Mededeling

Collapse
No announcement yet.

hijackthislog aub even checken

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • hijackthislog aub even checken

    ik heb paar problemen met de pc. doe zoiezo een hijackthis log check. mijn pc sluite zichzelf af? of tenminste mijn scherm... pc uitgedaan en aan geen fouten of iets. geluid kraakt bij sommige dingen niet alles. heb opniew driver etc gedaan ook andere geluidskaart hetzelfde. anyway weet niet waar ik het bovenstaande moet posten duz wou dat even vragen en nu duz mijn hijackthis log.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 23:29:46, on 26-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    F:\quickcam\LogiTray.exe
    C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\Program Files\Netropa\Onscreen Display\OSD.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
    F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
    C:\WINDOWS\system32\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\WINDOWS\system32\ctfmon.exe
    F:\quickcam\FxSvr2.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\System32\alg.exe
    F:\muissetpoint\SetPoint\SetPoint.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    F:\Xfire\xfire.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\DOCUME~1\Eigenaar\LOCALS~1\Temp\Rar$EX00.985\memtest.exe
    C:\DOCUME~1\Eigenaar\LOCALS~1\Temp\Rar$EX05.641\memtest.exe
    F:\HijackThis\HijackThis.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - F:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
    O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] "F:\quickcam\ISStart.exe"
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\quickcam\LogiTray.exe
    O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
    O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
    O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
    O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
    O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "F:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\quickcam\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Veoh] "F:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
    O4 - Global Startup: Logitech SetPoint.lnk = F:\muissetpoint\SetPoint\SetPoint.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
    O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
    O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://fishingchamp.gamescampus.com/luncher/GamesCampus.cab
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-SG/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195845588250
    O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
    O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
    O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5DB86065-98AC-41B8-8141-8B4A8C3F8068}: NameServer = 62.179.104.196,212.142.28.69
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7F431CE0-5F34-4334-B2EC-96BCF79F9BD2}: NameServer = 85.255.114.9,85.255.112.76
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
    O17 - HKLM\System\CS1\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
    O17 - HKLM\System\CS2\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76
    O17 - HKLM\System\CS3\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
    O17 - HKLM\System\CS3\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
    O21 - SSODL: E404Helper - {8ed5a9cb-b81b-43ca-bcaf-d88a0406ad12} - e404d.dll (file missing)
    O22 - SharedTaskScheduler: hyperproduction - {9d19a1a9-3cdf-4f15-a5ca-ea3905febded} - (no file)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Kwari.xLoader - Unknown owner - C:\Documents.exe (file missing)
    O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - F:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
    O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - F:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

    --
    End of file - 11813 bytes

  • #2
    Download FixWareout van:
    (http://downloads.subratam.org/Fixwareout.exe)

    Sla het op je bureaublad op en dubbelklik Fixwareout.exe. Klik eerst op Next en daarna op Install. Controleer daarna of Run fixit aangevinkt is en klik op Finish. Laat dan de fix zijn werk doen.
    Je zal gevraagd worden om de computer opnieuw op te starten, doe dat. Het kan zijn dat je computer langer doet over het opstarten dan gewoonlijk; dit is normaal.

    Let op! Als je antivirus een scriptblokker heeft krijg je een waarschuwing zoals "malicious script warning" wanneer je dit tooltje gaat draaien. Je kunt deze waarschuwing negeren.

    Plaats, na het herstarten, de inhoud van het log dat je hier kan vinden: C:\fixwareout\report.txt, post ook een nieuw HijackThis log.

    Comment


    • #3
      k

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 0:56:30, on 27-4-2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\PnkBstrA.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\system32\UAService7.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\WINDOWS\RTHDCPL.EXE
      C:\WINDOWS\system32\LVCOMSX.EXE
      F:\quickcam\LogiTray.exe
      C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
      F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
      C:\WINDOWS\system32\CTHELPER.EXE
      C:\WINDOWS\system32\CTXFIHLP.EXE
      C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
      C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
      C:\Program Files\Netropa\Onscreen Display\OSD.exe
      F:\muissetpoint\SetPoint\SetPoint.exe
      F:\quickcam\FxSvr2.exe
      C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
      F:\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
      R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      O2 - BHO: (no name) - {6860A44B-5D3E-433D-A7B5-D517F810D0E7} - (no file)
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - F:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
      O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
      O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot
      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
      O4 - HKLM\..\Run: [LogitechVideoRepair] "F:\quickcam\ISStart.exe"
      O4 - HKLM\..\Run: [LogitechVideoTray] F:\quickcam\LogiTray.exe
      O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
      O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
      O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
      O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
      O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
      O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
      O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
      O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
      O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
      O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
      O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
      O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "F:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\quickcam\ManifestEngine.exe" boot
      O4 - HKCU\..\Run: [Veoh] "F:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
      O4 - Global Startup: Logitech SetPoint.lnk = F:\muissetpoint\SetPoint\SetPoint.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
      O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
      O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://fishingchamp.gamescampus.com/luncher/GamesCampus.cab
      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-SG/a-UNO1/GAME_UNO1.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195845588250
      O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
      O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
      O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
      O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX
      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
      O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{5DB86065-98AC-41B8-8141-8B4A8C3F8068}: NameServer = 62.179.104.196,212.142.28.69
      O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
      O17 - HKLM\System\CS1\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76
      O21 - SSODL: E404Helper - {8ed5a9cb-b81b-43ca-bcaf-d88a0406ad12} - e404d.dll (file missing)
      O22 - SharedTaskScheduler: hyperproduction - {9d19a1a9-3cdf-4f15-a5ca-ea3905febded} - (no file)
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
      O23 - Service: Kwari.xLoader - Unknown owner - C:\Documents.exe (file missing)
      O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
      O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - F:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
      O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - F:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
      O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

      --
      End of file - 10705 bytes


      Username "Eigenaar" - 27-04-2008 0:52:01 [Fixwareout edited 9/01/2007]

      ~~~~~ Prerun check

      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
      "nameserver"="85.255.114.9 85.255.112.76" <Value cleared.
      HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{041287BD-1CCC-484E-99C4-74DE9AE75878}
      "nameserver"="85.255.114.9,85.255.112.76" <Value cleared.
      HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F431CE0-5F34-4334-B2EC-96BCF79F9BD2}
      "nameserver"="85.255.114.9,85.255.112.76" <Value cleared.
      HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{7F431CE0-5F34-4334-B2EC-96BCF79F9BD2}
      "DhcpNameServer"="85.255.114.9,85.255.112.76" <Value cleared.
      HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{8EF27F77-DFBA-4E32-899C-FEF4C1C21486}
      "DhcpNameServer"="85.255.114.9,85.255.112.76" <Value cleared.

