-000
    Event Type: Informatie
    User:

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 103
    Message: Windows (3536) Windows: De database-engine heeft een nieuwe sessie (0) stopgezet.
    Record Number: 887
    Source Name: ESENT
    Time Written: 20101103012242.000000-000
    Event Type: Informatie
    User:

    =====Security event log=====

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 4672
    Message: Speciale bevoegdheden toegewezen aan nieuwe aanmelding.

    Onderwerp:
    Beveiligings-id: S-1-5-18
    Accountnaam: SYSTEM
    Accountdomein: NT AUTHORITY
    Aanmeldings-id: 0x3e7

    Bevoegdheden: SeAssignPrimaryTokenPrivilege
    SeTcbPrivilege
    SeSecurityPrivilege
    SeTakeOwnershipPrivilege
    SeLoadDriverPrivilege
    SeBackupPrivilege
    SeRestorePrivilege
    SeDebugPrivilege
    SeAuditPrivilege
    SeSystemEnvironmentPrivilege
    SeImpersonatePrivilege
    Record Number: 392
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20101103012243.692634-000
    Event Type: Controle geslaagd
    User:

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 4624
    Message: Er is een account aangemeld.

    Onderwerp:
    Beveiligings-id: S-1-5-18
    Accountnaam: WIN-OS75K9LQF6O$
    Accountdomein: WORKGROUP
    Aanmeldings-id: 0x3e7

    Aanmeldingstype: 5

    Nieuwe aanmelding:
    Beveiligings-id: S-1-5-18
    Accountnaam: SYSTEM
    Accountdomein: NT AUTHORITY
    Aanmeldings-id: 0x3e7
    Aanmeldings-GUID: {00000000-0000-0000-0000-000000000000}

    Procesgegevens:
    Proces-id: 0x230
    Naam proces: C:\Windows\System32\services.exe

    Netwerkgegevens:
    Naam van werkstation:
    Netwerkadres van bron: -
    Poort van bron: -

    Gedetailleerde verificatiegegevens:
    Aanmeldingsproces: Advapi
    Verificatiepakket: Negotiate
    Doorgezette services: -
    Pakketnaam (alleen NTLM): -
    Sleutellengte: 0

    Deze gebeurtenis wordt gegenereerd wanneer een aanmeldingssessie wordt gemaakt. De gebeurtenis wordt gegenereerd op de computer waartoe toegang wordt verkregen.

    De velden Onderwerp bevatten de account op het lokale systeem waardoor de aanmelding is aangevraagd. Dit is meestal een service zoals de Server-service, of een lokaal proces zoals Winlogon.exe of Services.exe.

    In het veld Aanmeldingstype ziet u het type aanmelding. De meest algemene typen zijn 2 (interactief) en 3 (netwerk).

    Het veld Nieuwe aanmelding bevat de account waarvoor de nieuwe aanmelding is gemaakt. Dit is de account waarmee is aangemeld.

    In de netwerkvelden ziet u de bron van een externe aanmeldingsaanvraag. Naam van werkstation is niet altijd beschikbaar en kan in sommige gevallen leeg zijn.

    De velden met verificatiegegevens bevatten gedetailleerde informatie over deze aanmeldingsaanvraag.
    - Aanmeldings-GUID is een unieke id die kan worden gebruikt om deze gebeurtenis af te stemmen met een KDC-gebeurtenis.
    - In Doorgezette services ziet u welke tussentijdse services voor deze aanmeldingsaanvraag zijn gebruikt.
    - Pakketnaam geeft aan welk subprotocol van de NTLM-protocollen is gebruikt.
    - Sleutellengte geeft de lengte van de gegenereerde sessiesleutel aan. Dit veld is 0 als er geen sessiesleutel is aangevraagd.
    Record Number: 391
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20101103012243.692634-000
    Event Type: Controle geslaagd
    User:

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 4738
    Message: Er is een gebruikersaccount gewijzigd.

