Mededeling

**smeenk** · 30-01-08, 23:42

Kan je wel in veilige modus werken?

Download: RVAXO.exe

Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
Post de inhoud van de logfile in je volgende bericht.

Download Deckard's System Scanner naar je Bureaublad.

Sluit alle toepassingen en vensters.
Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
Kopiëer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
- zorg dat sigcheck.exe toestemming krijgt om dit te doen !
Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

**TheSubways** · 31-01-08, 17:30

RVAXO zei wel de hele tijd dat hij het gevraagde pad/bestand niet kon vinden.. maar hier is de log..
log van RVAXO:

---RVAXO.exe Updated: 2008-01-31---first run---
Files found:
C:\WINDOWS\rs.txt
C:\WINDOWS\ffvrdgt.exe
C:\WINDOWS\adsoowf.dll

Uninstallers:

Folders Found:

C:\Program Files\Common Files\{2822E75B-07DA-1043-0822-050920040020}
C:\Program Files\Common Files\{3822E75B-07DA-1043-0822-050920040020}

Hosts-file was reset, If you use a custom hosts file please replace it...

--------------RVAXO.exe last run---------------

Files found:

Folders Found:

--------------RVAXO.exe finished----------------

**smeenk** · 31-01-08, 17:37

Oorspronkelijk geplaatst door TheSubways Bekijk Berichten

RVAXO zei wel de hele tijd dat hij het gevraagde pad/bestand niet kon vinden.

Dat is dus goed

Oorspronkelijk geplaatst door smeenk Bekijk Berichten

Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.

Post ook even het logje van Deckard's System Scanner

**TheSubways** · 31-01-08, 17:44

Deckard's System Scanner v20071014.68
Run by Myriam on 2008-01-31 17:36:14
Computer is in Safe Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Failed to create restore point; computer is in safe mode.

-- Last 5 Restore Point(s) --
31: 2008-01-30 16:07:22 UTC - RP502 - Removed SUPERAntiSpyware Free Edition
30: 2008-01-30 15:18:02 UTC - RP501 - Installed SUPERAntiSpyware Free Edition
29: 2008-01-30 15:17:20 UTC - RP500 - Made by Registry Mechanic
28: 2008-01-30 10:17:58 UTC - RP499 - Controlepunt van systeem
27: 2008-01-28 17:01:20 UTC - RP498 - Controlepunt van systeem

-- First Restore Point --
1: 2007-12-02 12:11:52 UTC - RP472 - Removed Medieval II Total War

Backed up registry hives.
Performed disk cleanup.

System Drive C: has 3.62 GiB (less than 15%) free.

-- HijackThis (run as Myriam.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:37:58, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\Myriam\Bureaublad\dss.exe
G:\PROGRA~1\TRENDM~1\HIJACK~1\Myriam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hln.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {3756900C-91CD-8645-BCA1-A735810F4101} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - G:\Bitcomet\Bitcomet 0.82\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\scanners\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "G:\3wplayer\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
O4 - Global Startup: Launchy.lnk = G:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\OFFICE~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kencuppens.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A7A81F2B-BB4D-8BA6-D952-BDAC3060A4E1} - http://performanceoptimizer.com/files/PerformanceOptimizerPre_Installer.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://veralindita.com/video/h263ctrl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9F0BE3B-F8CB-48B1-836C-1253664EFE65}: NameServer = 82.126.126.241
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - G:\BurnQuick\mdf acohol player\Alcohol 52\StarWind\StarWindService.exe

--
End of file - 8345 bytes

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,71
.ini - inifile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,69
.js - jsfile - DefaultIcon - unable to read value
.js - jsfile - shell\open\command - unable to read value
.txt - txtfile - DefaultIcon - C:\WINDOWS\system32\shell32.dll,70

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys <Not Verified; Protection Technology; StarForce Protection System>
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys <Not Verified; Protection Technology; StarForce Protection System>
R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>
R3 vaxscsi - c:\windows\system32\drivers\vaxscsi.sys

S1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
S1 NPPTNT2 - c:\windows\system32\npptnt2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
S1 SASKUTIL - g:\program files\superantispyware\saskutil.sys (file missing)
S1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
S2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
S2 ousbehci (OrangeWare USB Enhanced Host Controller Service) - c:\windows\system32\drivers\ousbehci.sys <Not Verified; OrangeWare Corporation; USB 2.0 Enhanced Host Controller Driver>
S3 ousb2hub (OrangeWare USB 2.0 Root Hub Support) - c:\windows\system32\drivers\ousb2hub.sys <Not Verified; OrangeWare Corporation; USB 2.0 Hub Driver>
S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
S3 SABProcEnum - c:\program files\mozilla firefox\sabprocenum.sys (file missing)
S3 Video3D (ASUS Video3D Service) - c:\windows\system32\drivers\video3d.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Video3D driver>
S3 WinDriver6 - c:\windows\system32\drivers\windrvr6.sys <Not Verified; Jungo; WinDriver Device Driver>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
S2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
S2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
S2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe
S2 Service -
S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>

-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.

-- Scheduled Tasks -------------------------------------------------------------

2008-01-11 08:46:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

-- Files created between 2007-12-31 and 2008-01-31 -----------------------------

2008-01-31 17:21:51 0 d-------- C:\RVAXO
2008-01-31 17:18:28 645770 --a------ C:\WINDOWS\system32\RVAXO.bat
2008-01-31 17:18:28 69632 --a------ C:\WINDOWS\system32\remove.exe
2008-01-31 16:40:01 0 dr-h----- C:\Documents and Settings\Ken\Onlangs geopend
2008-01-30 19:13:04 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-01-30 19:12:22 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-30 17:12:52 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-30 17:12:52 0 d-------- C:\Documents and Settings\Kevin\Application Data\Vso
2008-01-30 17:12:52 47360 --a------ C:\Documents and Settings\Kevin\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-30 17:12:50 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-01-30 17:12:50 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-01-30 17:12:50 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-01-30 17:12:50 0 d-------- C:\Program Files\vso
2008-01-21 17:25:27 0 d-------- C:\Program Files\Bonjour
2008-01-21 17:18:50 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-01-21 17:10:31 0 d-------- C:\Documents and Settings\Kevin\Application Data\HighAndes
2008-01-21 17:10:31 0 d-------- C:\Documents and Settings\All Users\Application Data\HighAndes
2008-01-20 13:39:01 0 d-------- C:\Documents and Settings\Kevin\Application Data\Qlikworld
2008-01-19 13:21:02 0 dr-h----- C:\Documents and Settings\Kevin\Onlangs geopend
2008-01-07 18:26:54 0 d-------- C:\Program Files\Common Files\L&H
2008-01-07 18:26:33 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-01-07 18:25:50 0 d-------- C:\Program Files\Microsoft Works
2008-01-07 18:25:24 0 d-------- C:\WINDOWS\SHELLNEW
2008-01-07 18:25:15 0 d-------- C:\Program Files\Microsoft.NET
2008-01-07 16:33:53 0 d-------- C:\Program Files\uTorrent
2008-01-07 16:33:44 0 d-------- C:\Documents and Settings\Ken\Application Data\uTorrent

