Mededeling

Collapse
No announcement yet.

worm.win 32 Netsky

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • worm.win 32 Netsky

    Verplaatst Geïnfecteerd --->>> Hijackthis logs.

    hoi,

    kan iemand me helpen, mijn computer is geinfecteerd, krijg steeds pop ups. het is een worm.win 32 Netsky probleem

    dit is het hujackthis logje:

    Logfile of HijackThis v1.99.1
    Scan saved at 20:00:32, on 21/02/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\WLTRYSVC.EXE
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
    C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
    C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
    C:\Program Files\Winamp\Winampa.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\PDF Maker Pilot Demo\pmpagentd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\hijackthis\hijackthis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe7\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
    O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
    O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [PDF Maker Pilot (demo) printing agent] "C:\Program Files\PDF Maker Pilot Demo\pmpagentd.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe7\Reader\reader_sl.exe
    O4 - Global Startup: hp psc 1000 series.lnk = ?
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jerre3300.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) - http://67.15.101.3/g_bin/eng/billardt_2_0_0_28.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O21 - SSODL: admgcx - {214CAE97-5FBC-4C78-9193-91D7EBCEB4BF} - C:\WINDOWS\admgcx.dll
    O21 - SSODL: bdmanager - {F9FCE90B-1DE0-4E10-B744-8EBE8543AFC2} - C:\WINDOWS\bdmanager.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
    O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
    O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

    kan iemand me helpen, ben dinsdag pas terug thuis.

    mvg,

    Joris
    Last edited by Crash; 21-02-08, 20:17.

  • #2
    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.
    Download Deckard's System Scanner naar je Bureaublad.
    • Sluit alle toepassingen en vensters.
    • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
    • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
    • Kopiëer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

    Comment


    • #3
      volgende logs:


      ---RVAXO.exe Updated: 2008-02-26---first run---
      Uninstallers:

      Files found:
      C:\WINDOWS\fsxloqf.exe
      C:\WINDOWS\system32\winpfz32.sys
      C:\WINDOWS\system32\zxdnt3d.cfg
      C:\WINDOWS\system32\msnav32.ax
      C:\WINDOWS\admgcx.dll
      C:\WINDOWS\bdmanager.dll
      C:\WINDOWS\emotigt.dll
      C:\Documents and Settings\Jerre\Bureau~1\Error Cleaner.url
      C:\Documents and Settings\Jerre\Bureau~1\Spyware&Malware Protection.url
      C:\Documents and Settings\Jerre\Bureau~1\Privacy Protector.url
      C:\Documents and Settings\Jerre\FAVORI~1\Error Cleaner.url
      C:\Documents and Settings\Jerre\FAVORI~1\Privacy Protector.url
      C:\Documents and Settings\Jerre\FAVORI~1\Spyware&Malware Protection.url

      Folders Found:
      C:\Program Files\PlayMP3z
      C:\Program Files\mediapipe
      C:\Program Files\ContextTool

      Hosts-file was reset, If you use a custom hosts file please replace it...

      volgende log:

      Deckard's System Scanner v20071014.68
      Run by Jerre on 2008-02-26 19:59:29
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------

      -- System Restore --------------------------------------------------------------

      Successfully created a Deckard's System Scanner Restore Point.


      -- Last 5 Restore Point(s) --
      21: 2008-02-26 18:59:52 UTC - RP383 - Deckard's System Scanner Restore Point
      20: 2008-02-26 18:42:13 UTC - RP382 - Software Distribution Service 3.0
      19: 2008-02-20 18:11:30 UTC - RP381 - Software Distribution Service 3.0
      18: 2008-02-19 18:13:40 UTC - RP380 - Software Distribution Service 3.0
      17: 2008-02-14 18:21:54 UTC - RP379 - Software Distribution Service 3.0


      -- First Restore Point --
      1: 2007-12-20 18:20:54 UTC - RP363 - Software Distribution Service 3.0


      Backed up registry hives.
      Performed disk cleanup.

      Total Physical Memory: 255 MiB (512 MiB recommended).
      System Drive C: has 1.19 GiB (less than 15%) free.