      De DNS-omzettingscache is leeggemaakt.


      System was rebooted successfully.

      ~~~~~ Postrun check
      HKLM\SOFTWARE\~\Winlogon\ "system"=""
      ....
      ....
      ~~~~~ Misc files.
      ....
      ~~~~~ Checking for older varients.
      ....

      ~~~~~ Current runs (hklm hkcu "run" Keys Only)
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
      "JMB36X IDE Setup"="C:\\WINDOWS\\RaidTool\\xInsIDE.exe"
      "36X Raid Configurer"="\"C:\\WINDOWS\\system32\\xRaidSetup.exe\" boot"
      "RTHDCPL"="RTHDCPL.EXE"
      "LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
      "LogitechVideoRepair"="\"F:\\quickcam\\ISStart.exe\" "
      "LogitechVideoTray"="F:\\quickcam\\LogiTray.exe"
      "MULTIMEDIA KEYBOARD"="C:\\Program Files\\Netropa\\Multimedia Keyboard\\MMKeybd.exe"
      "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
      "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\""
      "IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
      "MSPY2002"="\"C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe\" /SYNC"
      "PHIME2002ASync"="\"C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE\" /SYNC"
      "PHIME2002A"="\"C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE\" /IMEName"
      "NvCplDaemon"="\"RUNDLL32.EXE\" C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
      "nwiz"="\"nwiz.exe\" /install"
      "QuickTime Task"="\"F:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
      "NvMediaCenter"="\"RUNDLL32.EXE\" C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
      "AVG7_CC"="\"C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe\" /STARTUP"
      "RemoteControl8"="\"F:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8\\PDVD8Serv.exe\""
      "PDVD8LanguageShortcut"="\"F:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8\\Language\\Language.exe\""
      "CTHelper"="CTHELPER.EXE"
      "CTxfiHlp"="CTXFIHLP.EXE"
      "VolPanel"="\"C:\\Program Files\\Creative\\Sound Blaster X-Fi\\Volume Panel\\VolPanlu.exe\" /r"
      "AudioDrvEmulator"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" -1 AudioDrvEmulator \"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\Audio Emulator\\AudDrvEm.dll\""

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
      "DAEMON Tools Pro Agent"="\"F:\\Program Files\\DAEMON Tools Pro\\DTProAgent.exe\""
      "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
      "LogitechSoftwareUpdate"="\"F:\\quickcam\\ManifestEngine.exe\" boot"
      "Veoh"="\"F:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe\" /VeohHide"
      ....
      Hosts file was reset, If you use a custom hosts file please replace it...
      ~~~~~ End report ~~~~~
      Last edited by realitytruth; 27-04-08, 00:58.

      Comment


      • #4
        Download: RVAXO.exe
        • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
        • Start de computer in veilige modus.
        • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
          Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
        • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
        • Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
          Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
        • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
        • Post de inhoud van de logfile in je volgende bericht.
        Post ook een nieuw logje van Hijackthis

        Download Deckard's System Scanner naar je Bureaublad.
        • Sluit alle toepassingen en vensters.
        • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
        • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
        • Kopieer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord evenals extra.txt.

        Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
        - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
        Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
        Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

        Comment


        • #5
          k

          hier is het dan uhm de tekst is te lang duz ik doe 2 of 3 posts. en bedankt dat je de tijd voor mij neemt

          Deckard's System Scanner v20071014.68
          Run by Eigenaar on 2008-04-27 14:57:12
          Computer is in Normal Mode.
          --------------------------------------------------------------------------------

          -- System Restore --------------------------------------------------------------

          Successfully created a Deckard's System Scanner Restore Point.


          -- Last 5 Restore Point(s) --
          28: 2008-04-27 12:57:17 UTC - RP68 - Deckard's System Scanner Restore Point
          27: 2008-04-26 19:17:49 UTC - RP67 - Configured Scarface: The World is Yours
          26: 2008-04-26 19:15:24 UTC - RP66 - Removed AuditionSEA
          25: 2008-04-26 12:39:09 UTC - RP65 - Installed ZeroOnline
          24: 2008-04-26 12:39:04 UTC - RP64 - Installed ZeroOnline


          -- First Restore Point --
          1: 2008-04-19 13:28:16 UTC - RP41 - Controlepunt van systeem


          Backed up registry hives.
          Performed disk cleanup.



          -- HijackThis (run as Eigenaar.exe) --------------------------------------------

          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 14:57:45, on 27-4-2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16640)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
          C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
          C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
          C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
          C:\WINDOWS\system32\nvsvc32.exe
          C:\WINDOWS\system32\PnkBstrA.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\system32\UAService7.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\WINDOWS\RTHDCPL.EXE
          C:\WINDOWS\system32\LVCOMSX.EXE
          F:\quickcam\LogiTray.exe
          C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
          C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
          C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
          C:\Program Files\Netropa\Onscreen Display\OSD.exe
          C:\WINDOWS\system32\RUNDLL32.EXE
          C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
          F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
          F:\quickcam\FxSvr2.exe
          C:\WINDOWS\system32\CTHELPER.EXE
          C:\WINDOWS\system32\CTXFIHLP.EXE
          C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
          C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
          C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\Messenger\msmsgs.exe
          F:\muissetpoint\SetPoint\SetPoint.exe
          C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
          C:\Documents and Settings\Eigenaar\Bureaublad\dss.exe
          F:\HIJACK~1\Eigenaar.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
          O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - F:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
          O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
          O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot
          O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
          O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
          O4 - HKLM\..\Run: [LogitechVideoRepair] "F:\quickcam\ISStart.exe"
          O4 - HKLM\..\Run: [LogitechVideoTray] F:\quickcam\LogiTray.exe
          O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
          O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
          O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
          O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
          O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
          O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
          O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
          O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
          O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
          O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
          O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
          O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
          O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
          O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
          O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "F:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\quickcam\ManifestEngine.exe" boot
          O4 - HKCU\..\Run: [Veoh] "F:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
          O4 - Global Startup: Logitech SetPoint.lnk = F:\muissetpoint\SetPoint\SetPoint.exe
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://fishingchamp.gamescampus.com/luncher/GamesCampus.cab
          O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
          O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-SG/a-UNO1/GAME_UNO1.cab
          O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195845588250
          O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
          O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
          O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
          O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX
          O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
          O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
          O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
          O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
          O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
          O17 - HKLM\System\CCS\Services\Tcpip\..\{5DB86065-98AC-41B8-8141-8B4A8C3F8068}: NameServer = 62.179.104.196,212.142.28.69
          O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
          O17 - HKLM\System\CS1\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76
          O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
          O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
          O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
          O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
          O23 - Service: Kwari.xLoader - Unknown owner - C:\Documents.exe (file missing)
          O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
          O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
          O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - F:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
          O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - F:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
          O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

          --
          End of file - 10151 bytes

          -- File Associations -----------------------------------------------------------

          All associations okay.


