Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

Annaliseren van Logfile HijackThis

pimvandenderen
4 antwoorden
  • Beste leden,

    Via het blad "Tips & Trucs" - Snel aan de Slag" - vernam ik dat men een Logfile van HijackThis hier kan plaatsen ter annalisering.

    Dit gedaan zijnde vraag ik met deze aan de bevoegde personen of mijn file kan worden gecheckt, daar ik zeer veel moeilijkheden heb met het gebruik van mijn PC. = zeer traag in alle bewerkingen / uitvallen van het gebruikte programma / opgeslagen Info wordt automatisch verwijderd / enz….

    Dank bij voorbaat.
    Flamingo.
    ************************************************************
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:22:08, on 28/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
    C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    C:\PROGRA~1\INFF4F~1\avgcc.exe
    C:\Program Files\PC - Waakhond - WinPatrol\winpatrol.exe
    C:\Program Files\PC - Unlocker\Unlocker\UnlockerAssistant.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Garmin\gStart.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgmain.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgbhp.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\INFF4F~1\avgamsvr.exe
    C:\PROGRA~1\INFF4F~1\avgupsvc.exe
    C:\PROGRA~1\INFF4F~1\avgemc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\SiteAdvisor\6066\SAService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\PC - Opkuiser - HiJackThis\Versie V2\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\Internet - SpywareGuard\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\INTERN~4\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\INFF4F~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\PC - Waakhond - WinPatrol\winpatrol.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Adobe Reader 8.1\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\PC - Unlocker\Unlocker\UnlockerAssistant.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\INFF4F~1\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-20\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgmain.exe
    O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: EasyRead + - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomIn.js
    O8 - Extra context menu item: EasyRead - - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomOut.js
    O8 - Extra context menu item: Validate HTML - C:\Program Files\Internet - Easy Reader\Easy Read\HTMLValidate.js
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin
    pjpi150_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin
    pjpi150_03.dll
    O9 - Extra button: Validate HTML - {18FEB505-909D-453E-9C0A-BF671EA8BD30} - C:\Program Files\Internet - Easy Reader\Easy Read\HTMLValidate.js
    O9 - Extra button: Iconico.com - {888BBE66-F146-47A7-A3F5-AA3C1A816319} - C:\Program Files\Internet - Easy Reader\Easy Read\Iconico.js
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Zoom In - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomIn.js
    O9 - Extra button: Zoom Out - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomOut.js
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Internet - AVG Free\AVG Anti-Spyware 7.5\guard.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\INFF4F~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\INFF4F~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\INFF4F~1\avgemc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
    O23 - Service: Windows Defender (WinDefend) - Unknown owner - C:\Program Files\Windows Defender\MsMpEng.exe (file missing)


    End of file - 10420 bytes

    ************************************************************
  • Welkom op Computertotaal! :D

    Ik zie zo snel geen problemen in je logfile, klopt het dat je AVG Anti Spyware en Windows Defender niet meer gebruikt?

    Draai de volgende tool even om meer duidelijkheid te krijgen :D

    Download Deckard's System Scanner naar je [b:fc2937abb6]Bureaublad[/b:fc2937abb6]

    [list:fc2937abb6]
    Sluit alle toepassingen en vensters.
    [b:fc2937abb6]Dubbelklik[/b:fc2937abb6] op [b:fc2937abb6]dss.exe[/b:fc2937abb6] om het te activeren, en volg de aanwijzingen.
    Wanneer de scan volledig is, zal een tekstbestand - [b:fc2937abb6]main.txt[/b:fc2937abb6] - openen.
    Kopiëer [b:fc2937abb6]Ctrl+A gevolgd door Ctrl+C[/b:fc2937abb6]) en plak ([b:fc2937abb6]Ctrl+V[/b:fc2937abb6]) de inhoud van [b:fc2937abb6]main.txt[/b:fc2937abb6] in je volgende antwoord.
    [/list:u:fc2937abb6]
    Opmerking:[/color:fc2937abb6] Sommige firewalls [b:fc2937abb6]kunnen[/b:fc2937abb6] waarschuwen dat [b:fc2937abb6]sigcheck.exe[/b:fc2937abb6] probeert verbinding te maken met het internet
    - zorg dat [b:fc2937abb6]sigcheck.exe[/b:fc2937abb6] toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