    Onderwerp:
    Beveiligings-id: S-1-5-21-3662699763-2461931660-4105734476-500
    Accountnaam: Administrator
    Accountdomein: WIN-OS75K9LQF6O
    Aanmeldings-id: 0x4b7e0

    Doelaccount:
    Beveiligings-id: S-1-5-21-3662699763-2461931660-4105734476-500
    Accountnaam: Administrator
    Accountdomein: WIN-OS75K9LQF6O

    Gewijzigde kenmerken:
    SAM-accountnaam: -
    Weergavenaam: -
    Principal-naam van gebruiker: -
    Basismap: -
    Basisstation: -
    Pad naar script: -
    Pad naar profiel: -
    Gebruikerswerkstations: -
    Wachtwoord voor het laatst ingesteld: -
    Account verloopt op: -
    Primaire groeps-id: -
    Mag overdragen aan: -
    Oude UAC-waarde: 0x210
    Nieuwe UAC-waarde: 0x211
    Gebruikersaccountbeheer:
    Account uitgeschakeld
    Gebruikersparameters: -
    SID-geschiedenis: -
    Aantal uren aangemeld: -

    Aanvullende gegevens:
    Bevoegdheden: -
    Record Number: 390
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20101103012240.837829-000
    Event Type: Controle geslaagd
    User:

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 4725
    Message: Er is een gebruikersaccount uitgeschakeld.

    Onderwerp:
    Beveiligings-id: S-1-5-21-3662699763-2461931660-4105734476-500
    Accountnaam: Administrator
    Accountdomein: WIN-OS75K9LQF6O
    Aanmeldings-id: 0x4b7e0

    Doelaccount:
    Beveiligings-id: S-1-5-21-3662699763-2461931660-4105734476-500
    Accountnaam: Administrator
    Accountdomein: WIN-OS75K9LQF6O
    Record Number: 389
    Source Name: Microsoft-Windows-Security-Auditing
    Time Written: 20101103012240.837829-000
    Event Type: Controle geslaagd
    User:

    Computer Name: WIN-OS75K9LQF6O
    Event Code: 1102
    Message: Het controlelogboek is gewist.
    Onderwerp:
    Beveiligings-id: S-1-5-21-3662699763-2461931660-4105734476-500
    Accountnaam: Administrator
    Domeinnaam: WIN-OS75K9LQF6O
    Aanmeldings-id: 0x4b7e0
    Record Number: 388
    Source Name: Microsoft-Windows-Eventlog
    Time Written: 20101103012234.473018-000
    Event Type: Controle geslaagd
    User:

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "configsetroot"=%SystemRoot%\ConfigSetRoot
    "FP_NO_HOST_CHECK"=NO
    "NUMBER_OF_PROCESSORS"=4
    "OS"=Windows_NT
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\Tools\Binn;C:\Program Files\Microsoft SQL Server\100\DTS\Binn
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE"=AMD64
    "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_REVISION"=2505
    "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "USERNAME"=SYSTEM
    "windir"=%SystemRoot%
    "VS100COMNTOOLS"=d:\Program Files (x86)\Visual studio 2010\Common7\Tools\

    —————–EOF—————–
















  • Hoi Thomas, het is mij ondertussen duidelijk geworden!

    Jij of of iemand anders heeft [b:42bb48cd26]NVIDIA PhysX[/b:42bb48cd26] geïnstalleerd!

    Alleen: die software heeft dus niks te zoeken in een AMD/ATI computer!

    Als gevolg hiervan zijn ook de in Windows zelf aanwezige NVidia-drivers door het installeren van NVIDIA PhysX geactiveerd geworden!


    Dus ga naar Configuratiescherm\Programma's en onderdelen en verijder daar NVIDIA PhysX.