          -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

          R0 giveio - c:\windows\system32\giveio.sys
          R0 speedfan - c:\windows\system32\speedfan.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>

          S3 catchme - c:\docume~1\eigenaar\locals~1\temp\catchme.sys (file missing)
          S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)
          S3 Neo_reality (SoftEther VPN Client 2.0 Device Driver - reality) - c:\windows\system32\drivers\neo_reality.sys <Not Verified; SoftEther Corporation; SoftEther VPN Client 2.0 Beta Edition>
          S3 nocashio - c:\windows\system32\drivers\nocashio.sys
          S3 sony_ssm.sys - c:\docume~1\eigenaar\locals~1\temp\sony_ssm.sys (file missing)
          S3 TVICHW32 - c:\windows\system32\drivers\tvichw32.sys <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
          S3 XDva098 - c:\windows\system32\xdva098.sys (file missing)
          S3 XDva110 - c:\windows\system32\xdva110.sys (file missing)
          S3 XDva115 - c:\windows\system32\xdva115.sys (file missing)
          S3 XDva120 - c:\windows\system32\xdva120.sys (file missing)
          S3 XDva123 - c:\windows\system32\xdva123.sys (file missing)
          S3 XDva129 - c:\windows\system32\xdva129.sys (file missing)


          -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

          R2 nhksrv (Netropa NHK Server) - c:\program files\netropa\multimedia keyboard\nhksrv.exe
          R2 UserAccess7 (SecuROM User Access Service (V7)) - c:\windows\system32\uaservice7.exe <Not Verified; Sony DADC Austria AG.; >

          S3 Kwari.xLoader - c:\documents and settings\eigenaar\local settings\application data\micro forte\kwari\kwari.xloader.32 (file missing)
          S3 sdAuxService (PC Tools Auxiliary Service) - f:\program files\spyware doctor\svcntaux.exe (file missing)
          S3 sdCoreService (PC Tools Security Service) - f:\program files\spyware doctor\swdsvc.exe (file missing)


          -- Device Manager: Disabled ----------------------------------------------------

          No disabled devices found.


          -- Scheduled Tasks -------------------------------------------------------------

          2008-04-25 12:04:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


          -- Files created between 2008-03-27 and 2008-04-27 -----------------------------

          2008-04-27 14:54:14 0 d-------- C:\RVAXO
          2008-04-27 14:46:15 803918 --a------ C:\WINDOWS\system32\RVAXO.bat
          2008-04-27 14:46:15 69632 --a------ C:\WINDOWS\system32\remove.exe
          2008-04-27 14:45:29 0 dr-h----- C:\Documents and Settings\Eigenaar\Onlangs geopend
          2008-04-27 14:42:18 0 d-------- C:\Documents and Settings\Administrator\Application Data\Mozilla
          2008-04-27 01:25:34 0 d-------- C:\Program Files\SnailWeb
          2008-04-26 23:30:13 23600 --a------ C:\WINDOWS\system32\drivers\TVICHW32.SYS <Not Verified; EnTech Taiwan; TVicHW32 Generic Device Driver for Windows 95/98/ME/NT/2000/2003/XP/XP64>
          2008-04-26 23:21:26 0 d-------- C:\Program Files\Panda Security
          2008-04-26 23:02:55 0 d-------- C:\Program Files\SpeedFan
          2008-04-26 14:38:37 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\InstallShield
          2008-04-22 14:07:01 230 --a------ C:\WINDOWS\ctrunonce.reg
          2008-04-22 14:03:25 0 d-------- C:\Program Files\Creative
          2008-04-20 16:21:57 413696 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
          2008-04-20 16:21:57 110592 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
          2008-04-20 12:49:59 2337865 --a------ C:\WINDOWS\system32\pbsvc.exe
          2008-04-20 12:36:12 0 d-------- C:\Program Files\Ubisoft
          2008-04-20 12:14:04 504 --a------ C:\WINDOWS\OnSpcLCK.exe
          2008-04-20 04:25:36 0 d-------- C:\Documents and Settings\All Users\Application Data\SlySoft
          2008-04-20 04:22:57 0 d-------- C:\Program Files\SlySoft
          2008-04-20 03:36:28 0 d-------- C:\Program Files\AVSMedia
          2008-04-20 03:32:12 0 d-------- C:\Program Files\InterActual
          2008-04-19 14:22:26 0 d-------- C:\Documents and Settings\All Users\Application Data\Ubisoft
          2008-04-16 05:38:53 0 d-------- C:\WINDOWS\system32\NtmsData
          2008-04-16 05:37:15 0 d-------- C:\Program Files\Common Files\Adobe
          2008-04-11 05:39:17 0 d-------- C:\Program Files\Oxeye Games
          2008-04-10 03:29:22 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\teamspeak2
          2008-04-04 20:26:21 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\skypePM
          2008-04-04 20:26:21 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
          2008-04-04 20:24:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
          2008-04-03 19:11:11 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
          2008-04-03 19:10:58 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\CyberLink
          2008-04-03 19:05:55 0 d-------- C:\Program Files\Common Files\CyberLink
          2008-04-03 08:04:43 0 d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
          2008-04-03 08:04:36 0 d-------- C:\Program Files\Webroot
          2008-04-02 19:50:09 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
          2008-04-02 16:41:05 880 --a------ C:\WINDOWS\checkip.dat
          2008-03-31 15:20:36 0 d-------- C:\WINDOWS\system32\Adobe
          2008-03-31 15:20:28 3255 --a------ C:\WINDOWS\mozver.dat