    Pim
  • move naar B&P
  • Beste pimvandederen,
    Heb uitgevoerd zoals gevraagd :
    1. AVG Antispyware is werkend maar was van juni geleden.
    2. Windows Defender gaf een "error" en kon niet meer werken (???). Heb het volledige verwijderd en het laatste nieuwe geinstalleerd.
    3. Deckard = HijackThis ???
    4. Hieronder de gevraagde scan van Dackard :
    ************************************************************
    Deckard's System Scanner v20070826.66
    Run by Eric on 2007-08-29 17:00:00
    Computer is in Normal Mode.
    ——————————————————————————–



    – HijackThis (run as Eric.exe) ————————————————

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:00:03, on 29/08/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
    C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    C:\PROGRA~1\INFF4F~1\avgcc.exe
    C:\Program Files\PC - Waakhond - WinPatrol\winpatrol.exe
    C:\Program Files\PC - Unlocker\Unlocker\UnlockerAssistant.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Garmin\gStart.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
    C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgmain.exe
    C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgbhp.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
    C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
    C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\PROGRA~1\INFF4F~1\avgamsvr.exe
    C:\PROGRA~1\INFF4F~1\avgupsvc.exe
    C:\PROGRA~1\INFF4F~1\avgemc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\SiteAdvisor\6066\SAService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\BIB - DVD - MovieOrganizer\main.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\PS - System Scan\dss.exe
    C:\PROGRA~1\PC-OPK~1\VERSIE~1\Eric.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\Internet - SpywareGuard\SpywareGuard\dlprotect.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\INTERN~4\SPYBOT~1\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
    O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
    O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
    O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\INFF4F~1\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\PC - Waakhond - WinPatrol\winpatrol.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Adobe Reader 8.1\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\PC - Unlocker\Unlocker\UnlockerAssistant.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\INFF4F~1\avgw.exe /RUNONCE (User 'Lokale service')
    O4 - HKUS\S-1-5-19\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-20\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - HKUS\.DEFAULT\..\RunOnce: [IE7] rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgmain.exe
    O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
    O4 - Global Startup: hpoddt01.exe.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: EasyRead + - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomIn.js
    O8 - Extra context menu item: EasyRead - - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomOut.js
    O8 - Extra context menu item: Validate HTML - C:\Program Files\Internet - Easy Reader\Easy Read\HTMLValidate.js
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin
    pjpi150_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin
    pjpi150_03.dll
    O9 - Extra button: Validate HTML - {18FEB505-909D-453E-9C0A-BF671EA8BD30} - C:\Program Files\Internet - Easy Reader\Easy Read\HTMLValidate.js
    O9 - Extra button: Iconico.com - {888BBE66-F146-47A7-A3F5-AA3C1A816319} - C:\Program Files\Internet - Easy Reader\Easy Read\Iconico.js
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Zoom In - {A0E6D3BD-A661-447D-8634-0751467857F3} - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomIn.js
    O9 - Extra button: Zoom Out - {AEBB571B-4C48-438D-808D-999F168CDECE} - C:\Program Files\Internet - Easy Reader\Easy Read\ZoomOut.js
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com
    dqemea/downloads/sysinfo.cab
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
    O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Program Files\Internet - AVG Free\AVG Anti-Spyware 7.5\guard.exe (file missing)
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\INFF4F~1\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\INFF4F~1\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\INFF4F~1\avgemc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
    O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe


    End of file - 10623 bytes

    – Files created between 2007-07-29 and 2007-08-29 —————————–

    2007-08-29 16:48:24 0 d——– C:\Program Files\PS - System Scan
    2007-08-29 16:28:52 0 d——– C:\Program Files\Windows Defender
    2007-08-27 23:13:42 0 d——– C:\Documents and Settings\Eric\Application Data\Feedreader
    2007-08-27 23:11:06 0 d——– C:\Program Files\Internet - RSS - Feedreader
    2007-08-27 22:52:55 0 d——– C:\Program Files\Internet - Wachtwoorden PassVieuw
    2007-08-27 22:50:07 0 d——– C:\Documents and Settings\Eric\SecurityScans
    2007-08-27 22:45:54 0 d——– C:\Program Files\PC - Beveiliging - Kontrole MBSA
    2007-08-18 11:08:52 0 d——– C:\WINDOWS\system32\NtmsData
    2007-08-18 10:12:04 0 d——– C:\Documents and Settings\Eric\Application Data\JAM Software
    2007-08-18 09:56:44 0 d——– C:\Program Files\PC - Inhoud - Process Monitor
    2007-08-18 09:39:55 0 d——– C:\Program Files\PC - Inhoud - Treesize
    2007-08-17 20:06:22 0 d——– C:\WINDOWS\system32\LogFiles
    2007-08-16 15:14:12 2560 –a—— C:\WINDOWS\_MSRSTRT.EXE
    2007-08-16 15:11:30 0 d——– C:\Program Files\Common Files\Stardock
    2007-08-16 12:44:02 0 d——– C:\Program Files\MSXML 6.0
    2007-08-16 12:42:45 0 d——– C:\Program Files\MSXML 4.0
    2007-08-10 19:24:44 0 d——– C:\Program Files\PC - Cam - Gadwin
    2007-08-10 15:47:55 0 d——– C:\Program Files\Internet - Spyware Doctor
    2007-08-10 15:47:55 0 d——– C:\Documents and Settings\Eric\Application Data\PC Tools
    2007-08-10 15:42:58 0 d——– C:\Documents and Settings\All Users\Application Data\Google Updater
    2007-08-09 23:35:20 0 d——– C:\Virtual
    2007-08-09 23:04:09 9175040 –a—— C:\Documents and Settings\Eric
    tuser.dat
    2007-08-03 19:54:06 1759 –a—— C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
    2007-08-03 19:30:54 0 d——– C:\Documents and Settings\Eric\Application Data\Apple Computer
    2007-08-03 19:29:49 0 d——– C:\Documents and Settings\All Users\Application Data\Apple Computer
    2007-08-03 19:29:36 0 d——– C:\Program Files\Apple Software Update
    2007-08-03 19:29:28 0 d——c- C:\WINDOWS\system32\DRVSTORE
    2007-08-03 19:29:14 0 d——– C:\Program Files\Common Files\Apple
    2007-08-03 19:29:13 0 d——– C:\Documents and Settings\All Users\Application Data\Apple
    2007-08-03 18:32:46 0 d——– C:\Program Files\Foto - Photo Story
    2007-08-03 18:10:09 0 d——– C:\Program Files\Foto - Light Artist
    2007-08-03 16:07:21 0 d——– C:\Program Files\PC - Chm-Decompiler
    2007-08-02 22:43:33 176235 –a—— C:\WINDOWS\system32\Primomonnt.dll
    2007-08-02 22:43:30 0 d——– C:\WINDOWS\PrimoPDF
    2007-08-02 22:31:58 0 d——– C:\Program Files\PC - Printer PDF
    2007-08-02 21:25:52 0 d——– C:\Documents and Settings\All Users\Application Data\Nero
    2007-08-02 18:06:15 261392 –a—— C:\WINDOWS\system32\MSXB3032.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 199440 –a—— C:\WINDOWS\system32\MSXL3032.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 290816 –a—— C:\WINDOWS\system32\MSXBSE35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 113424 –a—— C:\WINDOWS\system32\MSTX3032.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 166912 –a—— C:\WINDOWS\system32\MSTEXT35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 226576 –a—— C:\WINDOWS\system32\MSPX3032.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 253952 –a—— C:\WINDOWS\system32\MSPDOX35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 169984 –a—— C:\WINDOWS\system32\MSLTUS35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:14 144144 –a—— C:\WINDOWS\system32\MSLT3032.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 59504 –a—— C:\WINDOWS\system32\VBDB32.DLL <Not Verified; Microsoft Corporation; Visual Basic 4.0>