    Heb je dat gedaan - start dan je PC opnieuw op.
  • ik heb Nvidia pshyx er af gesmeten. Geen idee hoe het erop komt. configuratiescherm zei dat het was geinstalleerd op 27 maart 2011 terwijl ik deze computer heb van december 2010. Dus hij stond er al niet op toen ik hem gekocht had

    Vreemd!
  • Mooi zo.
    Dat zal Windows ook goed doen!

    Voordat we gaan opruimen, heb je nog problemen of andere bijzonderheden in Windows?
  • Nee niet echt iets speciaal.

    Alleen misschien, niet echt een probleem, maar bij het opstarten heb ik ingesteld dat je een passwoord moet ingeven. Er zit ook een cijfer in.

    Is het soms mogelijk om de Num-lock automatisch op te zetten bij het opstarten? De computer doet dit namelijk niet direct.
  • Kijk in het bios, of daar de optie aanwezig is en geactiveerd kan worden.

    Opruimen:

    Je mag RSIT weer vewijderen: open een nieuw kladblok bestand, via Start>Alle programma’s>Bureau-accessoires>Kladblok.


    Kopieer en plak de volgende (vetgedrukte, blauwe tekst) in het lege kladblokvenstervenster




    Sla dit kladblokbestand op je bureaublad op als [b:705b20a346]xixo.bat[/b:705b20a346]; bij "Oplaan als" kies je voor "Alle bestanden".

    Het moet er als dit uitzien : [urll]http://img301.imageshack.us/img301/6459/batqb.jpg[/urll]

    Klik\dubbelklik op [b:705b20a346]xixo.bat[/b:705b20a346]; de batchfile zal de opdracht uitvoeren en zichzelf daarna automatisch verwijderen.


    ComboFix mag nu verwijderd worden:
    [list:705b20a346][*:705b20a346] ga daarvoor naar Start - Uitvoeren
    [*:705b20a346] kopieer en plak hierin het volgende: [b:705b20a346]Combofix /Uninstall[/b:705b20a346]
    [*:705b20a346] klik daarna op [b:705b20a346]OK[/b:705b20a346].
    [*:705b20a346] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:705b20a346]

    Voorbeeld:

    [img:705b20a346]http://www.emphyrio.be/images/SMUninstall_combofix.png[/img:705b20a346]

    Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken.

    [i:705b20a346]Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden,
    herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies,
    gaat verborgen bestanden en systeembestanden terug verbergen
    en reset je Systeemherstel opnieuw.[/i:705b20a346]



    Download [b:705b20a346] (by OldTimer)
    [list:705b20a346][*:705b20a346]Plaats het bestand op je bureaublad.
    [*:705b20a346]Zorg dat er een internetverbinding is.
    [*:705b20a346]Vista / W7 Gebruikers :
    [list:705b20a346][*:705b20a346]Klik vervolgens met je rechtermuisknop op OTC.exe en kies voor Run as Administrator (Nederlands: Uitvoeren als Administrator) om het programma te starten.[/list:u:705b20a346]
    [*:705b20a346]XP Gebruikers:
    [list:705b20a346][*:705b20a346]Dubbelklik op OTC[/list:u:705b20a346]
    [*:705b20a346]Klik nu op de knop "CleanUp!"
    [*:705b20a346]Als je firewall, of een ander beveiligingsprogramma, een waarschuwing geeft dat OTC.exe internettoegang wil,
    mag je dit toestaan, het programma heeft die connectie nodig.
    [*:705b20a346]OTC zal als laatste vragen of je de computer herstarten wilt, dit mag je toestaan, hiermee verwijdert het zichzelf ook.[/list:u:705b20a346]

    [i:705b20a346][b:705b20a346]Nota[/b:705b20a346]: Het gebruik van OTC.exe zal alle gebruikte tools(inclusief bijbehorende logs en backupmappen) van je computer doen verwijderen.[/i:705b20a346]
  • Heb gedaan wat je vroeg.
    OTC heeft alles verwijderd en combofix is ook weg

    Moet ik nog iets doen?

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.