          -- Find3M Report ---------------------------------------------------------------

          2008-04-26 14:39:09 0 d--h----- C:\Program Files\InstallShield Installation Information
          2008-04-25 20:34:46 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\AVG7
          2008-04-24 19:38:30 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\Xfire
          2008-04-21 13:40:07 0 d-------- C:\Program Files\Common Files
          2008-04-20 16:43:58 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\Creative
          2008-04-20 03:59:19 20 --a------ C:\Documents and Settings\Eigenaar\Application Data\AVSDVDPlayer.m3u
          2008-04-20 03:36:45 0 d-------- C:\Program Files\Common Files\AVSMedia
          2008-04-19 14:39:27 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\Azureus
          2008-04-16 05:37:25 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\Adobe
          2008-04-11 01:15:09 462148 --a------ C:\WINDOWS\system32\perfh013.dat
          2008-04-11 01:15:09 78896 --a------ C:\WINDOWS\system32\perfc013.dat
          2008-03-26 19:08:14 81920 --a------ C:\WINDOWS\system32\vpncmd.exe <Not Verified; SoftEther Corporation; PacketiX VPN Version 2.0>
          2008-03-24 23:48:11 0 --a------ C:\WINDOWS\nsreg.dat
          2008-03-24 23:48:04 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\Mozilla
          2008-03-20 08:44:19 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
          2008-03-19 19:29:52 0 d-------- C:\Program Files\Java
          2008-03-14 17:26:24 0 d-------- C:\Program Files\Windows Live Safety Center
          2008-03-09 10:11:58 0 d-------- C:\Program Files\AGEIA Technologies
          2008-03-06 05:48:46 21840 --a-----t C:\WINDOWS\system32\SIntfNT.dll
          2008-03-06 05:48:46 17212 --a-----t C:\WINDOWS\system32\SIntf32.dll
          2008-03-06 05:48:46 12067 --a-----t C:\WINDOWS\system32\SIntf16.dll
          2008-03-06 05:16:43 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
          2008-02-27 14:50:22 0 d-------- C:\Program Files\Common Files\DirectX
          2008-02-27 14:50:11 225280 --a------ C:\WINDOWS\system32\UAService7.exe <Not Verified; Sony DADC Austria AG.; >
          2008-02-27 11:58:57 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\The Chosen
          2008-02-27 11:55:05 0 d-------- C:\Documents and Settings\Eigenaar\Application Data\Frater
          2008-02-23 19:33:27 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll <Not Verified; Sony DADC Austria AG.; >
          2008-01-31 14:00:14 80 --ah----- C:\WINDOWS\system32\HsInfo.dat


          -- Registry Dump ---------------------------------------------------------------

          *Note* empty entries & legit default entries are not shown


          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [20-03-2007 16:36]
          "36X Raid Configurer"="C:\WINDOWS\system32\xRaidSetup.exe" [21-03-2007 18:23]
          "RTHDCPL"="RTHDCPL.EXE" [21-03-2007 16:49 C:\WINDOWS\RTHDCPL.exe]
          "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [19-07-2005 18:32]
          "LogitechVideoRepair"="F:\quickcam\ISStart.exe" [08-06-2005 15:24]
          "LogitechVideoTray"="F:\quickcam\LogiTray.exe" [08-06-2005 15:14]
          "MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [23-07-2002 02:55]
          "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [23-07-2005 00:25 C:\WINDOWS\KHALMNPR.Exe]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22-02-2008 05:25]
          "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [04-08-2004 14:00]
          "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [04-08-2004 14:00]
          "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [04-08-2004 14:00]
          "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [04-08-2004 14:00]
          "NvCplDaemon"="RUNDLL32.exe" [04-08-2004 14:00 C:\WINDOWS\system32\rundll32.exe]
          "nwiz"="nwiz.exe" [05-12-2007 02:41 C:\WINDOWS\system32\nwiz.exe]
          "QuickTime Task"="F:\Program Files\QuickTime\qttask.exe" [10-01-2008 15:27]
          "NvMediaCenter"="RUNDLL32.exe" [04-08-2004 14:00 C:\WINDOWS\system32\rundll32.exe]
          "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [16-04-2008 09:11]
          "RemoteControl8"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe" [20-03-2008 20:23]
          "PDVD8LanguageShortcut"="F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe" [14-12-2007 11:36]
          "CTHelper"="CTHELPER.EXE" [20-02-2008 20:58 C:\WINDOWS\system32\CtHelper.exe]
          "CTxfiHlp"="CTXFIHLP.EXE" [20-02-2008 20:58 C:\WINDOWS\system32\Ctxfihlp.exe]
          "VolPanel"="C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [13-07-2006 14:11]
          "AudioDrvEmulator"="C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" [04-11-2005 18:07]

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 14:00]
          "DAEMON Tools Pro Agent"="F:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [06-09-2007 14:08]
          "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13-10-2004 18:24]
          "LogitechSoftwareUpdate"="F:\quickcam\ManifestEngine.exe" [08-06-2005 14:44]
          "Veoh"="F:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [01-04-2008 18:35]
          "@"=""

          C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
          Logitech SetPoint.lnk - F:\muissetpoint\SetPoint\SetPoint.exe [23-11-2007 21:29:44]

          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

          [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"


          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
          AutoRun\command- E:\OnSpcLCK.exe




          -- End of Deckard's System Scanner: finished at 2008-04-27 14:58:28 ------------

          Comment


          • #6
            nog1

            Deckard's System Scanner v20071014.68
            Extra logfile - please post this as an attachment with your post.
            --------------------------------------------------------------------------------

            -- System Information ----------------------------------------------------------

            Microsoft Windows XP Home Edition (build 2600) SP 2.0
            Architecture: X86; Language: Dutch

            CPU 0: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz
            CPU 1: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz
            CPU 2: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz
            CPU 3: Intel(R) Core(TM)2 Quad CPU Q6700 @ 2.66GHz
            Percentage of Memory in Use: 14%
            Physical Memory (total/avail): 3327.04 MiB / 2829.07 MiB
            Pagefile Memory (total/avail): 5210.69 MiB / 4880.78 MiB
            Virtual Memory (total/avail): 2047.88 MiB / 1928.33 MiB

            A: is Removable (No Media)
            C: is Fixed (NTFS) - 74.52 GiB total, 55.5 GiB free.
            D: is CDROM (No Media)
            E: is CDROM (CDFS)
            F: is Fixed (FAT32) - 372.49 GiB total, 336.6 GiB free.
            I: is CDROM (No Media)

            \\.\PHYSICALDRIVE0 - ST380022 A SCSI Disk Device - 74.53 GiB - 1 partition
            \PARTITION0 (bootable) - Installable File System - 74.52 GiB - C:

            \\.\PHYSICALDRIVE1 - Toshiba USB 2.0 Ext. HDD USB Device - 372.59 GiB - 1 partition
            \PARTITION0 (bootable) - Unknown - 372.59 GiB - F:



            -- Security Center -------------------------------------------------------------

            AUOptions is scheduled to auto-install.
            Windows Internal Firewall is enabled.

            FirstRunDisabled is set.
            AntivirusOverride is set.

