Mededeling

Collapse
No announcement yet.

Trojan Horse - Obfuskated

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Trojan Horse - Obfuskated

    Goede avond,
    sinds enige dagen vind de AVG Free Edition een 'trojan horse Downloader. Obfuskated'. Dagelijks wordt deze via AVG verwijderd & dagelijks wordt deze virus terug gevonden.

    Zoals aangeraden vindt u de gevraagde log. Hoe kan ik deze virus volledig verwijderen?

    Dank bij voorbaat,
    ves

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:46:12, on 16/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\All Users\Application Data\debgfcro\fapyjcps.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Telemeter 3.0\telemeter3.exe
    C:\Program Files\Philips ToUcam Camera\VProperty.exe
    C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
    C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
    C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
    C:\PROGRA~1\MICROS~3\rapimgr.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
    C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
    C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\SYSTEM32\taskmgr.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.pandora.be:8080
    O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - C:\WINDOWS\system32\nnnljhHX.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - (no file)
    O2 - BHO: (no name) - {54ACA0A7-5D26-4F3B-9D04-AFCB22A592ED} - C:\WINDOWS\system32\ljJBuvwU.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
    O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
    O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
    O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
    O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
    O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil9d.exe
    O4 - HKLM\..\Policies\Explorer\Run: [iRwxbN0her] C:\Documents and Settings\All Users\Application Data\debgfcro\fapyjcps.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: *.dexia.be
    O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mysteryville%202/Images/stg_drm.ocx
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://vespah.spaces.live.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100810975937
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://vespah.spaces.live.com/PhotoUpload/MsnPUpld.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://downloads.telenet.be/tisp/ols/fscax.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mysteryville%202/Images/armhelper.ocx
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553600000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
    O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://secure.securex.be/403/dwa7W.cab
    O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - http://www.plaxo.com/activex/plx_upldr-2k-xp.cab
    O20 - Winlogon Notify: nnnljhHX - nnnljhHX.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 10827 bytes
    Labels: Geen
    • Citaat
  • #2
    Start Hijackthis en vink alleen de volgende regels aan:
    O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - C:\WINDOWS\system32\nnnljhHX.dll (file missing)
    O2 - BHO: (no name) - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - (no file)
    O2 - BHO: (no name) - {54ACA0A7-5D26-4F3B-9D04-AFCB22A592ED} - C:\WINDOWS\system32\ljJBuvwU.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
    O4 - HKLM\..\Policies\Explorer\Run: [iRwxbN0her] C:\Documents and Settings\All Users\Application Data\debgfcro\fapyjcps.exe
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
    O20 - Winlogon Notify: nnnljhHX - nnnljhHX.dll (file missing)
    Sluit alle openstaande vensters(behalve Hijackthis) en klik op "Fix checked".

    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Start de computer in veilige modus.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.


    Download Deckard's System Scanner naar je Bureaublad.
    • Sluit alle toepassingen en vensters.
    • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
    • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
    • Kopieer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord evenals extra.txt.

    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)
    • Citaat

    Comment

    • #3
      Vervolg Trojan Horse - Obfuskated

      Goede avond,

      eerst & vooral dank je wel voor hulp.
      Hieronder de gevraagde logs:
      --------------
      RVAXO-results:
      ---RVAXO.exe Updated: 2008-04-16---first run---
      Uninstallers:

      Files found:
      C:\WINDOWS\system32\UwvuBJjl.ini2
      C:\WINDOWS\wininit.ini

      Folders Found:

      Hosts-file was reset, If you use a custom hosts file please replace it...

      --------------RVAXO.exe last run---------------
      Not deleted items:

      --------------RVAXO.exe finished----------------

      main.txt =
      Deckard's System Scanner v20071014.68
      Run by Christian on 2008-04-16 21:54:23
      Computer is in Normal Mode.
      --------------------------------------------------------------------------------

      -- System Restore --------------------------------------------------------------

      Successfully created a Deckard's System Scanner Restore Point.