      -- HijackThis (run as Jerre.exe) -----------------------------------------------

      Unable to find log (file not found); running clone.
      -- HijackThis Clone ------------------------------------------------------------


      Emulating logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 2008-02-26 20:02:42
      Platform: Windows XP Service Pack 2 (5.01.2600)
      MSIE: Internet Explorer (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\system32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Windows Defender\MsMpEng.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\explorer.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
      C:\Program Files\Network Associates\VirusScan\Mcshield.exe
      C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
      C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\WLTRYSVC.EXE
      C:\WINDOWS\system32\BCMWLTRY.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Network Associates\VirusScan\shstat.exe
      C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
      C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
      C:\Program Files\Winamp\winampa.exe
      C:\Program Files\Microsoft IntelliType Pro\type32.exe
      C:\Program Files\Microsoft IntelliPoint\point32.exe
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\Program Files\PDF Maker Pilot Demo\pmpagentd.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
      C:\WINDOWS\system32\msiexec.exe
      C:\Program Files\Common Files\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Documents and Settings\Jerre\Bureaublad\dss.exe
      C:\WINDOWS\system32\notepad.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
      R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.com/search?q=%s
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = iexplore
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
      R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
      R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe7\ActiveX\AcroIEHelper.dll
      O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
      O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
      O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
      O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
      O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
      O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
      O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [PDF Maker Pilot (demo) printing agent] "C:\Program Files\PDF Maker Pilot Demo\pmpagentd.exe"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
      O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /Minimized
      O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe7\Reader\reader_sl.exe
      O4 - Global Startup: hp psc 1000 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://jerre3300.spaces.live.com//PhotoUpload/MsnPUpld.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) - http://67.15.101.3/g_bin/eng/billardt_2_0_0_28.cab
      O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
      O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
      O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - (no file)
      O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll
      O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL
      O21 - SSODL: admgcx - {214CAE97-5FBC-4C78-9193-91D7EBCEB4BF} - C:\WINDOWS\admgcx.dll (file missing)
      O21 - SSODL: bdmanager - {F9FCE90B-1DE0-4E10-B744-8EBE8543AFC2} - C:\WINDOWS\bdmanager.dll (file missing)
      O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
      O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
      O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
      O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: U.S. Robotics Wireless LAN Service (wltrysvc) - Unknown owner - C:\WINDOWS\system32\WLTRYSVC.EXE


      --
      End of file - 8497 bytes

      -- HijackThis Fixed Entries (C:\HIJACK~1\backups\) -----------------------------

      backup-20051227-150647-151 O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - C:\WINDOWS\system32\hp7AFD.tmp
      backup-20051227-150647-225 O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\msntb.dll (file missing)
      backup-20060601-202206-436 O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:\Program Files\MySearch\SrchAstt\1.bin\MYSRCHAS.DLL
      backup-20060601-202206-643 O2 - BHO: My Search BHO - {014DA6C1-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
      backup-20060601-202207-335 O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - (no file)
      backup-20060601-202207-483 O3 - Toolbar: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - (no file)
      backup-20060601-202207-510 O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
      backup-20060601-202207-774 O8 - Extra context menu item: &Search - http://bar.mytotalsearch.com/menusearch.html?p=CPXXXXXX59
      backup-20060601-202207-934 O3 - Toolbar: My Search Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
      backup-20070105-134510-174 O2 - BHO: RunBus Class - {4865F155-CE00-4E93-A414-147844D7C81A} - C:\WINDOWS\system32\tcblmapg.dll
      backup-20070105-134511-563 O2 - BHO: mycpmads.com Browser Optimizer - {582FDCF0-A82E-4fc1-A6F6-0D2F36881F63} - C:\WINDOWS\system32\br_rt.dll
      backup-20070105-134514-116 O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\owinpoed.exe
      backup-20070105-134514-120 O4 - HKLM\..\Run: [adstart] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\br_rt.dll" DllVerify
      backup-20070105-134514-334 O4 - HKCU\..\Run: [Chckup] C:\WINDOWS\system32\Netverchk.exe
      backup-20070105-134514-590 O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\owinpoed.exe CHA001
      backup-20070105-134514-722 O2 - BHO: ohb Class - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\SearchTool\nsy41C.dll

      -- File Associations -----------------------------------------------------------

      .js - JSFile - DefaultIcon - C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe,2
      .js - JSFile - shell\open\command - "C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"