-- Find3M Report ---------------------------------------------------------------

2008-01-30 17:07:30 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-29 17:34:29 0 d-------- C:\Program Files\Common Files
2008-01-21 17:23:20 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-12 10:57:23 0 d-------- C:\Program Files\Messenger Plus! Live
2008-01-12 10:57:22 0 d-------- C:\Program Files\MSN Messenger
2008-01-07 22:57:09 470192 --a------ C:\WINDOWS\system32\perfh013.dat
2008-01-07 22:57:09 82706 --a------ C:\WINDOWS\system32\perfc013.dat
2007-12-30 11:49:24 0 d-------- C:\Program Files\CyberQix
2007-12-30 11:46:37 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-26 17:41:36 0 d-------- C:\Documents and Settings\Myriam\Application Data\Launchy
2007-12-24 21:44:48 0 d-------- C:\Program Files\Yahoo!
2007-12-19 22:52:28 0 d-------- C:\Program Files\iTunes
2007-12-19 22:52:18 0 d-------- C:\Program Files\iPod
2007-12-17 17:00:29 0 d-------- C:\Program Files\MSXML 6.0
2007-12-16 09:48:10 4251 --a------ C:\WINDOWS\mozver.dat
2007-12-16 09:36:16 0 --a------ C:\autoexec.bat
2007-12-04 16:45:06 0 d-------- C:\Documents and Settings\Myriam\Application Data\Nero
2007-12-02 13:11:10 0 d-------- C:\Program Files\InterActual
2007-12-02 13:10:03 0 d-------- C:\Program Files\NCH Swift Sound
2007-12-01 17:26:23 0 d-------- C:\Program Files\Common Files\Nero
2007-12-01 17:24:39 0 d-------- C:\Program Files\Nero
2007-11-30 10:14:10 0 d-------- C:\Documents and Settings\Myriam\Application Data\Sun

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3756900C-91CD-8645-BCA1-A735810F4101}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14/03/2007 02:43]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/10/2007 17:14]
"SoundMan"="SOUNDMAN.EXE" [22/07/2005 08:00 C:\WINDOWS\SOUNDMAN.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 14:00]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [28/03/2002 10:44]
"PhilipsDM"="C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [28/09/2006 09:32]
"nwiz"="nwiz.exe" [04/10/2007 17:14 C:\WINDOWS\system32\nwiz.exe]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [31/10/2003 18:42]
"SchedulingAgent"="mstinit.exe" [04/08/2004 01:03 C:\WINDOWS\system32\mstinit.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [14/12/2004 17:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [14/12/2004 17:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [14/12/2004 17:51]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [20/09/2007 09:51]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [04/10/2007 17:14]
"QuickTime Task"="G:\3wplayer\quicktime\QTTask.exe" [11/12/2007 10:56]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/12/2007 12:10]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 01:03]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19/01/2007 12:54]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 17:24]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"SchedulingAgent"=mstask.exe

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe [11/03/2007 11:09:36]
Launchy.lnk - G:\Program Files\Launchy\Launchy.exe [24/12/2007 12:01:28]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [21/01/2000 9:15:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start

-- End of Deckard's System Scanner: finished at 2008-01-31 17:38:22 ------------

**smeenk** · 31-01-08, 17:58

Start HijackThis nog een keer en plaats alleen een vinkje voor de volgende regels:
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {3756900C-91CD-8645-BCA1-A735810F4101} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O9 - Extra button: (no name) - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - (no file)
Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

Download DAFT naar je Bureaublad

Dubbelklik op het groene daft.exe icoon.
Lees de disclaimer en klik op OK.
Klik op de Scan knop.
Vink (indien foutieve associaties worden aangetroffen) alle weergegeven items aan.
Klik op de Fix knop.
Herhaal de scan en klik op "Save log".
Standaard wordt dit op je Bureaublad opgeslagen als daft.txt.

Post ook een nieuw logje van Deckard's System Scanner en vertel of er nog problemen zijn

**TheSubways** · 31-01-08, 18:05

er was 1 foute associatie: .js
maar ik heb per ongeluk opnieuw laten scannen en dus nu is de staat in de log gewoon: all associations ok!

Bij dss.exe had ik ook nog een extra log maar die had ik niet geupload is dat erg?

Is mijn pc nu weer in orde als ik hem opnieuw opstart?

**smeenk** · 31-01-08, 18:30

Start je PC maar opnieuw op en post die beide nieuwe logjes van Deckard's System Scanner maar

**TheSubways** · 31-01-08, 18:46

ik blijf met een probleem zitten. Ik zit nu terug op mijn eigen pc account en hij werkt nu wel, maar eerst krijg ik dus mijn gewone bureaubladachtergrond en even later wordt hij wit en als ik eigenschappen doe krijg ik:

Protocol: File Protocol
Type: HTML Document
Verbinding: Niet gecodeerd
Adres: file://C:\WINDOWS\privacy_danger\index.html
Grootte: Niet beschikbaar
Gemaakt: Niet beschikbaar
Gewijzigd: Niet beschikbaar

Dat is dus de html die vroeger mijn bureaublad overnam met het prentje van YOUR PRIVACY IS IN DANGER. Hoe krijg ik dit verwijderd? Mijn vader heeft dit wit scherm ook op zijn account, maar mijn broer en mijn moeder niet.