      -- Last 5 Restore Point(s) --
      86: 2008-04-16 19:54:32 UTC - RP1046 - Deckard's System Scanner Restore Point
      85: 2008-04-15 18:52:52 UTC - RP1045 - System Checkpoint
      84: 2008-04-14 18:14:05 UTC - RP1044 - System Checkpoint
      83: 2008-04-13 12:27:46 UTC - RP1043 - Installed Windows XP Wdf01005.
      82: 2008-04-12 13:45:21 UTC - RP1042 - Installed Ad-Aware 2007


      -- First Restore Point --
      1: 2008-04-12 08:43:28 UTC - RP961 - System Checkpoint


      Backed up registry hives.
      Performed disk cleanup.

      Total Physical Memory: 480 MiB (512 MiB recommended).


      -- HijackThis (run as Christian.exe) -------------------------------------------

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 21:56:23, on 16/04/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\SYSTEM32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      C:\WINDOWS\system32\LEXBCES.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\system32\LEXPPS.EXE
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\Telemeter 3.0\telemeter3.exe
      C:\Program Files\Philips ToUcam Camera\VProperty.exe
      C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\Lexmark X6100 Series\lxbfbmon.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
      C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\Microsoft ActiveSync\wcescomm.exe
      C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe
      C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
      C:\PROGRA~1\MICROS~3\rapimgr.exe
      C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
      C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
      C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
      C:\Documents and Settings\Christian\Desktop\dss.exe
      C:\PROGRA~1\TRENDM~1\HIJACK~1\Christian.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.pandora.be:8080
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [Telemeter 3.0] "C:\Program Files\Telemeter 3.0\telemeter3.exe"
      O4 - HKLM\..\Run: [ToUcamVProperty] C:\Program Files\Philips ToUcam Camera\VProperty.exe
      O4 - HKLM\..\Run: [Lexmark X6100 Series] "C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe"
      O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
      O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
      O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
      O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
      O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O15 - Trusted Zone: *.dexia.be
      O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Shared/Applet//DexiaIIA.cab
      O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Mysteryville%202/Images/stg_drm.ocx
      O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
      O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} (LinkedIn ContactFinderControl) - http://www.linkedin.com/cab/LinkedInContactFinderControl.cab
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://vespah.spaces.live.com//PhotoUpload/MsnPUpld.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1100810975937
      O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
      O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://vespah.spaces.live.com/PhotoUpload/MsnPUpld.cab
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://downloads.telenet.be/tisp/ols/fscax.cab
      O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
      O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mysteryville%202/Images/armhelper.ocx
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553600000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://secure.securex.be/403/dwa7W.cab
      O16 - DPF: {FF1CD9A3-00CD-45C1-8182-4EEC229A182D} (Plaxo Auto-Import Utility) - http://www.plaxo.com/activex/plx_upldr-2k-xp.cab
      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
      O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
      O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
      O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
      O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

      --
      End of file - 9894 bytes

      -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

      backup-20080416-214019-157 O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
      backup-20080416-214019-168 O2 - BHO: (no name) - {1A1DAC8C-074D-440F-8707-7009A672D7D1} - (no file)
      backup-20080416-214019-188 O2 - BHO: (no name) - {02715E47-5A8E-495B-8F63-0D30470B8E72} - C:\WINDOWS\system32\nnnljhHX.dll (file missing)
      backup-20080416-214019-343 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      backup-20080416-214019-778 O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/games/popcaploader_v6.cab
      backup-20080416-214019-948 O2 - BHO: (no name) - {54ACA0A7-5D26-4F3B-9D04-AFCB22A592ED} - C:\WINDOWS\system32\ljJBuvwU.dll (file missing)
      backup-20080416-214019-980 O4 - HKLM\..\Policies\Explorer\Run: [iRwxbN0her] C:\Documents and Settings\All Users\Application Data\debgfcro\fapyjcps.exe
      backup-20080416-214020-733 O20 - Winlogon Notify: nnnljhHX - nnnljhHX.dll (file missing)

      -- File Associations -----------------------------------------------------------

      .js - JSFile - DefaultIcon - unable to read value
      .js - JSFile - shell\open\command - unable to read value


      -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

      All drivers whitelisted.