      -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

      R1 AFS2K - c:\windows\system32\drivers\afs2k.sys <Not Verified; Oak Technology Inc.; AFS>
      R1 crlscsi - c:\windows\system32\drivers\crlscsi.sys <Not Verified; Corel Corporation; Corel TWAIN>
      R1 NaiAvTdi1 - c:\windows\system32\drivers\mvstdi5x.sys <Not Verified; Network Associates, Inc.; VirusScan>
      R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.2.0.3) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.2.0.3>
      R2 cvintdrv - c:\windows\system32\drivers\cvintdrv.sys
      R3 EntDrv51 - c:\windows\system32\drivers\entdrv51.sys <Not Verified; Network Associates, Inc; Virus Scan Enterprise, Entercept>
      R3 NaiAvFilter1 - c:\windows\system32\drivers\naiavf5x.sys <Not Verified; Network Associates, Inc.; VirusScan>
      R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus(R) ASPI Shell>

      S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)
      S3 PCASp50 (PCASp50 NDIS Protocol Driver) - c:\windows\system32\drivers\pcasp50.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
      S3 PCTINDIS5 (PCTINDIS5 NDIS Protocol Driver) - c:\windows\system32\pctindis5.sys <Not Verified; PCTEL Inc.; PCTEL Rawether for Windows>
      S3 pohci13F - c:\docume~1\jerre\locals~1\temp\pohci13f.sys (file missing)


      -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

      R2 McAfeeFramework (McAfee Framework Service) - c:\program files\network associates\common framework\frameworkservice.exe /servicestart <Not Verified; Network Associates, Inc.; McAfee Common Framework>
      R2 McTaskManager (Network Associates Task Manager) - "c:\program files\network associates\virusscan\vstskmgr.exe" <Not Verified; Network Associates, Inc.; VirusScan Enterprise>


      -- Device Manager: Disabled ----------------------------------------------------

      No disabled devices found.


      -- Scheduled Tasks -------------------------------------------------------------

      2008-02-26 19:51:18 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job
      2005-01-10 19:19:44 342 --a------ C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1096901963.job


      -- Files created between 2008-01-26 and 2008-02-26 -----------------------------

      2008-02-26 19:54:12 0 dr-h----- C:\Documents and Settings\Jerre\Onlangs geopend
      2008-02-26 19:47:29 12 --a------ C:\WINDOWS\system32\rvaxo-del.bat
      2008-02-26 19:43:18 145343 --a------ C:\RVAXO.reg
      2008-02-26 19:42:36 0 d-------- C:\RVAXO
      2008-02-26 19:41:38 718788 --a------ C:\WINDOWS\system32\RVAXO.bat
      2008-02-26 19:41:36 69632 --a------ C:\WINDOWS\system32\remove.exe
      2008-02-21 19:04:32 0 d-------- C:\Documents and Settings\Jerre\Application Data\Malwarebytes
      2008-02-21 19:03:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-02-21 19:02:53 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
      2008-02-21 18:59:58 0 d-------- C:\Program Files\Common Files\Download Manager


      -- Find3M Report ---------------------------------------------------------------

      2008-02-21 18:59:58 0 d-a------ C:\Program Files\Common Files
      2008-02-19 20:36:37 0 d-------- C:\Documents and Settings\Jerre\Application Data\Adobe


      -- Registry Dump ---------------------------------------------------------------

      *Note* empty entries & legit default entries are not shown


      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
      C:\Program Files\ContextTool\ContextTool-2.dll

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [22/09/2004 20:00]
      "McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [06/08/2004 03:50]
      "Network Associates Error Reporting Service"="C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe" [07/10/2003 09:48]
      "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [04/01/2006 15:11]
      "type32"="C:\Program Files\Microsoft IntelliType Pro\type32.exe" [03/06/2004 09:51]
      "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [03/06/2004 09:50]
      "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [03/11/2006 18:20]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11]
      "PDF Maker Pilot (demo) printing agent"="C:\Program Files\PDF Maker Pilot Demo\pmpagentd.exe" [24/01/2007 15:57]

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 09:03]
      "ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [13/07/2007 10:10]
      "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [09/08/2005 18:14]