Hier is dus die extra log van dss:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Dutch

CPU 0: AMD Athlon(tm) 64 Processor 3200+
Percentage of Memory in Use: 21%
Physical Memory (total/avail): 1023.48 MiB / 803.78 MiB
Pagefile Memory (total/avail): 2463.93 MiB / 2384.37 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1935.27 MiB

C: is Fixed (NTFS) - 53.71 GiB total, 3.62 GiB free.
D: is Fixed (NTFS) - 59.57 GiB total, 43.11 GiB free.
E: is Fixed (NTFS) - 58.59 GiB total, 5.77 GiB free.
F: is CDROM (No Media)
G: is Fixed (NTFS) - 61 GiB total, 7.57 GiB free.
M: is Removable (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG SP2514N - 232.88 GiB - 4 partitions
\PARTITION0 (bootable) - Installable File System - 53.71 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 179.16 GiB - D: - E: - G:

\\.\PHYSICALDRIVE1 - Brother DCP-115C USB Device

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AV: avast! antivirus 4.7.1098 [VPS 080131-1] v4.7.1098 (ALWIL Software)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled

xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled

xpsp2res.dll,-22019"
"G:\\Mohaa\\MOHAA.exe"="G:\\Mohaa\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"G:\\Empire Earth\\ee\\Empire Earth.exe"="G:\\Empire Earth\\ee\\Empire Earth.exe:*:Enabled:Empire Earth"
"G:\\Xfire\\ua_lsp_inst.exe"="G:\\Xfire\\ua_lsp_inst.exe:*:Enabled:ua_lsp_inst"
"G:\\Medal Of Honor Pacific Assault\\mohpa.exe"="G:\\Medal Of Honor Pacific Assault\\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"G:\\Warhammer 40k-Dawn Of War\\W40k.exe"="G:\\Warhammer 40k-Dawn Of War\\W40k.exe:*:Enabled:W40k"
"G:\\Xfire\\Xfire.exe"="G:\\Xfire\\Xfire.exe:*:Enabled:Xfire"
"G:\\Joint Operations\\Jointops.exe"="G:\\Joint Operations\\Jointops.exe:*:Enabled:Jointops"
"G:\\StubInstaller.exe"="G:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"G:\\Limewire\\LimeWire.exe"="G:\\Limewire\\LimeWire.exe:*:Enabled:LimeWire"
"G:\\Lord of The Rings\\game.dat"="G:\\Lord of The Rings\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"G:\\Call of duty\\CoDMP.exe"="G:\\Call of duty\\CoDMP.exe:*:Enabled:CoDMP"
"G:\\GameSpy Arcade\\Aphex.exe"="G:\\GameSpy Arcade\\Aphex.exe:*:Enabled:GameSpy Arcade"
"G:\\UT2004\\System\\UT2004.exe"="G:\\UT2004\\System\\UT2004.exe:*:Enabled:UT2004"
"C:\\WINDOWS\\system32\\dplaysvr.exe"="C:\\WINDOWS\\system32\\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"G:\\Anno 1602\\anno 1602\\1602.exe"="G:\\Anno 1602\\anno 1602\\1602.exe:*:Enabled:1602"
"G:\\Battlefield\\Sports Car GT\\Spcar.exe"="G:\\Battlefield\\Sports Car GT\\Spcar.exe:*:Enabled:Sports Car GT"
"G:\\RS Lockdown\\Lockdown.exe"="G:\\RS Lockdown\\Lockdown.exe:*:Enabled:Lockdown"
"G:\\Worms\\Worms 4 Mayhem Online Demo.exe"="G:\\Worms\\Worms 4 Mayhem Online Demo.exe:*:Enabled:Worms 4 Mayhem"
"G:\\Empire Earth II\\EE2.exe"="G:\\Empire Earth II\\EE2.exe:*:Enabled:Empire Earth II"
"G:\\Firefox\\firefox.exe"="G:\\Firefox\\firefox.exe:*:Enabled:Firefox"
"G:\\HL Team Fortress\\hlds.exe"="G:\\HL Team Fortress\\hlds.exe:*:Enabled:hlds"
"C:\\Program Files\\MSN Messenger\\msgs.exe"="C:\\Program Files\\MSN Messenger\\msgs.exe:*:Enabled:Messenger"
"G:\\Sof\\Soldier of Fortune II - Double Helix MP TEST\\SoF2MP-Test.exe"="G:\\Sof\\Soldier of Fortune II - Double Helix MP TEST\\SoF2MP-Test.exe:*:Enabled:SoF2MP-Test"
"G:\\Rush For Berlin\\RushForBerlin.exe"="G:\\Rush For Berlin\\RushForBerlin.exe:*:Enabled:Rush for Berlin"
"C:\\Program Files\\Microsoft Office\\Office\\FRONTPG.EXE"="C:\\Program Files\\Microsoft Office\\Office\\FRONTPG.EXE:*:Enabled:Microsoft FrontPage"
"G:\\Mohaa\\moh_spearhead.exe"="G:\\Mohaa\\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead"
"G:\\Empire Earth\\ee\\ee\\Empire Earth.exe"="G:\\Empire Earth\\ee\\ee\\Empire Earth.exe:*