      -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

      R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>


      -- Device Manager: Disabled ----------------------------------------------------

      Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
      Description: Nokia N95
      Device ID: ROOT\WPD\0000
      Manufacturer: Nokia
      Name: Nokia N95
      PNP Device ID: ROOT\WPD\0000
      Service: WUDFRd


      -- Scheduled Tasks -------------------------------------------------------------

      2008-04-16 18:58:07 430 --ah----- C:\WINDOWS\Tasks\User_Feed_Synchronization-{EE793B24-9858-4B95-8F4A-56CCA4365992}.job


      -- Files created between 2008-03-16 and 2008-04-16 -----------------------------

      2008-04-16 21:49:55 0 d-------- C:\RVAXO
      2008-04-16 21:45:14 792650 --a------ C:\WINDOWS\system32\RVAXO.bat
      2008-04-16 21:45:14 69632 --a------ C:\WINDOWS\system32\remove.exe
      2008-04-16 21:41:26 0 d-------- C:\WINDOWS\pss
      2008-04-16 20:44:56 0 d-------- C:\Program Files\Trend Micro
      2008-04-12 21:57:51 0 d-------- C:\Program Files\PC Connectivity Solution
      2008-04-12 21:06:10 0 d-------- C:\Documents and Settings\Christian\Application Data\Zylom
      2008-04-12 21:05:54 0 d-------- C:\Program Files\Zylom Games
      2008-04-12 15:45:38 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-04-12 15:42:37 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
      2008-04-12 10:38:06 0 d-------- C:\Documents and Settings\All Users\Application Data\debgfcro
      2008-04-12 09:33:50 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP


      -- Find3M Report ---------------------------------------------------------------

      2008-04-13 07:48:15 0 d-------- C:\Documents and Settings\Christian\Application Data\Identities
      2008-04-13 07:20:29 0 d-------- C:\Documents and Settings\Christian\Application Data\Nokia
      2008-04-12 21:59:09 0 d-------- C:\Program Files\Nokia
      2008-04-12 21:59:01 0 d-------- C:\Program Files\Common Files\PCSuite
      2008-04-12 21:59:01 0 d-------- C:\Program Files\Common Files\Nokia
      2008-04-12 15:47:02 0 d-------- C:\Program Files\Lavasoft
      2008-04-12 15:47:00 0 d-------- C:\Documents and Settings\Christian\Application Data\Lavasoft
      2008-04-12 15:42:37 0 d-------- C:\Program Files\Common Files
      2008-04-12 08:21:51 57 --a------ C:\WINDOWS\popcinfo.dat
      2008-03-29 11:56:20 0 d-------- C:\Program Files\Messenger Plus! Live
      2008-03-26 21:11:52 2508 --a------ C:\Documents and Settings\Christian\Application Data\$_hpcst$.hpc
      2008-03-26 21:08:36 0 d-------- C:\Program Files\Microsoft ActiveSync
      2008-03-15 08:43:21 0 d-------- C:\Program Files\Windows Live
      2008-03-13 22:34:38 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
      2008-03-12 22:45:47 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
      2008-03-08 10:15:59 0 d-------- C:\Program Files\Java


      -- Registry Dump ---------------------------------------------------------------

      *Note* empty entries & legit default entries are not shown


      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "VTTimer"="VTTimer.exe"
      "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [05/05/2003 09:57]
      "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [31/10/2003 20:42]
      "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09/07/2001 12:50]
      "Telemeter 3.0"="C:\Program Files\Telemeter 3.0\telemeter3.exe" [24/11/2006 19:45]
      "ToUcamVProperty"="C:\Program Files\Philips ToUcam Camera\VProperty.exe" [02/04/2003 08:56]
      "Lexmark X6100 Series"="C:\Program Files\Lexmark X6100 Series\lxbfbmgr.exe" [23/09/2003 07:58]
      "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [18/12/2004 01:20]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [09/02/2005 19:33]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
      "AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [20/12/2007 19:23]
      "NSLauncher"="C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe" [28/11/2006 01:12]
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 23:16]