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
      "DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
      Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe7\Reader\reader_sl.exe [23/09/2005 21:05:26]
      hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [6/04/2003 0:17:18]
      hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [6/04/2003 0:06:58]
      Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 10:01:04]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
      "admgcx"= {214CAE97-5FBC-4C78-9193-91D7EBCEB4BF} - C:\WINDOWS\admgcx.dll [ ]
      "bdmanager"= {F9FCE90B-1DE0-4E10-B744-8EBE8543AFC2} - C:\WINDOWS\bdmanager.dll [ ]

      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
      SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
      @="Service"

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
      @="Volume shadow copy"

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UNILEX]



      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9064fc43-348d-11d8-ba03-806d6172696f}]
      AutoRun\command- D:\start.exe




      -- End of Deckard's System Scanner: finished at 2008-02-26 20:06:53 ------------


      alvast bedankt voor de hulp

      jerre

      Comment


      • #4
        was nog een extra ding bij:


        Deckard's System Scanner v20071014.68
        Extra logfile - please post this as an attachment with your post.
        --------------------------------------------------------------------------------

        -- System Information ----------------------------------------------------------

        Microsoft Windows XP Professional (build 2600) SP 2.0
        Architecture: X86; Language: Dutch

        CPU 0: Intel Pentium III-processor
        Percentage of Memory in Use: 67%
        Physical Memory (total/avail): 254.48 MiB / 83.34 MiB
        Pagefile Memory (total/avail): 441.23 MiB / 114.09 MiB
        Virtual Memory (total/avail): 2047.88 MiB / 1940.77 MiB

        A: is Removable (No Media)
        C: is Fixed (NTFS) - 9.53 GiB total, 1.19 GiB free.
        D: is CDROM (CDFS)
        E: is CDROM (No Media)

        \\.\PHYSICALDRIVE0 - Maxtor 31024H1 - 9.54 GiB - 1 partition
        \PARTITION0 (bootable) - Installable File System - 9.53 GiB - C:



        -- Security Center -------------------------------------------------------------

        AUOptions is scheduled to auto-install.
        Windows Internal Firewall is enabled.

        AntivirusOverride is set.


        [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
        "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
        "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
        "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

        [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
        "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
        "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
        "C:\\Program Files\\p2pnetworks\\p2pnetworks.exe"="C:\\Program Files\\p2pnetworks\\p2pnetworks.exe:*:Enabled:P2PNetworks"
        "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
        "C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*isabled:BitLord"
        "C:\\Program Files\\Microprose\\Grand Prix 3\\GP3.ICD"="C:\\Program Files\\Microprose\\Grand Prix 3\\GP3.ICD:*:Enabled:GP3"
        "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*isabled:RealPlayer"
        "C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
        "C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
        "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
        "C:\\Documents and Settings\\Jerre\\Local Settings\\Temp\\wxpServer.exe"="C:\\Documents and Settings\\Jerre\\Local Settings\\Temp\\wxpServer.exe:*isabled:wxpServer"
        "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
        "D:\\Grand Prix 3\\GP3.ICD"="D:\\Grand Prix 3\\GP3.ICD:*:Enabled:GP3"
        "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
        "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"


        -- Environment Variables -------------------------------------------------------

        ALLUSERSPROFILE=C:\Documents and Settings\All Users
        APPDATA=C:\Documents and Settings\Jerre\Application Data
        CLIENTNAME=Console
        CommonProgramFiles=C:\Program Files\Common Files
        COMPUTERNAME=COMPKE
        ComSpec=C:\WINDOWS\system32\cmd.exe
        DEFAULT_CA_NR=CA6
        FP_NO_HOST_CHECK=NO
        HOMEDRIVE=C:
        HOMEPATH=\Documents and Settings\Jerre
        LOGONSERVER=\\COMPKE
        NUMBER_OF_PROCESSORS=1
        OS=Windows_NT
        Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Teleca Shared
        PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
        PROCESSOR_ARCHITECTURE=x86
        PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 3, GenuineIntel
        PROCESSOR_LEVEL=6
        PROCESSOR_REVISION=0803
        ProgramFiles=C:\Program Files
        PROMPT=$P$G
        SESSIONNAME=Console
        SystemDrive=C:
        SystemRoot=C:\WINDOWS
        TEMP=C:\DOCUME~1\Jerre\LOCALS~1\Temp
        TMP=C:\DOCUME~1\Jerre\LOCALS~1\Temp
        USERDOMAIN=COMPKE
        USERNAME=Jerre
        USERPROFILE=C:\Documents and Settings\Jerre
        windir=C:\WINDOWS