            AV: AVG 7.5.524 v7.5.524 (Grisoft)
            AV: ESET NOD32 antivirus systeem 2.70 v2.70 (ESET, spol. s r.o.) Disabled

            [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
            "F:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8\\PowerDVD8.exe"="F:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8\\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
            "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
            "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

            [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
            "F:\\Xfire\\xfire.exe"="F:\\Xfire\\xfire.exe:*:Enabled:Xfire"
            "F:\\Azureus\\Azureus.exe"="F:\\Azureus\\Azureus.exe:*:Enabled:Azureus"
            "F:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"="F:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe:*:Enabled:Veoh Client"
            "C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
            "C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
            "F:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="F:\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
            "C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
            "C:\\WINDOWS\\system32\\rundll32.exe"="C:\\WINDOWS\\system32\\rundll32.exe:*:Enabled:Een DLL-bestand als toepassing starten"
            "F:\\ijji\\ENGLISH\\Gunz\\Gunz.exe"="F:\\ijji\\ENGLISH\\Gunz\\Gunz.exe:*:Enabled:Gunz"
            "C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
            "F:\\Program Files\\Sierra\\FEARCombat\\FPUpdate.exe"="F:\\Program Files\\Sierra\\FEARCombat\\FPUpdate.exe:*:Enabled:FPUpdate"
            "F:\\Program Files\\Cyanide\\Loki\\Loki.exe"="F:\\Program Files\\Cyanide\\Loki\\Loki.exe:*:Enabled:Loki"
            "F:\\Program Files\\Cyanide\\Loki\\Autorun\\AutoRun.exe"="F:\\Program Files\\Cyanide\\Loki\\Autorun\\AutoRun.exe:*:Enabled:Loki - AutoRun"
            "F:\\Program Files\\Softnyx\\WolfTeam\\Wolfteam.bin"="F:\\Program Files\\Softnyx\\WolfTeam\\Wolfteam.bin:*:Enabled:WolfTeam"
            "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:EnabledNA"
            "C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="C:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
            "C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
            "C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
            "C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
            "F:\\Program Files\\Fury\\Binaries\\Fury.exe"="F:\\Program Files\\Fury\\Binaries\\Fury.exe:*:Enabled:Fury"
            "F:\\Program Files\\Fury\\Binaries\\DiamondWare\\dwTVC.exe"="F:\\Program Files\\Fury\\Binaries\\DiamondWare\\dwTVC.exe:*:Enabled:Fury VOIP"
            "C:\\Program Files\\PacketiX VPN Client\\vpnclient.exe"="C:\\Program Files\\PacketiX VPN Client\\vpnclient.exe:*:Enabled:PacketiX VPN Client 2.0"
            "C:\\Program Files\\PacketiX VPN Client\\vpncmgr.exe"="C:\\Program Files\\PacketiX VPN Client\\vpncmgr.exe:*:Enabled:PacketiX VPN Client Connection Manager 2.0"
            "C:\\Program Files\\PacketiX VPN Client\\vpncmd.exe"="C:\\Program Files\\PacketiX VPN Client\\vpncmd.exe:*:Enabled:PacketiX VPN Command-Line Admin Tool 2.0"
            "C:\\Program Files\\TECMO\\Monster Farm Online\\client.exe"="C:\\Program Files\\TECMO\\Monster Farm Online\\client.exe:*:Enabled:Monster Farm Online"
            "C:\\Documents and Settings\\Eigenaar\\Bureaublad\\WoW-BurningCrusade-enUS-Installer-downloader.exe"="C:\\Documents and Settings\\Eigenaar\\Bureaublad\\WoW-BurningCrusade-enUS-Installer-downloader.exe:*:Enabled:Blizzard Downloader"
            "C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
            "F:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8\\PowerDVD8.exe"="F:\\Program Files\\CyberLink\\PowerDVD8\\PowerDVD8\\PowerDVD8.exe:*:Enabled:CyberLink PowerDVD 8.0"
            "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
            "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
            "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
            "F:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\RainbowSixVegas2_SADS.exe"="F:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\RainbowSixVegas2_SADS.exe:*:Enabled:RainbowSixVegas2_SADS"
            "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
            "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
            "C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"="C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
            "C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"="C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
            "C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\RainbowSixVegas2_SADS.exe"="C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\RainbowSixVegas2_SADS.exe:*:Enabled:RainbowSixVegas2_SADS"


            -- Environment Variables -------------------------------------------------------

            ALLUSERSPROFILE=C:\Documents and Settings\All Users
            APPDATA=C:\Documents and Settings\Eigenaar\Application Data
            CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
            CLIENTNAME=Console
            CommonProgramFiles=C:\Program Files\Common Files
            COMPUTERNAME=REALITYTRUTH
            ComSpec=C:\WINDOWS\system32\cmd.exe
            FP_NO_HOST_CHECK=NO
            HOMEDRIVE=C:
            HOMEPATH=\Documents and Settings\Eigenaar
            LOGONSERVER=\\REALITYTRUTH
            NUMBER_OF_PROCESSORS=4
            OS=Windows_NT
            Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;F:\Program Files\QuickTime\QTSystem
            PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
            PROCESSOR_ARCHITECTURE=x86
            PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
            PROCESSOR_LEVEL=6
            PROCESSOR_REVISION=0f0b
            ProgramFiles=C:\Program Files
            PROMPT=$P$G
            QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
            SESSIONNAME=Console
            SystemDrive=C:
            SystemRoot=C:\WINDOWS
            TEMP=C:\DOCUME~1\Eigenaar\LOCALS~1\Temp
            TMP=C:\DOCUME~1\Eigenaar\LOCALS~1\Temp
            USERDOMAIN=REALITYTRUTH
            USERNAME=Eigenaar
            USERPROFILE=C:\Documents and Settings\Eigenaar
            windir=C:\WINDOWS


            -- User Profiles ---------------------------------------------------------------

            Eigenaar (admin)
            Administrator (admin)