isabled:Empire Earth"
"G:\\Medal Of Honor Allied Assault\\MOHAA.exe"="G:\\Medal Of Honor Allied Assault\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"G:\\Medal Of Honor Allied Assault\\moh_spearhead.exe"="G:\\Medal Of Honor Allied Assault\\moh_spearhead.exe:*:Enabled:Medal of Honor Allied Assault(tm) Spearhead"
"F:\\Empire Earth\\ee\\Empire Earth.exe"="F:\\Empire Earth\\ee\\Empire Earth.exe:*:Enabled:Empire Earth"
"G:\\AOE2\\age2_x1.exe"="G:\\AOE2\\age2_x1.exe:*:Enabled:Age of Empires II Expansion"
"G:\\Empires\\Empires_DMW.exe"="G:\\Empires\\Empires_DMW.exe:*:Enabled:Empires_DMW"
"G:\\Empire Earth Update\\ee\\Empire Earth.exe"="G:\\Empire Earth Update\\ee\\Empire Earth.exe:*:Enabled:Empire Earth"
"G:\\ee\\Empire Earth\\Empire Earth.exe"="G:\\ee\\Empire Earth\\Empire Earth.exe:*:Enabled:Empire Earth"
"G:\\Anno 1701\\1701_Demo.exe"="G:\\Anno 1701\\1701_Demo.exe:*:Enabled:1701 A.D. Demo"
"G:\\Firefox\\Mozilla Firefox\\firefox.exe"="G:\\Firefox\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\Common Files\\Microsoft Shared\\web server extensions\\40\\bin\\tcptest.exe"="C:\\Program Files\\Common Files\\Microsoft Shared\\web server extensions\\40\\bin\\tcptest.exe:*:Enabled:Microsoft FrontPage TCP/IP Tester"
"G:\\Delta Force\\UPDATE.EXE"="G:\\Delta Force\\UPDATE.EXE:*:Enabled:UPDATE"
"G:\\Delta Force\\dfbhdd.exe"="G:\\Delta Force\\dfbhdd.exe:*:Enabled:dfbhdd"
"G:\\Trackmania\\TmNationsESWC.exe"="G:\\Trackmania\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"="C:\\Program Files\\Windows Media Player\\wmplayer.exe:*:Enabled:Windows Media Player"
"G:\\Medal Of Honor Allied Assault\\MOHAA_server.exe"="G:\\Medal Of Honor Allied Assault\\MOHAA_server.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"G:\\Splinter Cell\\SCDA-Offline\\System\\SplinterCell4.exe"="G:\\Splinter Cell\\SCDA-Offline\\System\\SplinterCell4.exe:*:Enabled:SplinterCell4"
"G:\\Return To Castle Wolfenstein\\ET.exe"="G:\\Return To Castle Wolfenstein\\ET.exe:*:Enabled:ET"
"G:\\America's Army\\America's Army\\System\\ArmyOps.exe"="G:\\America's Army\\America's Army\\System\\ArmyOps.exe:*:Enabled:ArmyOps"
"G:\\Halo\\halo.exe"="G:\\Halo\\halo.exe:*:Enabled:Halo"
"C:\\WINDOWS\\system32\\sysvx.exe"="C:\\WINDOWS\\system32\\sysvx.exe:*:Enabled:enable"
"G:\\install\\Empire Earth II\\EE2.exe"="G:\\install\\Empire Earth II\\EE2.exe:*:Enabled:Empire Earth II"
"G:\\All Seeing Eye\\The All-Seeing Eye\\eye.exe"="G:\\All Seeing Eye\\The All-Seeing Eye\\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"G:\\Fear Combat\\fpupdate.exe"="G:\\Fear Combat\\fpupdate.exe:*:Enabled:fpupdate"
"G:\\Fear Combat\\FEARMP.exe"="G:\\Fear Combat\\FEARMP.exe:*:Enabled:FEAR Combat"
"G:\\Fear Combat\\FEARServer.exe"="G:\\Fear Combat\\FEARServer.exe:*:Enabled:F.E.A.R. - Stand-Alone Server"
"G:\\Mohpa\\mohpa.exe"="G:\\Mohpa\\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm)"
"G:\\Lord of The Rings BFME\\game.dat"="G:\\Lord of The Rings BFME\\game.dat:*:Enabled:The Battle for Middle-earth (tm)"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"="C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe:*:Enabled:Kodak Software Updater"
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"="C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe:*:Enabled:EasyShare"
"G:\\World of Warcraft\\WoW-enGB-Installer-downloader.exe"="G:\\World of Warcraft\\WoW-enGB-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
"C:\\WINDOWS\\system32\\rtcshare.exe"="C:\\WINDOWS\\system32\\rtcshare.exe:*:Enabled:RTC-toepassingen delen"
"C:\\Program Files\\NetMeeting\\conf.exe"="C:\\Program Files\\NetMeeting\\conf.exe:*:Enabled:Windows® NetMeeting®"
"G:\\Westwood\\Dune2000\\DUNE2000.DAT"="G:\\Westwood\\Dune2000\\DUNE2000.DAT:*:Enabled

une2000"
"G:\\Unreal Tournament 2004\\System\\UT2004.exe"="G:\\Unreal Tournament 2004\\System\\UT2004.exe:*:Enabled:UT2004"
"C:\\Xfire\\xfire.exe"="C:\\Xfire\\xfire.exe:*:Enabled:Xfire"
"C:\\Wolfenstein\\ET.exe"="C:\\Wolfenstein\\ET.exe:*:Enabled:ET"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"G:\\TmNationsESWC_Setup\\TmNationsESWC.exe"="G:\\TmNationsESWC_Setup\\TmNationsESWC.exe:*:Enabled:T mNationsESWC"
"C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe"="C:\\Program Files\\EA GAMES\\MOHAA\\MOHAA.exe:*:Enabled:Medal of Honor Allied Assault(tm)"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe:*:Enabled:Nero ShowTime"
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"G:\\Lost Planet\\Lost Planet\\LostPlanetDX9.exe"="G:\\Lost Planet\\Lost Planet\\LostPlanetDX9.exe:*:Enabled:LostPlanetDX9"
"G:\\Bitcomet\\Bitcomet 0.82\\BitComet.exe"="G:\\Bitcomet\\Bitcomet 0.82\\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"
"G:\\3wplayer\\VeohClient.exe"="G:\\3wplayer\\VeohClient.exe:*:Enabled:Veoh Client"
"G:\\Bitcomet\\µtorrent\\utorrent.exe"="G:\\Bitcomet\\µtorrent\\utorrent.exe:*:Enabled:µTorrent"
"G:\\Medieval\\Medieval_TW.exe"="G:\\Medieval\\Medieval_TW.exe:*:Enabled:Medieval_TW"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Program Files\\TDS_SCC\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"="C:\\Program Files\\TDS_SCC\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"G:\\Battlefield 2\\bf2_w32ded.exe"="G:\\Battlefield 2\\bf2_w32ded.exe:*:Enabled:bf2_w32ded"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\\Call of Duty\\CoDUOMP.exe"="G:\\Call of Duty\\CoDUOMP.exe:*:Enabled:CoDUOMP"
"G:\\Warcraft III\\war3.exe"="G:\\Warcraft III\\war3.exe:*:Enabled:Warcraft III"
"G:\\Warcraft III\\Warcraft III.exe"="G:\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"G:\\Hamachi\\hamachi.exe"="G:\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="C:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"G:\\TrackMania United\\TmUnited.exe"="G:\\TrackMania United\\TmUnited.exe:*:Enabled:TmUnited"
"G:\\download acc\\DAP\\DAP.exe"="G:\\download acc\\DAP\\DAP.exe:*:Enabled

ownload Accelerator Plus (DAP)"
"G:\\download acc\\SpeedBit Video Accelerator\\VideoAccelerator.exe"="G:\\download acc\\SpeedBit Video Accelerator\\VideoAccelerator.exe:*:Enabled:VideoAccelerator"
"G:\\download acc\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"="G:\\download acc\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe:*:Enabled:VideoAcceleratorEngine"
"G:\\Microsoft Games\\Rise of Nations\\thrones.exe"="G:\\Microsoft Games\\Rise of Nations\\thrones.exe:*:Enabled:Rise of Nations"
"G:\\Microsoft Games\\Rise of Nations\\patriots.exe"="G:\\Microsoft Games\\Rise of Nations\\patriots.exe:*:Enabled:Rise of Nations"
"G:\\Battle For Middle Earth\\game.dat"="G:\\Battle For Middle Earth\\game.dat:*:Enabled:The Battle for Middle-earth™ II"
"G:\\Battle For Middle Earth\\patchget.dat"="G:\\Battle For Middle Earth\\patchget.dat:*:Enabled