        -- User Profiles ---------------------------------------------------------------

        Jerre (admin)


        -- Add/Remove Programs ---------------------------------------------------------

        --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
        Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
        Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
        Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
        Adobe Reader 7.0.7 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70700000002}
        Aegisub 1.10 (Remove Only) --> C:\Program Files\Aegisub\Uninstall.exe
        Al Unser Jr Arcade Racing Version 1.0.0 --> C:\WINDOWS\uninst.exe -f"C:\Al Unser Jr Arcade Racing\DeIsL1.isu"
        AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
        Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB904706) -->
        Beveiligingsupdate voor Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB937143) --> "C:\WINDOWS\$NtUninstallKB937143$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
        Beveiligingsupdate voor Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
        BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe
        CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
        Chem 4-D Demo --> MsiExec.exe /I{1AA15715-5349-4351-8A5B-1A06E892A96D}
        Commando --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Eidos Interactive\Pyro\Commandos\DeIsL1.isu"
        ContextTool --> C:\Program Files\ContextTool\uninstall.exe
        Cool MP3 Splitter 2.2 --> "C:\Program Files\Cool MP3 Splitter\unins000.exe"
        Corel Applications --> C:\WINDOWS\COREL\UNINSTAL.EXE
        CueClub --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\Real\RealGames\CueClub\setup.exe"
        CutePDF Writer 2.7 --> C:\Program Files\Acro Software\CutePDF Writer\uninscpw.exe /uninstall
        DAEMON Tools --> MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
        Digital Locker-Assistent --> MsiExec.exe /I{D01653EF-9F9F-41D6-B879-654A6BF5892C}
        DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
        DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
        Dziobas Rar Player 0.007PL --> "C:\Program Files\Dziobas Rar Player\unins000.exe"
        ffdshow (remove only) --> "C:\Program Files\ffdshow\uninstall.exe"
        GOM Player --> "C:\Program Files\GRETECH\GomPlayer\Uninstall.exe"
        HijackThis 1.99.1 --> C:\hijackthis\HijackThis.exe /uninstall
        Hitman Pro --> "C:\Program Files\Hitman Pro\unins000.exe"
        Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
        HP-software voor foto- en beeldbewerking 2.0 - All-in-One --> MsiExec.exe /X{9867A917-5D17-40DE-83BA-BEA5293194B1}
        HP-software voor foto- en beeldbewerking 2.0 - All-in-One stuurprogramma --> MsiExec.exe /X{6ECB39BD-73C2-44DD-B1A0-898207C58D8B}
        HP-software voor foto- en beeldbewerking 2.0 - HP psc 1200 --> C:\Program Files\Hewlett-Packard\Digital Imaging\{7C8BB31C-E09E-4c7d-BBF1-45E33B467FE1}\Setup\hpzscr01.exe -datfile hposcr02.dat -forcereboot
        HP Memories Disc --> MsiExec.exe /X{B376402D-58EA-45EA-BD50-DD924EB67A70}
        hp psc 1200 series --> MsiExec.exe /X{C900EF06-2E76-49C7-8DB0-41F629B21DC5}
        hp psc 1200 series --> rundll32 hpzcon07.dll,VendorJettison hp psc 1200 series
        Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
        Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
        Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
        Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
        LimeWire 4.10.9 --> "C:\Program Files\LimeWire\uninstall.exe"
        Macromedia Dreamweaver MX 2004 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{05BB2EC5-6BEF-4DDC-9E75-BEE7B161157A}\Setup.exe" -l0x9 mmUninstall
        Macromedia Extension Manager --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5BA14E0-7384-11D4-BAE7-00409631A2C8}\setup.exe" -l0x9 mmUninstall
        Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
        McAfee VirusScan Enterprise --> MsiExec.exe /I{5F022479-B394-4E6A-9823-8DC4176DB4EF}
        Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
        Microsoft Office XP Professional --> MsiExec.exe /I{90110413-6000-11D3-8CFE-0050048383C9}
        Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
        Mozilla Firefox (2.0.0.12) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
        MSN Toolbar --> C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\nl-be\mtbs.exe c
        MyCPMAds Browser Optimizer --> C:\WINDOWS\system32\br_rt-uninst.exe
        Panda ActiveScan --> C:\WINDOWS\system32\ASUninst.exe Panda ActiveScan
        PC Camera (6009 CIF) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A5B3028F-6845-48A6-A46E-77A716B57537}\Setup.exe" -l0x9
        PDF Maker Pilot Demo version 1.29.02 --> "C:\Program Files\PDF Maker Pilot Demo\unins000.exe"
        PlayMP3z --> C:\Program Files\PlayMP3z\uninstall.exe
        QuickTime Alternative 1.69 --> "C:\Program Files\QuickTime Alternative\unins000.exe"
        Real Alternative 1.51 --> "C:\Program Files\Real Alternative\unins000.exe"
        Red Alert Windows 95 --> C:\WINDOWS\RAUNINST.EXE C:\WINDOWS\UNINST.EXE -fC:\WESTWOOD\REDALERT\DeIsL1.isu
        SmartCam CIF --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{54DC27A1-2708-421E-8915-119955DB3B92}\setup.exe" -l0x9
        Sony Ericsson Communication Center --> MsiExec.exe /X{3980C794-D40D-4E43-A59D-2D24F1380A25}
        Sony Ericsson PC Suite 1.10.36 --> MsiExec.exe /I{EE28E1DC-A319-4DFE-B8ED-BEE329D377A4}
        SpywareBlaster v3.5.1 --> "C:\Program Files\SpywareBlaster\unins000.exe"
        SUPER © Version 2007.bld.23 (July 4, 2007) --> C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
        U.S. Robotics Wireless MAXg Adapter --> C:\WINDOWS\system32\BCMWLU00.exe verbose
        Update voor Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
        Update voor Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
        Update voor Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
        Update voor Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
        Update voor Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
        Update voor Windows XP (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
        Update voor Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
        Update voor Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
        Update voor Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
        Update voor Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
        Update voor Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
        Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
        Update voor Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spuninst.exe"
        Update voor Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spuninst.exe"
        Winamp (Remove Only) --> "C:\Program Files\Winamp\Winamp.exe" /UNINSTALL
        Windows Defender --> MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
        Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
        Windows Live Messenger --> MsiExec.exe /I{9816B8B8-4B53-4D3D-9235-AD931252001D}
        Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
        Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
        WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
        WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
        Yahoo! Toolbar --> C:\PROGRA~1\Yahoo!\Common\unyt.exe