            -- Add/Remove Programs ---------------------------------------------------------

            --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
            --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
            --> MsiExec /X{45820070-9BE5-4785-B770-A50F5240250B}
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{06E3E953-0570-4DFF-A7B5-46114C390228}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{888347B3-AEC5-4BB5-8BAB-781D72A57C73}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C229589D-CC1A-43FF-9507-CDED3AB85325}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8A544F4-AC5F-4B67-9C74-F3E976798797}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ECC3C64B-2A22-48C5-857B-E952D7BE64F5}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FBFF2411-D066-4D24-BCE0-893086009E1B}\setup.exe" -l0x13 /remove
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x13
            --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCCDA302-32D9-4AE7-A094-4BE677554F26}\setup.exe" -l0x13 /remove
            --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
            Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
            Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
            Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
            AGEIA PhysX v7.06.25 --> MsiExec.exe /X{45820070-9BE5-4785-B770-A50F5240250B}
            AOAEnglish Setup --> "F:\Program Files\AOA\unins000.exe"
            Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
            ASUSUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{587178E7-B1DF-494E-9838-FA4DD36E873C}\Setup.exe" -l0x9
            Attansic Ethernet Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\setup.exe" -l0x9 -removeonly
            Attansic L1 Gigabit Ethernet Driver --> rundll32.exe C:\WINDOWS\system32\Attansic\L1\atcInst.dll,AtcUninst C:\WINDOWS\system32\Attansic\L1 x86 1969 1048 L1
            AVG 7.5 --> C:\Program Files\Grisoft\AVG7\setup.exe /UNINSTALL
            Azureus Vuze --> F:\Azureus\uninstall.exe
            Beveiligingsupdate for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
            Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
            Beveiligingsupdate voor Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
            Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch --> C:\Program Files\InstallShield Installation Information\{E5141379-B2D9-4BBC-BB2A-5805541571DD}\setup.exe -runfromtemp -l0x0409
            Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch --> C:\Program Files\InstallShield Installation Information\{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}\setup.exe -runfromtemp -l0x0409
            Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch --> C:\Program Files\InstallShield Installation Information\{3BD633E0-4BF8-4499-9149-88F0767D449C}\setup.exe -runfromtemp -l0x0409
            Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch --> C:\Program Files\InstallShield Installation Information\{8503C901-85D7-4262-88D2-8D8B2A7B08B8}\setup.exe -runfromtemp -l0x0409
            CCleaner (remove only) --> "F:\Program Files\CCleaner\uninst.exe"
            CyberLink PowerDVD 8 --> "C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
            DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
            DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
            DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
            DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
            DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
            DriverAgent Plugin for Netscape by TouchStone Software --> RunDll32.exe advpack.dll, LaunchINFSection driveragent_np.inf,TVICHW32Remove
            FantasyTennis --> F:\Program Files\alaplaya\FantasyTennis\Uninstall.exe
            GTA San Andreas --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
            High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
            HijackThis 2.0.2 --> "F:\HijackThis\HijackThis.exe" /uninstall
            Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
            Hotfix voor Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
            Hotfix voor Windows XP (KB935448) --> "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
            ijji Auto Installer --> "C:\Program Files\InstallShield Installation Information\{1DCC7418-2089-4BDD-B321-3771956160FC}\setup.exe" -runfromtemp -l0x0009 -removeonly
            Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
            Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
            JMB36X Raid Configurer --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}\setup.exe" -l0x9 -removeonly
            Logitech QuickCam-software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C43048A9-742C-4DAD-90D2-E3B53C9DB825}\setup.exe" -l0x13
            Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x13 -removeonly
            Logitech® Camera-stuurprogramma --> "C:\Program Files\Common Files\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
            Loki --> "F:\Program Files\Cyanide\Loki\unins000.exe"
            Loki --> F:\Program Files\Cyanide\Loki\unins000.exe
            Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
            Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
            Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
            Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
            Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
            MSXML4 Parser --> MsiExec.exe /I{01501EBA-EC35-4F9F-8889-3BE346E5DA13}
            NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
            Outspark Launcher --> F:\Program Files\Outspark\Launcher\uninstall.exe
            Panda ActiveScan 2.0 --> C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
            PunkBuster Services --> C:\WINDOWS\system32\pbsvc.exe -u
            QuickTime --> MsiExec.exe /I{6EC874C2-F950-4B7E-A5B7-B1066D6B74AA}
            RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
            Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
            Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
            Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
            SpeedFan (remove only) --> "C:\Program Files\SpeedFan\uninstall.exe"
            System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
            TeamSpeak 2 RC2 --> "F:\Program Files\Teamspeak2_RC2\unins000.exe"
            Tom Clancy's Rainbow Six Vegas 2 --> "C:\Program Files\InstallShield Installation Information\{FD416706-875C-4B0B-A23A-9E740DAE029E}\setup.exe" -runfromtemp -l0x0009 -removeonly
            Trust Easy Scroll Silverline Keyboard --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{16C99E56-E294-4FF0-A05C-8AEF5229484D}\setup.exe" -l0x13
            Update voor Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
            Update voor Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
            Update voor Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
            Update voor Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
            Update voor Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
            Update voor Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
            Update voor Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
            Update voor Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
            Update voor Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
            Update voor Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
            Update voor Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
            Update voor Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
            Update voor Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
            Update voor Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
            Update voor Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
            Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
            Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
            VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
            Winamp --> "F:\Program Files\Winamp\UninstWA.exe"
            Windows Live aanmeldhulp --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
            Windows Live installer --> MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
            Windows Live Mail --> MsiExec.exe /I{DB8DEC88-4D53-4A3A-964A-D22509D27455}
            Windows Live Messenger --> MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
            Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
            Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
            WinRAR --> F:\winrar\uninstall.exe
            WolfTeam International --> "F:\Program Files\Softnyx\WolfTeam\unins000.exe"
            Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
            ZeroOnline --> C:\Program Files\InstallShield Installation Information\{D5B8B867-4D37-A73C-5858-18FDAB10D251}\setup.exe -runfromtemp -l0x0009 -removeonly


            -- Application Event Log -------------------------------------------------------

            Event Record #/Type4692 / Success
            Event Submitted/Written: 04/27/2008 02:34:37 PM
            Event ID/Source: 12001 / usnjsvc
            Event Description:
            The Messenger Sharing USN Journal Reader service started successfully.

            Event Record #/Type4630 / Success
            Event Submitted/Written: 04/25/2008 08:33:40 PM
            Event ID/Source: 12001 / usnjsvc
            Event Description:
            The Messenger Sharing USN Journal Reader service started successfully.

            Event Record #/Type4581 / Success
            Event Submitted/Written: 04/24/2008 09:56:39 PM
            Event ID/Source: 12001 / usnjsvc
            Event Description:
            The Messenger Sharing USN Journal Reader service started successfully.

            Event Record #/Type4508 / Success
            Event Submitted/Written: 04/22/2008 02:51:19 PM
            Event ID/Source: 12001 / usnjsvc
            Event Description:
            The Messenger Sharing USN Journal Reader service started successfully.

            Event Record #/Type4495 / Success
            Event Submitted/Written: 04/22/2008 11:26:57 AM
            Event ID/Source: 12001 / usnjsvc
            Event Description:
            The Messenger Sharing USN Journal Reader service started successfully.



            -- Security Event Log ----------------------------------------------------------

            No Errors/Warnings found.