    2007-08-02 18:06:13 368912 –a—— C:\WINDOWS\system32\VBAR332.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
    2007-08-02 18:06:13 243984 –a—— C:\WINDOWS\system32\VBAR2232.DLL <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Applications>
    2007-08-02 18:06:13 721168 –a—— C:\WINDOWS\system32\VB40032.DLL <Not Verified; Microsoft Corporation; Visual Basic 4.0>
    2007-08-02 18:06:13 28832 –a—— C:\WINDOWS\system32\ORGAPI.DLL <Not Verified; Lotus Development Corporation; Organizer 2.1 API>
    2007-08-02 18:06:13 77824 –a—— C:\WINDOWS\system32\ODBCTL32.DLL <Not Verified; Microsoft Corporation; Microsoft Open Database Connectivity>
    2007-08-02 18:06:13 302352 –a—— C:\WINDOWS\system32\MSWNG300.DLL <Not Verified; Microsoft Corporation; Microsoft® Access>
    2007-08-02 18:06:13 403216 –a—— C:\WINDOWS\system32\MSREPL35.DLL <Not Verified; Microsoft Corporation; Microsoft® Access>
    2007-08-02 18:06:13 251664 –a—— C:\WINDOWS\system32\MSRD2X35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 250640 –a—— C:\WINDOWS\system32\MSRD2X32.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 24336 –a—— C:\WINDOWS\system32\MSJTER35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 23824 –a—— C:\WINDOWS\system32\MSJTER32.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 1015568 –a—— C:\WINDOWS\system32\MSJT3032.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 37136 –a—— C:\WINDOWS\system32\MSJINT35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 35600 –a—— C:\WINDOWS\system32\MSJINT32.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet Database Engine>
    2007-08-02 18:06:13 1039360 –a—— C:\WINDOWS\system32\MSJET35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 254976 –a—— C:\WINDOWS\system32\MSEXCL35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 532240 –a—— C:\WINDOWS\system32\MSEXCH35.DLL <Not Verified; Microsoft Corporation; Microsoft® Jet>
    2007-08-02 18:06:13 215040 –a—— C:\WINDOWS\system32\HDK3CTNT.DLL <Not Verified; Virtual Media Technology P/L; HDK>
    2007-08-02 18:06:13 232448 –a—— C:\WINDOWS\system32\HDK3CT32.DLL <Not Verified; Virtual Media Technology Pty Ltd; HDK3>
    2007-08-02 18:06:13 114176 –a—— C:\WINDOWS\system32\HDK3ANIM.DLL <Not Verified; Virtual Media Technology P/L; HDK>
    2007-08-02 18:06:13 133120 –a—— C:\WINDOWS\system32\HDK3AN32.DLL <Not Verified; Virtual Media Technology P/L; HDK>
    2007-08-02 14:01:06 30088 –a—— C:\WINDOWS\system32\drivers\irstusb.sys <Not Verified; SigmaTel, Inc.; SigmaTel STIr>
    2007-08-02 14:01:05 0 d——– C:\WINDOWS\USB-IrDA
    2007-07-31 17:47:50 0 d——– C:\Documents and Settings\Eric\Application Data\Music Label
    2007-07-31 17:47:28 0 d——– C:\Documents and Settings\All Users\Application Data\TEMP
    2007-07-31 17:17:57 0 d——– C:\Program Files\BIB - CD - CD-Menu
    2007-07-31 16:38:07 0 d——– C:\Program Files\PC - Opkuiser - MyUninstaller
    2007-07-31 14:41:27 0 d——– C:\Program Files\MediaMonkey
    2007-07-31 14:40:34 0 d——– C:\Downloads
    2007-07-31 14:40:34 0 d——– C:\Documents and Settings\Eric\Application Data\GetRightToGo
    2007-07-29 20:41:34 0 d——– C:\Documents and Settings\All Users\Application Data\Ahead