atchgrabber"
"D:\\Medieval Total War\\medieval2.exe"="D:\\Medieval Total War\\medieval2.exe:*:Enabled:Medieval 2: Total War"
"G:\\Counterstrike Source\\Counter-Strike Source\\hl2.exe"="G:\\Counterstrike Source\\Counter-Strike Source\\hl2.exe:*:Enabled:hl2"
"G:\\Empire Earth Gold\\Empire Earth\\Empire Earth.exe"="G:\\Empire Earth Gold\\Empire Earth\\Empire Earth.exe:*:Enabled:Empire Earth"
"G:\\Empire Earth Gold\\The Art of Conquest\\EE-AOC.exe"="G:\\Empire Earth Gold\\The Art of Conquest\\EE-AOC.exe:*:Enabled:EE-AOC"
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe:*:Enabled:Nero ControlCenter"
"G:\\Wolfenstein\\ET.exe"="G:\\Wolfenstein\\ET.exe:*:Enabled:ET"
"G:\\fifa 2002\\FIFA_2002\\fifa2002.exe"="G:\\fifa 2002\\FIFA_2002\\fifa2002.exe:*:Enabled:fifa2002"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHEALTH\\HELPCTR\\Binaries\\h elpctr.exe:*:Enabled:Hulp op afstand - Windows Messenger en spraak"

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Myriam\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=AMD
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Myriam
LOGONSERVER=\\AMD
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;G:\3wplayer\quicktime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SAFEBOOT_OPTION=MINIMAL
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Myriam\LOCALS~1\Temp
TMP=C:\DOCUME~1\Myriam\LOCALS~1\Temp
USERDOMAIN=AMD
USERNAME=Myriam
USERPROFILE=C:\Documents and Settings\Myriam
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI

-- User Profiles ---------------------------------------------------------------

LocalService
LEON (admin)
Kevin (admin)
Ken (admin)
Myriam (admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> G:\CALLOF~1\Uninstall\Unwise.exe /u G:\CALLOF~1\Uninstall\Install.log
--> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
"TopWare Print-Studio" --> E:\PRINT-~1\UNWISE.EXE E:\PRINT-~1\INSTALL.LOG
4330z --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\ConCord\4330z\Uninst.isu"
[email protected] ISO Burner v 1.1 --> C:\PROGRA~1\LSOFTT~1\ACTIVE~1\UNWISE.EXE C:\PROGRA~1\LSOFTT~1\ACTIVE~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{8BC84ECC-EA87-49C0-93C0-2B5DF62745CD}
Adobe Bridge CS3 --> MsiExec.exe /I{68CF6DD2-8BA3-4A70-81D8-7CC5F24C9BA2}
Adobe Bridge Start Meeting --> MsiExec.exe /I{7F3A2319-79CF-4701-95FB-034E99281808}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{183B7569-90FB-4C56-9761-0EEB002CAB83}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{20B83B31-09C4-4F0E-9774-EF8A12A0A527}
Adobe Dreamweaver CS3 --> C:\Program Files\Common Files\Adobe\Installers\435a6af7459cb02a9c1138113a26e93\Setup.exe
Adobe Dreamweaver CS3 --> MsiExec.exe /I{F01D5ED5-D53A-4468-B428-149DC2CB3110}
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{4DF98D0B-637E-42B4-B9D6-EB7693D2FBF8}
Adobe Extension Manager CS3 --> MsiExec.exe /I{2A539CD9-0F75-4875-9A32-E06DD93C4114}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Viewer CS3 --> MsiExec.exe /I{733D84D6-AAFD-4368-A1D0-F2734F6B9082}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Setup --> MsiExec.exe /I{2274624C-5B38-41AD-AD27-CEC0924EB628}
Adobe Setup --> MsiExec.exe /I{3A12C952-61D5-4C3B-B68B-8CFBE47E22F1}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos CS3 --> C:\Program Files\Common Files\Adobe\Installers\cbb2ea61da9c780bd7e47a5230a9ed7\Setup.exe
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{D1C59F81-66FD-4E8E-B9F7-F4B2442D5222}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{41C3C974-EC5E-494C-AFE6-E31D92E2E6CB}
Advanced Batch Converter --> "G:\viewer\Advanced Batch Converter\uninstall.exe"
Age of Empires III --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ASUS Enhanced Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
ASUS GameFace Live --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{68D8533B-9EE7-46AB-B8B2-D643F888C5DF}
ASUS SmartDoctor --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{12E11FBB-7CA6-4A86-834D-5E6390D51009}
ASUS Utilities --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{F4026ECE-9F19-43EC-9FC8-474C2DB7D2BE} /l1043
ASUS Video Security --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{169E414A-37C7-434E-9021-27A03AE087CD}
ASUSDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
µTorrent --> "G:\Bitcomet\µtorrent\uninstall.exe"
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
BeeThink MP3 WMA To WAV Converter 2.0 --> D:\BeeThink\unins000.exe
Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB899589) --> "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Bink and Smacker --> C:\PROGRA~1\RADVideo\UNWISE.EXE C:\PROGRA~1\RADVideo\INSTALL.LOG
Call of Duty - United Offensive --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{A662E280-64A8-4CF5-8407-13D0808602B3}
Call of Duty Game of the Year Edition --> G:\CALLOF~1\Uninstall\Unwise.exe /u G:\CALLOF~1\Uninstall\Install.log
CCleaner (remove only) --> "C:\Ccleaner\uninst.exe"
ConvertXtoDVD 2.2.3.258h --> "G:\Program Files\VSO\ConvertXtoDVD\unins000.exe"
DMW Client SE --> G:\DMW\DMW Client 3\uninst.exe
DVD Ripper Platinum 4 --> G:\DVD Ripper\DVD Ripper Platinum 4\Uninstall.exe
dvdSanta 4.00 --> "G:\Program Files\dvdSanta\unins000.exe"
EA SPORTS online 2008 --> E:\Fifa 08\EA Sports Online\EASOUNInstaller.exe
Fable - The Lost Chapters --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}
FEARCombat --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{75E607CF-7BAE-4B88-84B3-97F3DF44BA28}\setup.exe" -l0x9 /zU -removeonly
FIFA 08 --> MsiExec.exe /X{0A2A5039-B37F-489D-B1DC-A5258DF9E697}
Fraps --> "G:\Fraps\uninstall.exe"
Free Mp3 Wma Converter V 1.6.1 --> "G:\Converter\Free Audio Pack\unins000.exe"
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Google Earth --> MsiExec.exe /I{407B9B5C-DAC5-4F44-A756-B57CAB4E6A8B}
Guild Wars --> "G:\Guild Wars\Gw.exe" -uninstall
Guitar Pro 5.2 --> "G:\GP5\Guitar Pro 5\unins000.exe"
Hamachi 1.0.2.3 --> G:\Hamachi\uninstall.exe
Hercules QuickAccess --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{999EDEAA-92DD-4BA4-984B-C7F60965D296}\Setup.exe" -l0x9
HijackThis 2.0.2 --> "G:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
hp deskjet 3820 series Installatie ongedaan maken --> C:\Program Files\hp deskjet 3820 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=LPT1: -vproduct=3820 -huninstall
HyperCam 2 --> g:\hypercam\UnHyCam2.exe
IrfanView (remove only) --> G:\viewer\iv_uninstall.exe
iTunes --> MsiExec.exe /I{18388EF8-E0A3-442B-8BFE-E2F1B3D05C91}
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Jasc Paint Shop Pro 9 --> MsiExec.exe /I{F843C6A3-224D-4615-94F8-3C461BD9AEA0}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
jetAudio Basic --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x13 -removeonly
Labtec WebCam-software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x13
Labtec® Camera-stuurprogramma --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Launchy 2.0 --> "G:\Program Files\Launchy\unins000.exe"
LimeWire 4.14.10 --> "G:\Limewire\uninstall.exe"
Magic DVD Ripper V5.0.1 --> "G:\Magic DVD ripper\MagicDVDRipper\unins000.exe"
MAGIX music + video maker generation 6 deLuxe --> G:\MAGIXM~1\MMG6_D~1\UNWISE.EXE G:\MAGIXM~1\MMG6_D~1\INSTALL.LOG
Markant 2 --> C:\PROGRA~1\MARKAN~1\UNWISE.EXE C:\PROGRA~1\MARKAN~1\INSTALL.LOG
Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office 2000 SR-1 Premium --> MsiExec.exe /I{00000413-78E1-11D2-B60F-006097C998E7}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Virtual PC 2007 --> MsiExec.exe /X{8A7CAA24-7B23-410B-A7C3-F994B0944160}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Mijn Rijbewijs --> C:\WINDOWS\IsUn0413.exe -fe:\Rijbewijs\Uninst.isu
MovieConverter --> "G:\dvd menu\TotalMovieConverter\unins000.exe"
Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mp3 Wma Converter V 1.4.0 --> "C:\mp3wma converter\Free Audio Pack\unins000.exe"
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
NCH Toolbox Uninstall --> C:\Program Files\NCH Swift Sound\ToolBox\uninst.exe
Nero 8 --> MsiExec.exe /X{B944FA21-81AF-4A77-8328-CE4F4CC51043}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenAL --> "C:\Program Files\OpenAL\OpenALwEAX.exe" /U
Philips Device Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{36A9D3F8-3FCF-4FBA-A8AD-3C1CE56C8AF4}\setup.exe" -l0x13 -removeonly
PowerISO --> "C:\Program Files\PowerISO\uninstall.exe"
Prism --> C:\Program Files\NCH Software\Prism\uninst.exe
Qlikworld NewsReader 2007 --> MsiExec.exe /X{071F3745-E389-4345-86DF-E80B55446FCE}
QuickTime --> MsiExec.exe /I{E0D51394-1D45-460A-B62D-383BC4F8B335}
Registry Mechanic 6.0 --> "G:\scanners\Registry Mechanic\unins000.exe"
Rise of Nations --> "G:\Microsoft Games\Rise of Nations\Uninstal.exe" /runtemp /uninstall
SAGEM [email protected] 800-840 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4AE3A0CB-87B0-4F51-BECD-3D1F8DFDD62F}\setup.exe" -l0x9
SoulSeek Client 156c --> "G:\Soulseek\uninstall.exe"
SpeechRedist --> MsiExec.exe /X{8795CBED-55E2-4693-9F14-84EC446935BE}
Spybot - Search & Destroy 1.4 --> "G:\scanners\Spybot - Search & Destroy\unins000.exe"
SubSync --> C:\WINDOWS\st6unst.exe -n "G:\SubSynch\ST6UNST.LOG"
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
TeamSpeak 2 RC2 --> G:\Teamspeak\Teamspeak2_RC2\unins000.exe
TI Connect 1.6 --> MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
TrackMania Nations ESWC 1.7.9 --> "G:\TmNationsESWC_Setup\unins000.exe"
trakAxPC --> MsiExec.exe /I{ABBA0799-F982-414C-9A8B-17EB03D39677}
Unreal Tournament 2004 --> C:\UT2004\System\Setup.exe uninstall "UT2004"
Update voor Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update voor Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update voor Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update voor Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update voor Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update voor Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update voor Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update voor Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update voor Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Update voor Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update voor Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Update voor Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Update voor Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update voor Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
Update voor Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows-stuurprogrammapakket - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) --> C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_6146A6DEFD56A6F22D3B8CB8AE891841F54CF20D\amdk8.inf
Windows Live Messenger --> MsiExec.exe /I{9816B8B8-4B53-4D3D-9235-AD931252001D}
Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Winrar\uninstall.exe
WM Converter 2.0 --> C:\Program Files\WM Converter\Uninstal.exe
Wolfenstein - Enemy Territory --> G:\WOLFEN~1\Uninstall\Unwise.exe /u G:\WOLFEN~1\Uninstall\Install.log
Worms 4 Mayhem --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{93515E6A-EE53-4A4B-BA65-94A026A363E2}\setup.exe" -l0x9 -removeonly
Xfire (remove only) --> "C:\Xfire\uninst.exe"

-- Application Event Log -------------------------------------------------------

Event Record #/Type10278 / Success
Event Submitted/Written: 01/31/2008 05:28:57 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type10269 / Success
Event Submitted/Written: 01/31/2008 05:11:59 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type10250 / Success
Event Submitted/Written: 01/30/2008 10:04:18 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type10241 / Error
Event Submitted/Written: 01/30/2008 08:29:01 PM
Event ID/Source: 1 / nview_info
Event Description:
NVIEW : Explorer: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

Event Record #/Type10240 / Error
Event Submitted/Written: 01/30/2008 08:19:29 PM
Event ID/Source: 1 / nview_info
Event Description:
NVIEW : iexplore: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event

-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.