        -- Application Event Log -------------------------------------------------------

        Event Record #/Type1623 / Warning
        Event Submitted/Written: 02/26/2008 08:06:10 PM
        Event ID/Source: 257 / Alert Manager Event Interface
        Event Description:
        VirusScan Enterprise: Wordt geblokkeerd door gedragblokkeringsregel (regel bevindt zich in de waarschuwingsmodus) (alleen-waarschuwingsmodus). (van COMPKE IP-adres 192.168.1.3 gebruiker SYSTEM met behulp van VirusScan Enter 8.0 OAS)

        Event Record #/Type1622 / Warning
        Event Submitted/Written: 02/26/2008 08:06:10 PM
        Event ID/Source: 257 / Alert Manager Event Interface
        Event Description:
        VirusScan Enterprise: Wordt geblokkeerd door gedragblokkeringsregel (regel bevindt zich in de waarschuwingsmodus) (alleen-waarschuwingsmodus). (van COMPKE IP-adres 192.168.1.3 gebruiker SYSTEM met behulp van VirusScan Enter 8.0 OAS)

        Event Record #/Type1620 / Warning
        Event Submitted/Written: 02/26/2008 07:52:01 PM
        Event ID/Source: 257 / Alert Manager Event Interface
        Event Description:
        VirusScan Enterprise: Het scannen van C:\WINDOWS\system32\MRT.exe heeft te lang geduurd en wordt geannuleerd. De versie van het gebruikte scanprogramma is 5200 DAT-versie 5234. (van COMPKE IP-adres 192.168.1.3 gebruiker COMPKE met behulp van VirusScan Enter 8.0 OAS)

        Event Record #/Type1616 / Warning
        Event Submitted/Written: 02/26/2008 07:45:53 PM
        Event ID/Source: 1524 / Userenv
        Event Description:
        Windows kan het klassenregisterbestand niet uit het geheugen verwijderen omdat het momenteel door een andere toepassing of service wordt gebruikt. Het bestand wordt uit het geheugen verwijderd als het niet meer wordt gebruikt.