    – Find3M Report —————————————————————

    2007-08-29 15:21:10 0 d——– C:\Program Files\BIB - DVD - MovieOrganizer
    2007-08-29 13:48:05 0 d——– C:\Program Files\Internet - AVG Anti-Virus
    2007-08-29 13:47:44 0 d——– C:\Documents and Settings\Eric\Application Data\AVG7
    2007-08-28 19:55:30 0 d——– C:\Program Files\Google
    2007-08-28 14:16:38 0 d——– C:\Program Files\PC - Autosizer
    2007-08-23 12:20:24 0 d——– C:\Documents and Settings\Eric\Application Data\XnView
    2007-08-23 11:05:57 0 d——– C:\Documents and Settings\Eric\Application Data\ZoomBrowser EX
    2007-08-17 20:13:22 506190 –a—— C:\WINDOWS\system32\perfh013.dat
    2007-08-17 20:13:22 89972 –a—— C:\WINDOWS\system32\perfc013.dat
    2007-08-17 20:12:07 0 d——– C:\Program Files\tools
    2007-08-17 16:12:09 0 d——– C:\Documents and Settings\Eric\Application Data\SiteAdvisor
    2007-08-16 15:11:30 0 d-a—— C:\Program Files\Common Files
    2007-08-13 21:21:02 0 d——– C:\Program Files\PC - Unlocker
    2007-08-10 12:59:50 0 d——– C:\Program Files\PC - Drivers
    2007-08-03 20:06:14 0 d——– C:\Program Files\PC - Cam - Studio
    2007-08-03 12:28:35 0 d——– C:\Program Files\Easy Computing
    2007-08-02 21:28:23 0 d——– C:\Program Files\Common Files\Ahead
    2007-08-02 14:01:05 0 d–h—– C:\Program Files\InstallShield Installation Information
    2007-07-31 16:19:32 0 d——– C:\Documents and Settings\Eric\Application Data\Locate32
    2007-07-31 00:55:26 0 d——– C:\Program Files\PC - Locate 32
    2007-07-31 00:39:33 0 d——– C:\Program Files\PC - Inhoud - Autoruns
    2007-07-31 00:38:08 0 d——– C:\Program Files\PC - Opkuiser - HiJackThis
    2007-07-31 00:34:51 0 d——– C:\Program Files\PC - Opkuiser - CCleaner
    2007-07-31 00:33:38 0 d——– C:\Program Files\AUDIO - MediaCoder
    2007-07-31 00:32:03 0 d——– C:\Program Files\PC - Cam - Faststone
    2007-07-31 00:29:56 0 d——– C:\Program Files\Belarc
    2007-07-31 00:15:32 0 d——– C:\Program Files\Windows Media Player VLC
    2007-07-31 00:08:41 0 d——– C:\Program Files\Recovery - Recuva
    2007-07-30 23:58:41 0 d——– C:\Program Files\PC - Easy Cleaner
    2007-07-29 20:41:34 0 d——– C:\Documents and Settings\Eric\Application Data\Ahead
    2007-07-28 10:13:37 0 d——– C:\Program Files\AUDIO - MP3 Direct Cut
    2007-07-28 09:30:07 0 d——– C:\Program Files\Multimedia MMCompVieuw
    2007-07-27 17:52:17 0 d——– C:\Program Files\Video - Decryptor
    2007-07-27 17:42:58 0 d——– C:\Program Files\Video - FAB Decryptor
    2007-07-27 17:38:22 0 d——– C:\Program Files\DVD - Free DVD
    2007-07-24 19:54:19 286720 —–n— C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>
    2007-07-12 20:35:30 0 d——– C:\Program Files\Foto - ClearSkinFX
    2007-07-12 20:02:48 0 d——– C:\Program Files\Foto - MS-Groupshot
    2007-07-10 17:31:43 0 d——– C:\Documents and Settings\Eric\Application Data\Sun
    2007-07-10 17:30:55 0 d——– C:\Program Files\Java
    2007-07-10 16:57:06 0 d——– C:\Program Files\Internet - Windows Spyware
    2007-07-08 09:02:55 0 d——– C:\Program Files\PC - Inhoud - SIW
    2007-07-07 13:42:55 0 d——– C:\Program Files\Recovery - Foto Art Plus
    2007-07-04 10:08:40 0 d——– C:\Program Files\Windows Component Checker
    2007-06-29 14:33:05 0 d——– C:\Documents and Settings\Eric\Application Data\Personal Video Database
    2007-06-29 14:32:54 0 d——– C:\Program Files\BIB - DVD - Personal Video Database


    – Registry Dump —————————————————————

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [22/01/2007 12:12 C:\WINDOWS\system32\HDAShCut.exe]
    "TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [20/12/2006 01:34]
    "AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [20/12/2006 00:19]
    "Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [20/12/2006 01:12]
    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6066\SiteAdv.exe" [30/03/2007 17:42]
    "AVG7_CC"="C:\PROGRA~1\INFF4F~1\avgcc.exe" [16/08/2007 11:13]
    "WinPatrol"="C:\Program Files\PC - Waakhond - WinPatrol\winpatrol.exe" [09/12/2004 21:12]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Adobe Reader 8.1\Reader\Reader_sl.exe" [11/05/2007 03:06]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01/03/2007 15:57]
    "UnlockerAssistant"="C:\Program Files\PC - Unlocker\Unlocker\UnlockerAssistant.exe" [07/09/2006 19:19]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [03/11/2006 19:20]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [02/03/2006 14:00]
    "gStart"="C:\Garmin\gStart.exe" [04/03/2007 23:08]

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
    "IE7"=rundll32 advpack.dll,LaunchINFSection IE7.inf,FirstUserStart
    "ShowDeskFix"=regsvr32 /s /n /i:u shell32

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "AVG7_Run"=C:\PROGRA~1\INFF4F~1\avgw.exe /RUNONCE

    C:\Documents and Settings\Eric\Menu Start\Programma's\Opstarten\
    SpywareGuard.lnk - C:\Program Files\Internet - SpywareGuard\SpywareGuard\sgmain.exe [29/08/2003 19:05:35]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [6/04/2003 0:37:10]
    hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [6/04/2003 1:06:58]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=0 (0x0)

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"= msv1_0 relog_ap

    *Newly Created Service* - WINDEFEND



    – End of Deckard's System Scanner: finished at 2007-08-29 17:00:21 ————

    **********************************************************
    U op voorhand dankende.
    Flamingo

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.