-- System Event Log ------------------------------------------------------------

Event Record #/Type56864 / Error
Event Submitted/Written: 01/31/2008 05:35:34 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
De volgende opstartstuurprogramma's zijn niet geladen:
Aavmker4
AFD
AmdK8
asuskbnt
aswTdi
Fips
IPSec
MRxSmb
NetBIOS
NetBT
NPPTNT2
RasAcd
Rdbss
SASKUTIL
SCDEmu
Tcpip
Tcpip6
vmm
WS2IFSL

Event Record #/Type56863 / Error
Event Submitted/Written: 01/31/2008 05:35:34 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
De IPSEC-services-service is afhankelijk van de IPSEC-stuurprogramma-service, die vanwege de volgende fout niet kan worden gestart:
%%31

Event Record #/Type56862 / Error
Event Submitted/Written: 01/31/2008 05:35:34 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
De ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##-service is afhankelijk van de Stuurprogramma voor TCP/IP-protocol-service, die vanwege de volgende fout niet kan worden gestart:
%%31

Event Record #/Type56861 / Error
Event Submitted/Written: 01/31/2008 05:35:34 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
De Apple Mobile Device-service is afhankelijk van de Stuurprogramma voor TCP/IP-protocol-service, die vanwege de volgende fout niet kan worden gestart:
%%31

Event Record #/Type56860 / Error
Event Submitted/Written: 01/31/2008 05:35:34 PM
Event ID/Source: 7001 / Service Control Manager
Event Description:
De IPv6-hulpservice-service is afhankelijk van de Microsoft IPv6-protocolstuurprogramma-service, die vanwege de volgende fout niet kan worden gestart:
%%31

-- End of Deckard's System Scanner: finished at 2008-01-31 17:38:22 ------------

**smeenk** · 31-01-08, 18:51

Draai RVAXO even op alle accounts waar je deze bureaubladproblemen nog hebt(logjes van RVAXO posten hoeft niet)

Post daarna nog het nieuwe logje van Deckard's System Scanner(main.txt)

**TheSubways** · 31-01-08, 20:21

Ok, ik heb gescand op mijn account en mijn bureaublad is terug in orde, bedankt ^^ hier is de log. Alvast bedankt voor het helpen allemaal!

Deckard's System Scanner v20071014.68
Run by Kevin on 2008-01-31 20:15:50
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 3.59 GiB (less than 15%) free.

-- HijackThis (run as Kevin.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:15:57, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
G:\BurnQuick\mdf acohol player\Alcohol 52\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
G:\3wplayer\quicktime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
G:\Program Files\Launchy\Launchy.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Kevin\Bureaublad\dss.exe
G:\PROGRA~1\TRENDM~1\HIJACK~1\Kevin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - G:\Bitcomet\Bitcomet 0.82\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\scanners\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "G:\3wplayer\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
O4 - Global Startup: Launchy.lnk = G:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all links using BitComet - res://G:\Bitcomet\Bitcomet 0.82\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://G:\Bitcomet\Bitcomet 0.82\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://G:\Bitcomet\Bitcomet 0.82\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\OFFICE~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kencuppens.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A7A81F2B-BB4D-8BA6-D952-BDAC3060A4E1} - http://performanceoptimizer.com/files/PerformanceOptimizerPre_Installer.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://veralindita.com/video/h263ctrl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9F0BE3B-F8CB-48B1-836C-1253664EFE65}: NameServer = 82.126.126.241
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - G:\BurnQuick\mdf acohol player\Alcohol 52\StarWind\StarWindService.exe

--
End of file - 10299 bytes

-- Files created between 2007-12-31 and 2008-01-31 -----------------------------

2008-01-31 20:05:19 0 d-------- C:\RVAXO
2008-01-31 17:18:28 647386 --a------ C:\WINDOWS\system32\RVAXO.bat
2008-01-31 17:18:28 69632 --a------ C:\WINDOWS\system32\remove.exe
2008-01-31 16:40:01 0 dr-h----- C:\Documents and Settings\Ken\Onlangs geopend
2008-01-30 19:13:04 0 d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2008-01-30 19:12:22 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-01-30 17:12:52 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-30 17:12:52 0 d-------- C:\Documents and Settings\Kevin\Application Data\Vso
2008-01-30 17:12:52 47360 --a------ C:\Documents and Settings\Kevin\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-01-30 17:12:50 217127 --a------ C:\WINDOWS\system32\drv43260.dll <Not Verified; RealNetworks, Inc.; RealVideo 9 (32-bit)>
2008-01-30 17:12:50 208935 --a------ C:\WINDOWS\system32\drv33260.dll <Not Verified; RealNetworks, Inc.; RealVideo 8 (32-bit)>
2008-01-30 17:12:50 176165 --a------ C:\WINDOWS\system32\drv23260.dll <Not Verified; RealNetworks, Inc.; RealVideo G2 (32-bit)>
2008-01-30 17:12:50 0 d-------- C:\Program Files\vso
2008-01-21 17:25:27 0 d-------- C:\Program Files\Bonjour
2008-01-21 17:18:50 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-01-21 17:10:31 0 d-------- C:\Documents and Settings\Kevin\Application Data\HighAndes
2008-01-21 17:10:31 0 d-------- C:\Documents and Settings\All Users\Application Data\HighAndes
2008-01-20 13:39:01 0 d-------- C:\Documents and Settings\Kevin\Application Data\Qlikworld
2008-01-19 13:21:02 0 dr-h----- C:\Documents and Settings\Kevin\Onlangs geopend
2008-01-07 18:26:54 0 d-------- C:\Program Files\Common Files\L&H
2008-01-07 18:26:33 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-01-07 18:25:50 0 d-------- C:\Program Files\Microsoft Works
2008-01-07 18:25:24 0 d-------- C:\WINDOWS\SHELLNEW
2008-01-07 18:25:15 0 d-------- C:\Program Files\Microsoft.NET
2008-01-07 16:33:53 0 d-------- C:\Program Files\uTorrent
2008-01-07 16:33:44 0 d-------- C:\Documents and Settings\Ken\Application Data\uTorrent