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13/10/2004 18:24]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 09:56]
      "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]
      "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [26/06/2006 17:13]
      "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [26/03/2008 18:41]
      "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [28/03/2008 11:20]

      [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
      "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
      "{EDB0E980-90BD-11D4-8599-0008C7D3B6F8}"= C:\Program Files\Qualcomm\Eudora\EuShlExt.dll [ ]

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
      @="Service"

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
      @="Service"

      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
      @="Volume shadow copy"




      -- End of Deckard's System Scanner: finished at 2008-04-16 21:57:05 ------------

      Extra.txt =
      Deckard's System Scanner v20071014.68
      Extra logfile - please post this as an attachment with your post.
      --------------------------------------------------------------------------------

      -- System Information ----------------------------------------------------------

      Microsoft Windows XP Home Edition (build 2600) SP 2.0
      Architecture: X86; Language: English

      CPU 0: AMD Sempron(tm) 2600+
      Percentage of Memory in Use: 76%
      Physical Memory (total/avail): 479.48 MiB / 113.93 MiB
      Pagefile Memory (total/avail): 1122.3 MiB / 833.13 MiB
      Virtual Memory (total/avail): 2047.88 MiB / 1921.46 MiB

      A: is Removable (No Media)
      C: is Fixed (NTFS) - 74.52 GiB total, 57.37 GiB free.
      D: is CDROM (No Media)
      E: is Removable (No Media)
      F: is Removable (No Media)
      G: is Removable (No Media)
      H: is Removable (No Media)

      \\.\PHYSICALDRIVE0 - WDC WD800BB-22FJA0 - 74.53 GiB - 1 partition
      \PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:

      \\.\PHYSICALDRIVE1 - IN-WIN iAPP HS-CF USB Device

      \\.\PHYSICALDRIVE2 - IN-WIN iAPP HS-MS USB Device

      \\.\PHYSICALDRIVE4 - IN-WIN iAPP HS-SD/MMC USB Device

      \\.\PHYSICALDRIVE3 - IN-WIN iAPP HS-SM USB Device



      -- Security Center -------------------------------------------------------------

      AUOptions is scheduled to auto-install.
      Windows Internal Firewall is enabled.

      AntivirusOverride is set.

      AV: Panda Titanium Antivirus 2004 v3.02.04 (Panda Software) Outdated
      AV: AVG 7.5.519 v7.5.519 (Grisoft)

      [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
      "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
      "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
      "C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
      "C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

      [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
      "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
      "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
      "C:\\Program Files\\PopCap Games\\Zuma Deluxe\\Zuma.exe"="C:\\Program Files\\PopCap Games\\Zuma Deluxe\\Zuma.exe:*isabled:Zuma"
      "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
      "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
      "C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESMGR.EXE:*:Enabled:ActiveSync Application"
      "C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE"="C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE:*:Enabled:ActiveSync Connection Manager"
      "C:\\Program Files\\Trillian\\trillian.exe"="C:\\Program Files\\Trillian\\trillian.exe:*:Enabled:Trillian"
      "C:\\Program Files\\Google\\Google Talk\\googletalk.exe"="C:\\Program Files\\Google\\Google Talk\\googletalk.exe:*:Enabled:Google Talk"
      "C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
      "C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe"
      "C:\\Program Files\\Miranda IM\\miranda32.exe"="C:\\Program Files\\Miranda IM\\miranda32.exe:*:Enabled:Miranda IM"
      "C:\\Program Files\\@Last Software\\SketchUp 3.0\\SketchUp.exe"="C:\\Program Files\\@Last Software\\SketchUp 3.0\\SketchUp.exe:*:Enabled:SketchUp Application"
      "C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
      "C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
      "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
      "C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="C:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
      "C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
      "C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE"="C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE:*:Enabled:Microsoft Office Word"
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
      "C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"


      -- Environment Variables -------------------------------------------------------

      ALLUSERSPROFILE=C:\Documents and Settings\All Users
      APPDATA=C:\Documents and Settings\Christian\Application Data
      CLIENTNAME=Console
      CommonProgramFiles=C:\Program Files\Common Files
      COMPUTERNAME=DOBBELAE-07OP56
      ComSpec=C:\WINDOWS\system32\cmd.exe
      FP_NO_HOST_CHECK=NO
      HOMEDRIVE=C:
      HOMEPATH=\Documents and Settings\Christian
      LOGONSERVER=\\DOBBELAE-07OP56
      NUMBER_OF_PROCESSORS=1
      OS=Windows_NT
      Path=C:\Program Files\PC Connectivity Solution\;C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM
      PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
      PROCESSOR_ARCHITECTURE=x86
      PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, AuthenticAMD
      PROCESSOR_LEVEL=6
      PROCESSOR_REVISION=0801
      ProgramFiles=C:\Program Files
      PROMPT=$P$G
      SESSIONNAME=Console
      SystemDrive=C:
      SystemRoot=C:\WINDOWS
      TEMP=C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
      TMP=C:\DOCUME~1\CHRIST~1\LOCALS~1\Temp
      USERDOMAIN=DOBBELAE-07OP56
      USERNAME=Christian
      USERPROFILE=C:\Documents and Settings\Christian
      windir=C:\WINDOWS


      -- User Profiles ---------------------------------------------------------------

      Christian (admin)


      -- Add/Remove Programs ---------------------------------------------------------

      --> MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
      --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
      --> VTUninst.exe -reg 5 'HKLM\Software\S3\VT\S3Uninst\S3Timer'
      ABBYY FineReader 5.0 Sprint Plus --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
      Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
      Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
      Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
      Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
      Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
      Adobe SVG Viewer 3.0 --> C:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Program Files\Common Files\Adobe\SVG Viewer 3.0\Uninstall\Install.log
      ArcSoft PhotoBase 3 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40FD99B4-63C3-49EE-A3BE-5D87762F3F2D}\Setup.exe" -l0x9 -uninst
      Audacity 1.2.3 --> "C:\Program Files\Audacity\unins000.exe"
      Autodesk DWF Viewer 7 --> MsiExec.exe /I{9A346205-EA92-4406-B1AB-50379DA3F057}
      AVG Free Edition --> C:\Program Files\Grisoft\AVG Free\setup.exe /UNINSTALL
      BUM --> MsiExec.exe /I{55937F00-A69B-4049-8D3A-1C7729742B6F}
      Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
      Easy Computing - Familiestamboom --> C:\WINDOWS\unvise32.exe C:\Program Files\Easy Computing\Familiestamboom\uninstal.log
      GTK+ Runtime 2.6.9 rev a (remove only) --> C:\Program Files\Common Files\GTK\2.0\uninst.exe
      HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
      HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
      Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
      IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
      iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3CB41017-F5CA-4C56-934C-ED02156251E6}
      J2SE Runtime Environment 5.0 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
      J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
      J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
      J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
      J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
      J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
      Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
      Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
      Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
      Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
      Jet CAD PRO 2 --> MsiExec.exe /I{9A154403-CE9A-11D8-BED0-00E029419CDE}
      Kiekeboe-Taccel --> "C:\Program Files\TAC\Taccels\Kiekeboe\unins000.exe"
      KODAK EASYSHARE Gallery Easy Upload, v2.1 --> C:\Documents and Settings\Christian\Local Settings\Application Data\KodakGallery\EasyShareSetup\$SETUP_140007_9a5556\Setup.exe /APR-REMOVE
      Lexmark X6100 Series --> C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBFUN5C.EXE -dLexmark X6100 Series
      Messenger Plus! Live & Sponsor (CiD) --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"
      Microsoft ActiveSync 4.0 --> MsiExec.exe /I{B208806F-A231-4FA0-AB3F-5C1B8979223E}
      Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
      Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
      Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
      Microsoft User-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe"
      Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
      Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
      Miranda IM 0.4.0.1 --> C:\Program Files\Miranda IM\uninstall.exe
      Mozilla Firefox (2.0.0.11) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
      MSVC80_x86 --> MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
      Myst III: Exile --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9F05B89E-2873-11D5-9E9D-0050DA1EA555}\setup.exe"
      Mysteryville Deluxe --> "C:\Program Files\Zylom Games\Mysteryville Deluxe\GameInstlr.exe" --uninstall UnInstall.log
      Nero Media Player --> C:\WINDOWS\UNNMP.exe /UNINSTALL
      Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
      NeroVision Express 2 --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
      Nokia Connectivity Cable Driver --> MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
      Nokia Lifeblog 2.1 --> MsiExec.exe /I{EE565795-2776-415A-B31C-EB3A8D7C6FA4}
      Nokia MTP driver --> MsiExec.exe /I{0E94871C-623C-464F-A117-B8474BFF84E1}
      Nokia PC Suite --> C:\Documents and Settings\All Users\Application Data\Installations\{0FC76B71-2534-4354-B255-3468578E3F47}\Nokia_PC_Suite_rel_6_86_9_0_eng.exe
      Nokia PC Suite --> MsiExec.exe /I{0FC76B71-2534-4354-B255-3468578E3F47}
      Nokia Software Launcher --> MsiExec.exe /I{5CCABD37-479D-4304-B1A5-67952C25F8F2}
      Nokia Software Updater --> MsiExec.exe /X{FE5D756F-71E1-47C4-972A-D6775344B40B}
      PC Connectivity Solution --> MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
      Philips ToUcam XS Camera --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\Philips ToUcam Camera\Kill820.exe" 820 ToUcamVProperty VProperty
      PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
      Print to Fax --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BF2B19D-9C79-492A-8969-F059F06A627F}\setup.exe" -l0x13 ControlPanel
      Promedia DVD --> c:\Program Files\PromediaDVD\uninstal.exe
      QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
      Riven --> C:\WINDOWS\uninst.exe -f"C:\Program Files\Riven\DeIsL1.isu"
      Rocket Mania Deluxe 1.02 --> C:\Program Files\PopCap Games\Rocket Mania Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Rocket Mania Deluxe\Install.log"
      Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
      SketchUp 3.1 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ADAD0FFE-B2C4-4A2C-B4C8-2467B5A25EF0}\Setup.exe" -l0x9
      SketchUp 4.0 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9421EB49-B1C8-496F-A307-FF0E4F43E6F5}\setup.exe" -l0x9
      SketchUp 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B357C4B4-9024-4B64-9B3F-A6729031C3DD}\setup.exe" -l0x9
      Skype 1.2 --> "C:\Program Files\Skype\Phone\unins000.exe"
      SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe"
      Super Architect 3D Pro --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5A20DE0-6FC3-11D5-AB96-0050DA41C6BF}\Setup.exe" -l0x13
      TAC Engine v2.1-3 --> "C:\Program Files\TAC\unins000.exe"
      Talismania Deluxe 1.0 --> C:\Program Files\PopCap Games\Talismania Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Talismania Deluxe\Install.log"
      Telemeter 3.1 --> C:\Program Files\Telemeter 3.0\uninst.exe
      VIA Rhine-Family Fast Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA
      VIA/S3G Display Driver --> VTsetvga.exe -s -rRundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\system32\hg201hp.inf
      Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_8B37DC72918CCD58A6EC20373AF6242B037A293B\pccs_bluetooth.inf
      Windows Driver Package - Nokia Modem (02/15/2007 3.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccs_bluet_F12A08B6F776984A95553486F64C541356F86E38\pccs_bluetooth.inf
      Windows Driver Package - Nokia Modem (03/05/2008 3.7) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
      Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
      Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_5E1541AFF1E1EA3554CE566743CCAD323ED1C108\nokbtmdm.inf
      Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0) --> C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
      Windows Live aanmeldhulp --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
      Windows Live installer --> MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
      Windows Live Messenger --> MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
      Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
      WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
      WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall
      Zuma Deluxe 1.0 --> C:\Program Files\PopCap Games\Zuma Deluxe\PopUninstall.exe "C:\Program Files\PopCap Games\Zuma Deluxe\Install.log"


      -- Application Event Log -------------------------------------------------------

      Event Record #/Type13581 / Error
      Event Submitted/Written: 04/12/2008 08:59:04 PM
      Event ID/Source: 1002 / Application Hang
      Event Description:
      Hanging application iexplore.exe, version 7.0.6000.16640, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

      Event Record #/Type13563 / Error
      Event Submitted/Written: 04/12/2008 03:10:14 PM
      Event ID/Source: 1002 / Application Hang
      Event Description:
      Hanging application msnmsgr.exe, version 8.5.1302.1018, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

      Event Record #/Type13554 / Error
      Event Submitted/Written: 04/12/2008 10:38:08 AM
      Event ID/Source: 100 / AVG7
      Event Description:
      2008-04-12 08:38:08,671 DOBBELAE-07OP56 [000808:000804] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(1280) call failed with WIN32 error 87, returning session id is 0

      Event Record #/Type13553 / Error
      Event Submitted/Written: 04/12/2008 10:38:08 AM
      Event ID/Source: 100 / AVG7
      Event Description:
      2008-04-12 08:38:08,546 DOBBELAE-07OP56 [000808:000804] ERROR 000 AVG7.WTS.CAvgAmWts ProcessIdToSessionId(1280) call failed with WIN32 error 87, returning session id is 0

      Event Record #/Type13552 / Warning
      Event Submitted/Written: 04/12/2008 09:18:40 AM
      Event ID/Source: 63 / WinMgmt
      Event Description:
      A provider, OffProv11, has been registered in the WMI namespace, Root\MSAPPS11, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.



      -- Security Event Log ----------------------------------------------------------

      No Errors/Warnings found.


      -- System Event Log ------------------------------------------------------------

      Event Record #/Type56945 / Error
      Event Submitted/Written: 04/16/2008 09:48:57 PM
      Event ID/Source: 10005 / DCOM
      Event Description:
      DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
      in order to run the server:
      {1BE1F766-5536-11D1-B726-00C04FB926AF}

      Event Record #/Type56944 / Error
      Event Submitted/Written: 04/16/2008 09:48:33 PM
      Event ID/Source: 7026 / Service Control Manager
      Event Description:
      The following boot-start or system-start driver(s) failed to load:
      AFD
      AmdK7
      Avg7Core
      Avg7RsW
      Avg7RsXP
      Fips
      IPSec
      MRxSmb
      NetBIOS
      NetBT
      RasAcd
      Rdbss
      Tcpip

      Event Record #/Type56943 / Error
      Event Submitted/Written: 04/16/2008 09:48:33 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:
      %%31

      Event Record #/Type56942 / Error
      Event Submitted/Written: 04/16/2008 09:48:33 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The TCP/IP NetBIOS Helper service depends on the AFD Networking Support Environment service which failed to start because of the following error:
      %%31

      Event Record #/Type56941 / Error
      Event Submitted/Written: 04/16/2008 09:48:33 PM
      Event ID/Source: 7001 / Service Control Manager
      Event Description:
      The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:
      %%31



      -- End of Deckard's System Scanner: finished at 2008-04-16 21:57:05 ------------
      • Citaat

      Comment

      • #4
        Ik zie geen problemen meer in je logjes

        Zijn de problemen ook voorbij?
        • Citaat

        Comment

        • #5
          Trojan Horse Foetsjie!

          Schitterend!! Dank je!!
          Maar ik zie nog een aantal programma's die ik eigenlijk "geuninstalled" heb. Is dat normaal?
          • Citaat

          Comment

          • #6
            Welke programma's zijn dat volgens jouw?
            • Citaat

            Comment

            • #7
              Itunes, Panda, Skype.
              Die dacht ik weg gedaan te hebben...
              • Citaat

              Comment

              • #8
                Deze lijkt nog aanwezig te zijn:
                "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [18/12/2004 01:20]
                • Citaat

                Comment

                • #9
                  Het is nu verwijderd.
                  Dank je wel voor alle hulp.
                  Ik ga proberen de computer wat op te kuisen.. Ik vermoed da tik op deze site nog veel informatie kan vinden.

                  Dank je wel!
                  • Citaat

                  Comment

                  • #10
                    Graag gedaan hoor
                    • Citaat

                    Comment

                    Vorige template Volgende
                    Sorry, you are not authorized to view this page
                    Working...
                    X