        Event Record #/Type1613 / Error
        Event Submitted/Written: 02/26/2008 07:30:25 PM
        Event ID/Source: 1008 / McLogEvent
        Event Description:
        De McShield-service is onverwachts beëindigd.

        Bekijk gebeurtenis 5019 of 5051 voor nadere gegevens.
        De McShield-service wordt over 5 seconden opnieuw gestart;



        -- Security Event Log ----------------------------------------------------------

        No Errors/Warnings found.


        -- System Event Log ------------------------------------------------------------

        Event Record #/Type46944 / Warning
        Event Submitted/Written: 02/26/2008 08:04:38 PM
        Event ID/Source: 3004 / WinDefend
        Event Description:
        %COMPKE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %COMPKE27 can't undo changes that you allow.

        For more information please see the following:
        %COMPKE275

        Scan ID: {DCA521DD-919A-4E6B-AEB2-DF9B697E38CE}

        User: COMPKE\Jerre

        Name: %COMPKE271

        ID: %COMPKE272

        Severity: 1.1.1593.05

        Category: 1.1.1593.06

        Path Found: %COMPKE276

        Alert Type: %COMPKE278

        Detection Type: 1.1.1593.02

        Event Record #/Type46943 / Warning
        Event Submitted/Written: 02/26/2008 08:04:38 PM
        Event ID/Source: 3004 / WinDefend
        Event Description:
        %COMPKE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %COMPKE27 can't undo changes that you allow.

        For more information please see the following:
        %COMPKE275

        Scan ID: {67941267-4789-4195-B4A5-8F93A79618E4}

        User: COMPKE\Jerre

        Name: %COMPKE271

        ID: %COMPKE272

        Severity: 1.1.1593.05

        Category: 1.1.1593.06

        Path Found: %COMPKE276

        Alert Type: %COMPKE278

        Detection Type: 1.1.1593.02

        Event Record #/Type46912 / Warning
        Event Submitted/Written: 02/26/2008 07:43:37 PM
        Event ID/Source: 3004 / WinDefend
        Event Description:
        %COMPKE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %COMPKE27 can't undo changes that you allow.

        For more information please see the following:
        %COMPKE275

        Scan ID: {8FBDB822-5864-4683-938B-CB8EB923CED5}

        User: COMPKE\Jerre

        Name: %COMPKE271

        ID: %COMPKE272

        Severity: 1.1.1593.05

        Category: 1.1.1593.06

        Path Found: %COMPKE276

        Alert Type: %COMPKE278

        Detection Type: 1.1.1593.02

        Event Record #/Type46909 / Warning
        Event Submitted/Written: 02/26/2008 07:42:01 PM
        Event ID/Source: 3004 / WinDefend
        Event Description:
        %COMPKE27 Real-Time Protection agent has detected changes. Microsoft recommends you analyze the software that made these changes for potential risks. You can use information about how these programs operate to choose whether to allow them to run or remove them from your computer. Allow changes only if you trust the program or the software publisher. %COMPKE27 can't undo changes that you allow.

        For more information please see the following:
        %COMPKE275

        Scan ID: {F022F61E-E9ED-4F17-B877-E5FF3431F094}

        User: COMPKE\Jerre

        Name: %COMPKE271

        ID: %COMPKE272

        Severity: 1.1.1593.05

        Category: 1.1.1593.06

        Path Found: %COMPKE276

        Alert Type: %COMPKE278

        Detection Type: 1.1.1593.02

        Event Record #/Type46903 / Error
        Event Submitted/Written: 02/26/2008 07:32:25 PM
        Event ID/Source: 10010 / DCOM
        Event Description:
        De server {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.



        -- End of Deckard's System Scanner: finished at 2008-02-26 20:06:53 ------------

        Comment


        • #5
          Zou je de PC even willen herstarten en na de herstart RVAXO nog een keer willen draaien?

          Post na de herstart het nieuwe logje van RVAXO

          Comment

          Sorry, you are not authorized to view this page
          Working...
          X