            -- System Event Log ------------------------------------------------------------

            Event Record #/Type7938 / Error
            Event Submitted/Written: 04/27/2008 02:42:47 PM
            Event ID/Source: 10005 / DCOM
            Event Description:
            DCOM kreeg foutmelding '%%1084' bij het starten van de EventSystem-service met de argumenten ''
            om de server
            {1BE1F766-5536-11D1-B726-00C04FB926AF} te starten

            Event Record #/Type7937 / Error
            Event Submitted/Written: 04/27/2008 02:42:41 PM
            Event ID/Source: 7026 / Service Control Manager
            Event Description:
            De volgende opstartstuurprogramma's zijn niet geladen:
            AFD
            Avg7Core
            Avg7RsW
            Avg7RsXP
            Fips
            intelppm
            IPSec
            MRxSmb
            NetBIOS
            NetBT
            RasAcd
            Rdbss
            Tcpip

            Event Record #/Type7936 / Error
            Event Submitted/Written: 04/27/2008 02:42:41 PM
            Event ID/Source: 7001 / Service Control Manager
            Event Description:
            De IPSEC-services-service is afhankelijk van de IPSEC-stuurprogramma-service, die vanwege de volgende fout niet kan worden gestart:
            %%31

            Event Record #/Type7935 / Error
            Event Submitted/Written: 04/27/2008 02:42:41 PM
            Event ID/Source: 7001 / Service Control Manager
            Event Description:
            De TCP/IP NetBIOS Helper-service is afhankelijk van de AFD-service, die vanwege de volgende fout niet kan worden gestart:
            %%31

            Event Record #/Type7934 / Error
            Event Submitted/Written: 04/27/2008 02:42:41 PM
            Event ID/Source: 7001 / Service Control Manager
            Event Description:
            De DNS Client-service is afhankelijk van de Stuurprogramma voor TCP/IP-protocol-service, die vanwege de volgende fout niet kan worden gestart:
            %%31



            -- End of Deckard's System Scanner: finished at 2008-04-27 14:58:28 ------------


            ---RVAXO.exe Updated: 2008-04-27---first run---
            Uninstallers:

            Files found:
            C:\WINDOWS\wininit.ini
            C:\WINDOWS\system32\ijjiSetup.exe
            C:\Documents and Settings\All Users\Menu Start\Online Security Guide.url
            C:\Documents and Settings\All Users\Menu Start\Security Troubleshooting.url

            Folders Found:

            Hosts-file was reset, If you use a custom hosts file please replace it...

            --------------RVAXO.exe last run---------------
            Not deleted items:

            --------------RVAXO.exe finished----------------

            Comment


            • #7
              Start Hijackthis en vink alleen de volgende regels aan:
              R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
              O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.9 85.255.112.76
              O17 - HKLM\System\CS1\Services\Tcpip\..\{041287BD-1CCC-484E-99C4-74DE9AE75878}: NameServer = 85.255.114.9,85.255.112.76

              Sluit alle openstaande vensters(behalve Hijackthis) en klik op de knop "Fix checked".

              Ga naar het Configuratiescherm en klik op "Netwerkverbindingen". Rechtsklik op je standaard verbinding en kies "Eigenschappen".
              Klik op het tabblad "Algemeen" en dubbelklik op "Internet-Protocol (TCP/IP)". Selecteer "Automatisch een DNS-serveradres laten toewijzen".
              Ga naar Start – Uitvoeren en tik in "cmd"
              Druk op enter.
              Daarna tik je in: ipconfig /flushdns
              Druk op enter.
              Sluit het venster.

              Herstart je PC, post een nieuw logje en vertel of er nog problemen zijn
              Last edited by smeenk; 27-04-08, 23:49.

              Comment


              • #8
                uhm

                ik lees het net maaruhm over de automatish dns dan heb ik geen internet meer als ik dat doe. ik probeer het toch even laat het zo weten of ik het teruggezet heb of niet.

                Comment


                • #9
                  yup

                  internet doet het niet als ik het automatis zet want moet ip ook automatis zette maar dan verwijdert die duz alles. anyway hier is mijn hijackthis logje weer. denk dat me pc goed is alleen geluidprobleem is er nog soms

                  Logfile of Trend Micro HijackThis v2.0.2
                  Scan saved at 22:25:19, on 27-4-2008
                  Platform: Windows XP SP2 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                  Boot mode: Normal

                  Running processes:
                  C:\WINDOWS\System32\smss.exe
                  C:\WINDOWS\system32\winlogon.exe
                  C:\WINDOWS\system32\services.exe
                  C:\WINDOWS\system32\lsass.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\System32\svchost.exe
                  C:\WINDOWS\system32\spoolsv.exe
                  C:\WINDOWS\Explorer.EXE
                  C:\WINDOWS\RTHDCPL.EXE
                  C:\WINDOWS\system32\LVCOMSX.EXE
                  F:\quickcam\LogiTray.exe
                  C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
                  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
                  C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
                  C:\Program Files\Netropa\Onscreen Display\OSD.exe
                  C:\WINDOWS\system32\RUNDLL32.EXE
                  C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
                  F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
                  C:\WINDOWS\system32\CTHELPER.EXE
                  C:\WINDOWS\system32\CTXFIHLP.EXE
                  C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
                  C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
                  C:\WINDOWS\system32\ctfmon.exe
                  C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
                  F:\quickcam\FxSvr2.exe
                  C:\Program Files\Messenger\msmsgs.exe
                  F:\muissetpoint\SetPoint\SetPoint.exe
                  C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
                  C:\Program Files\Mozilla Firefox\firefox.exe
                  C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
                  C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
                  C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
                  C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
                  C:\WINDOWS\system32\nvsvc32.exe
                  C:\WINDOWS\system32\PnkBstrA.exe
                  C:\WINDOWS\system32\svchost.exe
                  C:\WINDOWS\system32\UAService7.exe
                  F:\HijackThis\HijackThis.exe

                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                  O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - F:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
                  O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
                  O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot
                  O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                  O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
                  O4 - HKLM\..\Run: [LogitechVideoRepair] "F:\quickcam\ISStart.exe"
                  O4 - HKLM\..\Run: [LogitechVideoTray] F:\quickcam\LogiTray.exe
                  O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
                  O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
                  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
                  O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
                  O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
                  O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
                  O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
                  O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
                  O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
                  O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
                  O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
                  O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
                  O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
                  O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
                  O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
                  O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
                  O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
                  O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
                  O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                  O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "F:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
                  O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                  O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\quickcam\ManifestEngine.exe" boot
                  O4 - HKCU\..\Run: [Veoh] "F:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
                  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
                  O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
                  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
                  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
                  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
                  O4 - Global Startup: Logitech SetPoint.lnk = F:\muissetpoint\SetPoint\SetPoint.exe
                  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                  O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
                  O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                  O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://fishingchamp.gamescampus.com/luncher/GamesCampus.cab
                  O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
                  O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-SG/a-UNO1/GAME_UNO1.cab
                  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195845588250
                  O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
                  O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
                  O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
                  O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX
                  O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
                  O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
                  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                  O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
                  O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
                  O17 - HKLM\System\CCS\Services\Tcpip\..\{5DB86065-98AC-41B8-8141-8B4A8C3F8068}: NameServer = 62.179.104.196,212.142.28.69
                  O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
                  O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
                  O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
                  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
                  O23 - Service: Kwari.xLoader - Unknown owner - C:\Documents.exe (file missing)
                  O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
                  O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                  O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
                  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - Unknown owner - F:\Program Files\Spyware Doctor\svcntaux.exe (file missing)
                  O23 - Service: PC Tools Security Service (sdCoreService) - Unknown owner - F:\Program Files\Spyware Doctor\swdsvc.exe (file missing)
                  O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

                  --
                  End of file - 9813 bytes

                  Comment


                  • #10
                    Verwijder deze regel nog met Hijackthis:
                    O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

                    Open een kladblokbestand.
                    Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

                    @ECHO OFF
                    SC DELETE Kwari.xLoader
                    SC DELETE sdAuxService
                    SC DELETE sdCoreService

                    Ga naar Bestand - Opslaan als.
                    Bij "Opslaan in" kies je: Bureaublad
                    Bij "Bestandsnaam" zet je: del.bat
                    Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
                    Klik op de knop Opslaan.

                    Dubbelklik op del.bat en post nadien een nieuw logje van Hijackthis

                    Comment


                    • #11
                      hier is die dan.

                      heb net ook een andere scanner gedownload .. wou ik even zeggen.


                      Logfile of Trend Micro HijackThis v2.0.2
                      Scan saved at 2:23:18, on 28-4-2008
                      Platform: Windows XP SP2 (WinNT 5.01.2600)
                      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                      Boot mode: Normal

                      Running processes:
                      C:\WINDOWS\System32\smss.exe
                      C:\WINDOWS\system32\winlogon.exe
                      C:\WINDOWS\system32\services.exe
                      C:\WINDOWS\system32\lsass.exe
                      C:\WINDOWS\system32\svchost.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\WINDOWS\system32\spoolsv.exe
                      C:\WINDOWS\Explorer.EXE
                      C:\WINDOWS\RTHDCPL.EXE
                      C:\WINDOWS\system32\LVCOMSX.EXE
                      F:\quickcam\LogiTray.exe
                      C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
                      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
                      C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
                      C:\Program Files\Netropa\Onscreen Display\OSD.exe
                      C:\WINDOWS\system32\RUNDLL32.EXE
                      C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
                      F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe
                      C:\WINDOWS\system32\CTHELPER.EXE
                      C:\WINDOWS\system32\CTXFIHLP.EXE
                      C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
                      C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
                      C:\WINDOWS\system32\ctfmon.exe
                      C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
                      F:\quickcam\FxSvr2.exe
                      C:\Program Files\Messenger\msmsgs.exe
                      F:\muissetpoint\SetPoint\SetPoint.exe
                      C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
                      C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
                      C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
                      C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
                      C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
                      C:\WINDOWS\system32\nvsvc32.exe
                      C:\WINDOWS\system32\PnkBstrA.exe
                      C:\WINDOWS\system32\svchost.exe
                      C:\WINDOWS\system32\UAService7.exe
                      F:\Xfire\xfire.exe
                      C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
                      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
                      C:\Program Files\Windows Live\Messenger\usnsvc.exe
                      F:\Lavasoft\Ad-Aware 2007\LSUpdateManager.exe
                      F:\Lavasoft\Ad-Aware 2007\aawservice.exe
                      F:\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
                      C:\Program Files\Mozilla Firefox\firefox.exe
                      F:\HijackThis\HijackThis.exe

                      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                      O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                      O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
                      O4 - HKLM\..\Run: [36X Raid Configurer] "C:\WINDOWS\system32\xRaidSetup.exe" boot
                      O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                      O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
                      O4 - HKLM\..\Run: [LogitechVideoRepair] "F:\quickcam\ISStart.exe"
                      O4 - HKLM\..\Run: [LogitechVideoTray] F:\quickcam\LogiTray.exe
                      O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
                      O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
                      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
                      O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
                      O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
                      O4 - HKLM\..\Run: [PHIME2002ASync] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /SYNC
                      O4 - HKLM\..\Run: [PHIME2002A] "C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" /IMEName
                      O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
                      O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
                      O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
                      O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
                      O4 - HKLM\..\Run: [AVG7_CC] "C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" /STARTUP
                      O4 - HKLM\..\Run: [RemoteControl8] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\PDVD8Serv.exe"
                      O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "F:\Program Files\CyberLink\PowerDVD8\PowerDVD8\Language\Language.exe"
                      O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
                      O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
                      O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
                      O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
                      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
                      O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "F:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
                      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                      O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\quickcam\ManifestEngine.exe" boot
                      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
                      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Lokale service')
                      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
                      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
                      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
                      O4 - Global Startup: Logitech SetPoint.lnk = F:\muissetpoint\SetPoint\SetPoint.exe
                      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O16 - DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} (GamesCampus Control) - http://fishingchamp.gamescampus.com/luncher/GamesCampus.cab
                      O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
                      O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-SG/a-UNO1/GAME_UNO1.cab
                      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1195845588250
                      O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
                      O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
                      O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
                      O16 - DPF: {77538FC7-CE52-4704-9865-494FE92BC320} (LaunchUBO.Ulit) - http://www.ultimatebaseballonline.com/myubo/launchubo.OCX
                      O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
                      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
                      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
                      O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
                      O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
                      O17 - HKLM\System\CCS\Services\Tcpip\..\{5DB86065-98AC-41B8-8141-8B4A8C3F8068}: NameServer = 62.179.104.196,212.142.28.69
                      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - F:\Lavasoft\Ad-Aware 2007\aawservice.exe
                      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
                      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
                      O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
                      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
                      O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
                      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
                      O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
                      O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

                      --
                      End of file - 9564 bytes

                      Comment


                      • #12
                        Logje ziet er goed uit

                        Doe dit nog:

                        Download ATF cleaner (mirror)(gemaakt door Atribune)

                        Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

                        Dubbelklik op ATF cleaner om het programma te starten.
                        Op het tabblad "Main", plaats je een vinkje bij Select All.
                        Klik op de knop Empty Selected.

                        Het volgende doen als je ook FireFox als browser hebt:
                        Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                        Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                        (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                        Klik op de knop Empty Selected.

                        Het volgende doen als je ook Opera als browser hebt:
                        Klik op tabblad "Opera", plaats een vinkje bij Select All.
                        Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                        Klik op de knop Empty Selected.
                        Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                        Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
                        Kijk hier hoe je je systeemherstel moet uitschakelen.
                        Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

                        Zijn alle problemen nu voorbij?

                        Comment


                        • #13
                          mm

                          ik gebruik atf allang anyway enigste probleem is dat geluid.... maarja voor de rest is het goed. duz slotje.

                          Comment


                          • #14
                            Prima

                            Comment

                            Sorry, you are not authorized to view this page
                            Working...
                            X