-- Find3M Report ---------------------------------------------------------------

2008-01-30 17:12:58 34 --a------ C:\Documents and Settings\Kevin\Application Data\pcouffin.log
2008-01-30 17:12:52 1144 --a------ C:\Documents and Settings\Kevin\Application Data\pcouffin.inf
2008-01-30 17:12:52 7887 --a------ C:\Documents and Settings\Kevin\Application Data\pcouffin.cat
2008-01-30 17:07:30 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-01-30 17:01:11 0 d-------- C:\Documents and Settings\Kevin\Application Data\Xfire
2008-01-29 19:08:48 0 d-------- C:\Documents and Settings\Kevin\Application Data\uTorrent
2008-01-29 17:34:29 0 d-------- C:\Program Files\Common Files
2008-01-26 16:24:26 0 d-------- C:\Documents and Settings\Kevin\Application Data\LimeWire
2008-01-21 17:26:09 0 d-------- C:\Documents and Settings\Kevin\Application Data\Adobe
2008-01-21 17:23:20 0 d-------- C:\Program Files\Common Files\Adobe
2008-01-12 10:57:23 0 d-------- C:\Program Files\Messenger Plus! Live
2008-01-12 10:57:22 0 d-------- C:\Program Files\MSN Messenger
2008-01-07 22:57:09 470192 --a------ C:\WINDOWS\system32\perfh013.dat
2008-01-07 22:57:09 82706 --a------ C:\WINDOWS\system32\perfc013.dat
2007-12-30 11:49:24 0 d-------- C:\Program Files\CyberQix
2007-12-30 11:46:37 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-12-24 21:44:48 0 d-------- C:\Program Files\Yahoo!
2007-12-24 12:02:50 0 d-------- C:\Documents and Settings\Kevin\Application Data\Launchy
2007-12-20 10:46:41 0 d-------- C:\Documents and Settings\Kevin\Application Data\Xfire Plus
2007-12-19 22:52:28 0 d-------- C:\Program Files\iTunes
2007-12-19 22:52:18 0 d-------- C:\Program Files\iPod
2007-12-17 17:00:29 0 d-------- C:\Program Files\MSXML 6.0
2007-12-16 09:48:10 4251 --a------ C:\WINDOWS\mozver.dat
2007-12-16 09:36:16 0 --a------ C:\autoexec.bat
2007-12-07 18:17:28 0 d-------- C:\Documents and Settings\Kevin\Application Data\Hamachi
2007-12-02 13:11:10 0 d-------- C:\Program Files\InterActual
2007-12-02 13:10:03 0 d-------- C:\Program Files\NCH Swift Sound
2007-12-01 17:27:19 0 d-------- C:\Documents and Settings\Kevin\Application Data\Nero
2007-12-01 17:26:23 0 d-------- C:\Program Files\Common Files\Nero
2007-12-01 17:24:39 0 d-------- C:\Program Files\Nero

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14/03/2007 02:43]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [04/10/2007 17:14]
"SoundMan"="SOUNDMAN.EXE" [22/07/2005 08:00 C:\WINDOWS\SOUNDMAN.EXE]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [04/12/2007 14:00]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [28/03/2002 10:44]
"PhilipsDM"="C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe" [28/09/2006 09:32]
"nwiz"="nwiz.exe" [04/10/2007 17:14 C:\WINDOWS\system32\nwiz.exe]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [31/10/2003 18:42]
"SchedulingAgent"="mstinit.exe" [04/08/2004 01:03 C:\WINDOWS\system32\mstinit.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [14/12/2004 17:19]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [14/12/2004 17:57]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [14/12/2004 17:51]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [20/09/2007 09:51]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [04/10/2007 17:14]
"QuickTime Task"="G:\3wplayer\quicktime\QTTask.exe" [11/12/2007 10:56]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/12/2007 12:10]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 01:03]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [20/09/2007 15:35]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe [11/03/2007 11:09:36]
Launchy.lnk - G:\Program Files\Launchy\Launchy.exe [24/12/2007 12:01:28]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [21/01/2000 9:15:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
C:\Program Files\ASUS\SmartDoctor\\SmartDoctor.exe /start

-- End of Deckard's System Scanner: finished at 2008-01-31 20:16:16 ------------

**smeenk** · 01-02-08, 17:49

Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
Dit zal alles van RVAXO doen verwijderen.

Je Java software is verouderd.
Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.
Doe eerst deze stappen om Java te de-installeren en de nieuwere versie te installeren:

Download Java Runtime Environment (JRE) 6u4 en bewaar het naar je Bureaublad.
Sluit alle programma's die eventueel open zijn - Zeker je web browser!
Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
Vink alles aan met Java Runtime Environment (JRE of J2SE) in de naam.
Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
Herhaal dit tot alle oudere versies verdwenen zijn.
Na het verwijderen van alle oudere versies, herstart je pc.
Dubbelklik vervolgens op jre-6u4-windows-i586-p.exe op je Bureaublad om de nieuwste versie van Java te installeren.

Download ATF cleaner (mirror)(gemaakt door Atribune)

Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

Dubbelklik op ATF cleaner om het programma te starten.
Op het tabblad "Main", plaats je een vinkje bij Select All.
Klik op de knop Empty Selected.

Het volgende doen als je ook FireFox als browser hebt:
Klik op tabblad "Firefox", plaats een vinkje bij Select All.
Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
(dit haalt het vinkje weer weg bij "Firefox saved passwords")
Klik op de knop Empty Selected.

Het volgende doen als je ook Opera als browser hebt:
Klik op tabblad "Opera", plaats een vinkje bij Select All.
Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
Klik op de knop Empty Selected.
Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
Kijk hier hoe je je systeemherstel moet uitschakelen.
Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

Post als laatste nog een nieuw logje van Hijackthis ter controle

**TheSubways** · 02-02-08, 12:59

Bedankt voor al je hulp! De pc loopt weer als tevoren ^^
Hier is nog m'n HiJackThis logje!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:57:55, on 2/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
G:\BurnQuick\mdf acohol player\Alcohol 52\StarWind\StarWindService.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
G:\3wplayer\quicktime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
G:\Program Files\Launchy\Launchy.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - G:\Bitcomet\Bitcomet 0.82\tools\BitCometBHO.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\scanners\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SchedulingAgent] mstinit.exe /firstlogon
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "G:\3wplayer\quicktime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM [email protected] 800-840\dslmon.exe
O4 - Global Startup: Launchy.lnk = G:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Download all links using BitComet - res://G:\Bitcomet\Bitcomet 0.82\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://G:\Bitcomet\Bitcomet 0.82\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://G:\Bitcomet\Bitcomet 0.82\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\OFFICE~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\OFFICE~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O10 - Unknown file in Winsock LSP: xfire_lsp_9028.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://kencuppens.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A7A81F2B-BB4D-8BA6-D952-BDAC3060A4E1} - http://performanceoptimizer.com/files/PerformanceOptimizerPre_Installer.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) - http://veralindita.com/video/h263ctrl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game05.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C95F1E13-0FEC-4B66-A51F-62E4244F0C3E}: NameServer = 83.143.245.36 83.143.245.37
O17 - HKLM\System\CCS\Services\Tcpip\..\{D9F0BE3B-F8CB-48B1-836C-1253664EFE65}: NameServer = 82.126.126.241
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - G:\BurnQuick\mdf acohol player\Alcohol 52\StarWind\StarWindService.exe

--
End of file - 10439 bytes

**smeenk** · 02-02-08, 13:00

Graag gedaan hoor

Logje ziet er ook weer prima uit

Mededeling

Your Privacy...

Your Privacy...

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment