Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

missing windows files

pimvandenderen
10 antwoorden
  • hallo,

    Ik ging gister maar eens checken waarom mijn systeem ineens zo sloom ging(vooral tijdens het opstarten). en af en toe een blue screen gaf…

    proc: E6600
    mobo: MSI 965 neo-F
    vcard: EVGA 8800 GTS 640 mb
    RAM: 4 gig(4x pc2-6400, me bios is geflashed zodat hij deze ook goed aankan)
    hd: 2x 320 gig WD

    Windows vista ultimate x64(met alle updates) + NOD32 geupdate

    Aan de hardware kon het niet echt liggen dus toen heb ik maar hijackthis gedraait…

    Deze gaf mij een een prachtige log:

    [quote:a333929f89]Logfile of Trend Micro HijackThis v2.0.2
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe
    C:\Program Files (x86)\BitTorrent_DNA\dna.exe
    C:\Program Files (x86)\ESET
    od32kui.exe
    C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
    [b:a333929f89]O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)[/b:a333929f89]
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [AceGain LiveUpdate] "C:\Program Files (x86)\Games\Battlefield Vietnam\AceGain-LiveUpdate\LiveUpdate.exe"
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~2\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files (x86)\BitTorrent_DNA\dna.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    [i:a333929f89]O13 - Gopher Prefix: [/i:a333929f89]
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    [b:a333929f89]O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)[/b:a333929f89]
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: [i:a333929f89]##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe[/i:a333929f89]
    [b:a333929f89]O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)[/b:a333929f89]
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    [i:a333929f89]O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe[/i:a333929f89]
    [b:a333929f89]O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
    [b:a333929f89]O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)[/b:a333929f89]
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    [b:a333929f89]O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset
    od32krn.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    [b:a333929f89]O23 - Service: Instinct Drivers Auto Removal (pr2ae5eb) (pr2ae5eb) - Unknown owner - C:\Windows\system32\pr2ae5eb.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) [/b:a333929f89](
    [b:a333929f89]O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)[/b:a333929f89]
    [b:a333929f89]O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)[/b:a333929f89]


    End of file - 11607 bytes[/quote:a333929f89]

    Hieruit werd ik een stukje wijzer, want hij verteld mij dat een deel van mijn windows files gewoon verdwenen zijn??? :o (zie dik gedrukte zinnen :wink: )
    met een klein beetje kennis weet ik dat een aantal van deze processen nog aardig belangrijk zijn voor het goed draaien van mijn systeem :evil: .
    Toen heb ik in een ander artikel toevallig iemand met hetzelfde probleem gevonden, echter heeft deze een advies gekregen maar heeft nooit meer gereageert :evil:
    (http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1239563#1239563)
    Echter heeft deze oplossing voor mij geen nut aangezien als ik het gegeven scan tooltje gebruik ik tijdens de laatste scan vastloop op een bepaalde file/directory… :-?
    (na zo'n 70 min. heb ik dit opgegeven en de scan gestopt, ik weet dat hij op die file bleef haken aangezien het getal onderaan het scanprogr niet veranderde eveneens als de scan directory. :wink: )

    Daarom wil ik vragen of iemand mij hiermee nog kan helpen en een ander tooltje kan aanraden of iets dergelijks… :oops:
    Want om mijn hd opnieuw te installeren zou heel veel tijd inbeslag nemen… :evil: met het risico dat ik weer in dezelfde rotzooi terecht kom(niet dat ik op echt veel onbetrouwbare sites terecht kom, maarja soms loop je toch iets op op de normaalste sites… :x )

    [quote:a333929f89]Daarnaast heb ik ook nog de vraag of mensen weten wat de drie schuingedrukte processen zijn?[/quote:a333929f89]
    Ik hoop dat iemand mij hierbij kan helpen :) ,

    Mvg,
    Andries
  • Omdat Vista vrij nieuw is herkent Hijackthis niet alle entry's. In jou geval is de (file missing) bij de regels een 'foutje' van Hijackthis, niks om je
    zorgen over te maken dus. :)

    Ik zie verder geen rare dingen in je log, doe het volgende eens:

    Download Deckard's System Scanner naar je [b:d580db47ec]Bureaublad[/b:d580db47ec]

    [list:d580db47ec]
    Sluit alle toepassingen en vensters.
    [b:d580db47ec]Dubbelklik[/b:d580db47ec] op [b:d580db47ec]dss.exe[/b:d580db47ec] om het te activeren, en volg de aanwijzingen.
    Wanneer de scan volledig is, zal een tekstbestand - [b:d580db47ec]main.txt[/b:d580db47ec] - openen.
    Kopiëer [b:d580db47ec]Ctrl+A gevolgd door Ctrl+C[/b:d580db47ec]) en plak ([b:d580db47ec]Ctrl+V[/b:d580db47ec]) de inhoud van [b:d580db47ec]main.txt[/b:d580db47ec] in je volgende antwoord.
    [/list:u:d580db47ec]
    Opmerking:[/color:d580db47ec] Sommige firewalls [b:d580db47ec]kunnen[/b:d580db47ec] waarschuwen dat [b:d580db47ec]sigcheck.exe[/b:d580db47ec] probeert verbinding te maken met het internet
    - zorg dat [b:d580db47ec]sigcheck.exe[/b:d580db47ec] toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

    Succes!

    Pim
  • ok, dat klinkt goed opzich :P
    Bedankt tot nog toe alvast :P
    Dat verklaard dan nog niet waarom ik BSOD's krijg… en IE zichzelf soms herstart vanwege een fout?

    Maarre hier is de uitslaf van main.txt:

    [quote:8bc02cc4eb]Deckard's System Scanner v20070905.67
    Run by andries on 2007-09-27 19:24:13
    Computer is in Normal Mode.
    ——————————————————————————–

    – Last 5 Restore Point(s) –
    16: 2007-09-27 14:29:43 UTC - RP132 - Made by Registry Mechanic
    15: 2007-09-27 14:28:14 UTC - RP131 - Shockwave Player
    14: 2007-09-27 14:27:52 UTC - RP130 -
    13: 2007-09-27 14:14:57 UTC - RP129 - Installed EA Download Manager
    12: 2007-09-27 10:42:39 UTC - RP128 - Windows Update


    – First Restore Point –
    1: 2007-09-24 16:48:44 UTC - RP117 - Installed Tom Clancy's Splinter Cell Double Agent


    Backed up registry hives.
    Performed disk cleanup.

    System Drive C: has 35.99 GiB (less than 15%) free.[/color:8bc02cc4eb]


    – HijackThis (run as andries.exe) ———————————————

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 7:32:30 PM, on 9/27/2007
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Nero\PhotoShow 5\data\Xtras\mssysmgr.exe
    C:\Program Files (x86)\BitTorrent_DNA\dna.exe
    C:\Program Files (x86)\ESET
    od32kui.exe
    C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe
    C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
    C:\Users\andries\Desktop\dss.exe
    C:\Windows\SysWOW64\conime.exe
    C:\PROGRA~2\HIJACK~1\andries.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    F2 - REG:system.ini: UserInit=userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GRA8E1~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files (x86)\Eset
    od32kui.exe" /WAITSERVICE
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Norton Ghost 12.0] "C:\Program Files (x86)\Norton Ghost\Agent\VProTray.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
    O4 - HKLM\..\Run: [AceGain LiveUpdate] "C:\Program Files (x86)\Games\Battlefield Vietnam\AceGain-LiveUpdate\LiveUpdate.exe"
    O4 - HKCU\..\Run: [Nero PhotoShow Media Manager] C:\PROGRA~2\Nero\PHOTOS~1\data\Xtras\mssysmgr.exe
    O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files (x86)\BitTorrent_DNA\dna.exe"
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [EA Core] C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
    O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
    O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
    O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O13 - Gopher Prefix:
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.6.108.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GR99D3~1.DLL
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files (x86)\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: @%SystemRoot%\System32
    etlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files (x86)\Eset
    od32krn.exe
    O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files (x86)\Norton Ghost\Agent\VProSvc.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: Instinct Drivers Auto Removal (pr2ae5eb) (pr2ae5eb) - Unknown owner - C:\Windows\system32\pr2ae5eb.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


    End of file - 11544 bytes

    – HijackThis Fixed Entries (C:\PROGRA~2\HIJACK~1\backups\) ——————–

    backup-20070927-165927-621 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    backup-20070927-165927-842 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    backup-20070927-165927-925 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

    – File Associations ———————————————————–

    .js - jsfile - DefaultIcon - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe",7[/color:8bc02cc4eb]
    .js - jsfile - shell\open\command - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"[/color:8bc02cc4eb]


    – Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ———————

    R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys (file missing)
    R0 atapi (IDE Channel) - c:\windows\system32\drivers\atapi.sys (file missing)
    R0 CLFS (Common Log (CLFS)) - c:\windows\system32\clfs.sys (file missing)
    R0 crcdisk (Crcdisk Filter Driver) - c:\windows\system32\drivers\crcdisk.sys (file missing)
    R0 disk (Disk Driver) - c:\windows\system32\drivers\disk.sys (file missing)
    R0 Ecache (ReadyBoost Caching Driver) - c:\windows\system32\drivers\ecache.sys (file missing)
    R0 FileInfo (File Information FS MiniFilter) - c:\windows\system32\drivers\fileinfo.sys (file missing)
    R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys (file missing)
    R0 fvevol (BitLocker Drive Encryption Filter Driver) - c:\windows\system32\drivers\fvevol.sys (file missing)
    R0 intelide - c:\windows\system32\drivers\intelide.sys (file missing)
    R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys (file missing)
    R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys (file missing)
    R0 msisadrv (ISA/EISA Class Driver) - c:\windows\system32\drivers\msisadrv.sys (file missing)
    R0 Mup - c:\windows\system32\drivers\mup.sys (file missing)
    R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers
    dis.sys (file missing)
    R0 partmgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys (file missing)
    R0 pci (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys (file missing)
    R0 pciide - c:\windows\system32\drivers\pciide.sys (file missing)
    R0 pe3ae5eb (Instinct Environment Driver (pe3ae5eb)) - c:\windows\system32\drivers\pe3ae5eb.sys (file missing)
    R0 ps6ae5eb (Instinct Synchronization Driver (ps6ae5eb)) - c:\windows\system32\drivers\ps6ae5eb.sys (file missing)
    R0 spldr (Security Processor Loader Driver) - c:\windows\system32\drivers\spldr.sys (file missing)
    R0 symsnap (Symantec Volume Snap Shot Driver) - c:\windows\system32\drivers\symsnap.sys (file missing)
    R0 volmgr (Volume Manager Driver) - c:\windows\system32\drivers\volmgr.sys (file missing)
    R0 volmgrx (Dynamic Volume Manager) - c:\windows\system32\drivers\volmgrx.sys (file missing)
    R0 volsnap (Storage volumes) - c:\windows\system32\drivers\volsnap.sys (file missing)
    R0 Wdf01000 (Kernel Mode Driver Frameworks service) - c:\windows\system32\drivers\wdf01000.sys (file missing)
    R1 AFD (Ancilliary Function Driver for Winsock) - c:\windows\system32\drivers\afd.sys (file missing)
    R1 cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys (file missing)
    R1 CSC (Offline Files Driver) - c:\windows\system32\drivers\csc.sys (file missing)
    R1 DfsC (Dfs Client Driver) - c:\windows\system32\drivers\dfsc.sys (file missing)
    R1 kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys (file missing)
    R1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys (file missing)
    R1 mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys (file missing)
    R1 Msfs - c:\windows\system32\drivers\msfs.sys (file missing)
    R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers
    etbios.sys (file missing)
    R1 netbt - c:\windows\system32\drivers
    etbt.sys (file missing)
    R1 Npfs - c:\windows\system32\drivers
    pfs.sys (file missing)
    R1 nsiproxy (NSI proxy service) - c:\windows\system32\drivers
    siproxy.sys (file missing)
    R1 Null - c:\windows\system32\drivers
    ull.sys (file missing)
    R1 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\pacer.sys (file missing)
    R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys (file missing)
    R1 rdbss (Redirected Buffering Sub Sysytem) - c:\windows\system32\drivers\rdbss.sys (file missing)
    R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys (file missing)
    R1 RDPENCDD (RDP Encoder Mirror Driver) - c:\windows\system32\drivers\rdpencdd.sys (file missing)
    R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys (file missing)
    R1 Smb (Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session)) - c:\windows\system32\drivers\smb.sys (file missing)
    R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing)
    R1 tdx (NetIO Legacy TDI Support Driver) - c:\windows\system32\drivers\tdx.sys (file missing)
    R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys (file missing)
    R1 VgaSave - c:\windows\system32\drivers\vga.sys (file missing)
    R1 Wanarpv6 (Remote Access IPv6 ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
    R1 ws2ifsl (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - c:\windows\system32\drivers\ws2ifsl.sys (file missing)
    R2 AMON - c:\windows\system32\drivers\amon.sys (file missing)
    R2 lltdio (Link-Layer Topology Discovery Mapper I/O Driver) - c:\windows\system32\drivers\lltdio.sys (file missing)
    R2 luafv (UAC File Virtualization) - c:\windows\system32\drivers\luafv.sys (file missing)
    R2 PEAUTH - c:\windows\system32\drivers\peauth.sys (file missing)
    R2 rspndr (Link-Layer Topology Discovery Responder) - c:\windows\system32\drivers\rspndr.sys (file missing)
    R2 secdrv (Security Driver) - c:\windows\system32\drivers\secdrv.sys (file missing)
    R2 tcpipreg (TCP/IP Registry Compatibility) - c:\windows\system32\drivers\tcpipreg.sys (file missing)
    R2 v2imount (Symantec V2i Mount Driver) - c:\windows\system32\drivers\v2imount.sys (file missing)
    R3 bowser - c:\windows\system32\drivers\bowser.sys (file missing)
    R3 DXGKrnl (LDDM Graphics Subsystem) - c:\windows\system32\drivers\dxgkrnl.sys (file missing)
    R3 fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys (file missing)
    R3 flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys (file missing)
    R3 GEARAspiWDM - c:\windows\system32\drivers\gearaspiwdm.sys (file missing)
    R3 HDAudBus (Microsoft UAA Bus Driver for High Definition Audio) - c:\windows\system32\drivers\hdaudbus.sys (file missing)
    R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys (file missing)
    R3 HTTP - c:\windows\system32\drivers\http.sys (file missing)
    R3 IntcAzAudAddService (Service for Realtek HD Audio (WDM)) - c:\windows\system32\drivers\rtkvhd64.sys (file missing)
    R3 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys (file missing)
    R3 iScsiPrt (iScsiPort Driver) - c:\windows\system32\drivers\msiscsi.sys (file missing)
    R3 ksthunk (Kernel Streaming Thunks) - c:\windows\system32\drivers\ksthunk.sys (file missing)
    R3 monitor (Microsoft Monitor Class Function Driver Service) - c:\windows\system32\drivers\monitor.sys (file missing)
    R3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys (file missing)
    R3 mpsdrv (Windows Firewall Authorization Driver) - c:\windows\system32\drivers\mpsdrv.sys (file missing)
    R3 MRxDAV (WebDav Client Redirector Driver) - c:\windows\system32\drivers\mrxdav.sys (file missing)
    R3 mrxsmb (SMB MiniRedirector Wrapper and Engine) - c:\windows\system32\drivers\mrxsmb.sys (file missing)
    R3 mrxsmb10 (SMB 1.x MiniRedirector) - c:\windows\system32\drivers\mrxsmb10.sys (file missing)
    R3 mrxsmb20 (SMB 2.0 MiniRedirector) - c:\windows\system32\drivers\mrxsmb20.sys (file missing)
    R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys (file missing)
    R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers
    distapi.sys (file missing)
    R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers
    diswan.sys (file missing)
    R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers
    dproxy.sys (file missing)
    R3 Ntfs - c:\windows\system32\drivers
    tfs.sys (file missing)
    R3 NuidFltr (NUID filter driver) - c:\windows\system32\drivers
    uidfltr.sys (file missing)
    R3 nvlddmkm - c:\windows\system32\drivers
    vlddmkm.sys (file missing)
    R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys (file missing)
    R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys (file missing)
    R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys (file missing)
    R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys (file missing)
    R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys (file missing)
    R3 RTL8169 (Realtek 8169 NT Driver) - c:\windows\system32\drivers\rtlh64.sys (file missing)
    R3 Serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys (file missing)
    R3 srv - c:\windows\system32\drivers\srv.sys (file missing)
    R3 srv2 - c:\windows\system32\drivers\srv2.sys (file missing)
    R3 srvnet - c:\windows\system32\drivers\srvnet.sys (file missing)
    R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys (file missing)
    R3 tunmp (Microsoft Tun Miniport Adapter Driver) - c:\windows\system32\drivers\tunmp.sys (file missing)
    R3 tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver) - c:\windows\system32\drivers\tunnel.sys (file missing)
    R3 umbus (UMBus Enumerator Driver) - c:\windows\system32\drivers\umbus.sys (file missing)
    R3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys (file missing)
    R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys (file missing)
    R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys (file missing)
    R3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys (file missing)
    R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys (file missing)
    R3 WUDFRd - c:\windows\system32\drivers\wudfrd.sys (file missing)
    R4 cdfs (CD/DVD File System Reader) - c:\windows\system32\drivers\cdfs.sys (file missing)

    S1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys (file missing)
    S2 atksgt - c:\windows\system32\drivers\atksgt.sys (file missing)
    S2 lirsgt - c:\windows\system32\drivers\lirsgt.sys (file missing)
    S3 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys (file missing)
    S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys (file missing)
    S3 BrFiltLo (Brother USB Mass-Storage Lower Filter Driver) - c:\windows\system32\drivers\brfiltlo.sys (file missing)
    S3 BrFiltUp (Brother USB Mass-Storage Upper Filter Driver) - c:\windows\system32\drivers\brfiltup.sys (file missing)
    S3 BrUsbSer (Brother MFC USB Serial WDM Driver) - c:\windows\system32\drivers\brusbser.sys (file missing)
    S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys (file missing)
    S3 E1G60 (Intel(R) PRO/1000 NDIS 6 Adapter Driver) - c:\windows\system32\drivers\e1g6032e.sys (file missing)
    S3 fastfat (FAT12/16/32 File System Driver) - c:\windows\system32\drivers\fastfat.sys (file missing)
    S3 Filetrace - c:\windows\system32\drivers\filetrace.sys (file missing)
    S3 gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) - c:\windows\system32\drivers\gagp30kx.sys (file missing)
    S3 hamachi (Hamachi Network Interface) - c:\windows\system32\drivers\hamachi.sys (file missing)
    S3 HdAudAddService (Microsoft 1.1 UAA Function Driver for High Definition Audio Service) - c:\windows\system32\drivers\hdaudio.sys (file missing)
    S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys (file missing)
    S3 IPNAT (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys (file missing)
    S3 IRENUM (IR Bus Enumerator) - c:\windows\system32\drivers\irenum.sys (file missing)
    S3 Modem - c:\windows\system32\drivers\modem.sys (file missing)
    S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys (file missing)
    S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys (file missing)
    S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys (file missing)
    S3 MsRPC - c:\windows\system32\drivers\msrpc.sys (file missing)
    S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys (file missing)
    S3 NativeWifiP (NativeWiFi Filter) - c:\windows\system32\drivers
    wifi.sys (file missing)
    S3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers
    disuio.sys (file missing)
    S3 nv_agp (NVIDIA nForce AGP Bus Filter) - c:\windows\system32\drivers
    v_agp.sys (file missing)
    S3 QWAVEdrv (QWAVE driver) - c:\windows\system32\drivers\qwavedrv.sys (file missing)
    S3 RDPWD (RDP Winstation Driver) - c:\windows\system32\drivers\rdpwd.sys (file missing)
    S3 sffp_mmc (SFF Storage Protocol Driver for MMC) - c:\windows\system32\drivers\sffp_mmc.sys (file missing)
    S3 sffp_sd (SFF Storage Protocol Driver for SDBus) - c:\windows\system32\drivers\sffp_sd.sys (file missing)
    S3 StillCam (Still Serial Digital Camera Driver) - c:\windows\system32\drivers\serscan.sys (file missing)
    S3 Tcpip6 (Microsoft IPv6 Protocol Driver) - c:\windows\system32\drivers\tcpip.sys (file missing)
    S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys (file missing)
    S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys (file missing)
    S3 tssecsrv (Terminal Services Security Filter Driver) - c:\windows\system32\drivers\tssecsrv.sys (file missing)
    S3 uagp35 (Microsoft AGPv3.5 Filter) - c:\windows\system32\drivers\uagp35.sys (file missing)
    S3 uliagpkx (Uli AGP Bus Filter) - c:\windows\system32\drivers\uliagpkx.sys (file missing)
    S3 vga - c:\windows\system32\drivers\vgapnp.sys (file missing)
    S3 VProEventMonitor (Symantec Event Monitor Driver) - c:\windows\system32\drivers\vproeventmonitor.sys (file missing)
    S3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys (file missing)
    S3 WimFltr - c:\windows\system32\drivers\wimfltr.sys (file missing)
    S4 adp94xx - c:\windows\system32\drivers\adp94xx.sys (file missing)
    S4 adpahci - c:\windows\system32\drivers\adpahci.sys (file missing)
    S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys (file missing)
    S4 adpu320 - c:\windows\system32\drivers\adpu320.sys (file missing)
    S4 aic78xx - c:\windows\system32\drivers\djsvs.sys (file missing)
    S4 aliide - c:\windows\system32\drivers\aliide.sys (file missing)
    S4 amdide - c:\windows\system32\drivers\amdide.sys (file missing)
    S4 AmdK8 (AMD K8 Processor Driver) - c:\windows\system32\drivers\amdk8.sys (file missing)
    S4 arc - c:\windows\system32\drivers\arc.sys (file missing)
    S4 arcsas - c:\windows\system32\drivers\arcsas.sys (file missing)
    S4 Brserid (Brother MFC Serial Port Interface Driver (WDM)) - c:\windows\system32\drivers\brserid.sys (file missing)
    S4 BrSerWdm (Brother WDM Serial driver) - c:\windows\system32\drivers\brserwdm.sys (file missing)
    S4 BrUsbMdm (Brother MFC USB Fax Only Modem) - c:\windows\system32\drivers\brusbmdm.sys (file missing)
    S4 BTHMODEM (Bluetooth Serial Communications Driver) - c:\windows\system32\drivers\bthmodem.sys (file missing)
    S4 circlass (Consumer IR Devices) - c:\windows\system32\drivers\circlass.sys (file missing)
    S4 cmdide - c:\windows\system32\drivers\cmdide.sys (file missing)
    S4 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys (file missing)
    S4 elxstor - c:\windows\system32\drivers\elxstor.sys (file missing)
    S4 HidBth (Microsoft Bluetooth HID Miniport) - c:\windows\system32\drivers\hidbth.sys (file missing)
    S4 HidIr (Microsoft Infrared HID Driver) - c:\windows\system32\drivers\hidir.sys (file missing)
    S4 HpCISSs - c:\windows\system32\drivers\hpcisss.sys (file missing)
    S4 i2omp - c:\windows\system32\drivers\i2omp.sys (file missing)
    S4 iaStorV (Intel RAID Controller Vista) - c:\windows\system32\drivers\iastorv.sys (file missing)
    S4 iirsp - c:\windows\system32\drivers\iirsp.sys (file missing)
    S4 IPMIDRV - c:\windows\system32\drivers\ipmidrv.sys (file missing)
    S4 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys (file missing)
    S4 iteatapi (ITEATAPI_Service_Install) - c:\windows\system32\drivers\iteatapi.sys (file missing)
    S4 iteraid (ITERAID_Service_Install) - c:\windows\system32\drivers\iteraid.sys (file missing)
    S4 LSI_FC - c:\windows\system32\drivers\lsi_fc.sys (file missing)
    S4 LSI_SAS - c:\windows\system32\drivers\lsi_sas.sys (file missing)
    S4 LSI_SCSI - c:\windows\system32\drivers\lsi_scsi.sys (file missing)
    S4 megasas - c:\windows\system32\drivers\megasas.sys (file missing)
    S4 mpio (Microsoft Multi-Path Bus Driver) - c:\windows\system32\drivers\mpio.sys (file missing)
    S4 Mraid35x - c:\windows\system32\drivers\mraid35x.sys (file missing)
    S4 msahci - c:\windows\system32\drivers\msahci.sys (file missing)
    S4 msdsm (Microsoft Multi-Path Device Specific Module) - c:\windows\system32\drivers\msdsm.sys (file missing)
    S4 nfrd960 - c:\windows\system32\drivers
    frd960.sys (file missing)
    S4 nvraid - c:\windows\system32\drivers
    vraid.sys (file missing)
    S4 nvstor - c:\windows\system32\drivers
    vstor.sys (file missing)
    S4 ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller) - c:\windows\system32\drivers\ohci1394.sys (file missing)
    S4 pcmcia - c:\windows\system32\drivers\pcmcia.sys (file missing)
    S4 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys (file missing)
    S4 ql2300 (QLogic Fibre Channel Miniport Driver) - c:\windows\system32\drivers\ql2300.sys (file missing)
    S4 ql40xx (QLogic iSCSI Miniport Driver) - c:\windows\system32\drivers\ql40xx.sys (file missing)
    S4 sbp2port (SBP-2 Transport/Protocol Bus Driver) - c:\windows\system32\drivers\sbp2port.sys (file missing)
    S4 sermouse (Serial Mouse Driver) - c:\windows\system32\drivers\sermouse.sys (file missing)
    S4 sffdisk (SFF Storage Class Driver) - c:\windows\system32\drivers\sffdisk.sys (file missing)
    S4 sfloppy (High-Capacity Floppy Disk Drive) - c:\windows\system32\drivers\sfloppy.sys (file missing)
    S4 SiSRaid2 - c:\windows\system32\drivers\sisraid2.sys (file missing)
    S4 SiSRaid4 - c:\windows\system32\drivers\sisraid4.sys (file missing)
    S4 Sym_hi - c:\windows\system32\drivers\sym_hi.sys (file missing)
    S4 Sym_u3 - c:\windows\system32\drivers\sym_u3.sys (file missing)
    S4 Symc8xx - c:\windows\system32\drivers\symc8xx.sys (file missing)
    S4 udfs - c:\windows\system32\drivers\udfs.sys (file missing)
    S4 uliahci - c:\windows\system32\drivers\uliahci.sys (file missing)
    S4 UlSata - c:\windows\system32\drivers\ulsata.sys (file missing)
    S4 ulsata2 - c:\windows\system32\drivers\ulsata2.sys (file missing)
    S4 usbcir (eHome Infrared Receiver (USBCIR)) - c:\windows\system32\drivers\usbcir.sys (file missing)
    S4 usbohci (Microsoft USB Open Host Controller Miniport Driver) - c:\windows\system32\drivers\usbohci.sys (file missing)
    S4 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys (file missing)
    S4 viaide - c:\windows\system32\drivers\viaide.sys (file missing)
    S4 vsmraid - c:\windows\system32\drivers\vsmraid.sys (file missing)
    S4 WacomPen (Wacom Serial Pen HID Driver) - c:\windows\system32\drivers\wacompen.sys (file missing)
    S4 Wd (Microsoft Watchdog Timer Driver) - c:\windows\system32\drivers\wd.sys (file missing)
    S4 WmiAcpi (Microsoft Windows Management Interface for ACPI) - c:\windows\system32\drivers\wmiacpi.sys (file missing)


    – Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ——————–

    R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files (x86)\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>
    R2 Nero BackItUp Scheduler 3 - c:\program files (x86)
    ero
    ero8
    ero backitup
    bservice.exe
    R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe (file missing)
    R2 slsvc (Software Licensing) - c:\windows\system32\slsvc.exe (file missing)
    R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe (file missing)
    R3 FLEXnet Licensing Service - "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>

    S2 pr2ae5eb (Instinct Drivers Auto Removal (pr2ae5eb)) - c:\windows\system32\pr2ae5eb.exe svc (file missing)
    S3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe (file missing)
    S3 DFSR (DFS Replication) - c:\windows\system32\dfsr.exe (file missing)
    S3 Fax - c:\windows\system32\fxssvc.exe (file missing)
    S3 KeyIso (CNG Key Isolation) - c:\windows\system32\lsass.exe (file missing)
    S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe (file missing)
    S3 Netlogon - c:\windows\system32\lsass.exe (file missing)
    S3 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe (file missing)
    S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe (file missing)
    S3 SNMPTRAP (SNMP Trap) - c:\windows\system32\snmptrap.exe (file missing)
    S3 UI0Detect (Interactive Services Detection) - c:\windows\system32\ui0detect.exe (file missing)
    S3 vds (Virtual Disk) - c:\windows\system32\vds.exe (file missing)
    S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe (file missing)
    S3 wbengine (Block Level Backup Engine Service) - "c:\windows\system32\wbengine.exe" (file missing)
    S3 wmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe (file missing)


    – Device Manager: Disabled —————————————————-

    Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
    Description: Photosmart 2570 series
    Device ID: ROOT\IMAGE\0000
    Manufacturer: HP
    Name: Photosmart 2570 series
    PNP Device ID: ROOT\IMAGE\0000
    Service: StillCam

    Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
    Description: Photosmart 2570 series
    Device ID: ROOT\MULTIFUNCTION\0000
    Manufacturer: HP
    Name: Photosmart 2570 series
    PNP Device ID: ROOT\MULTIFUNCTION\0000
    Service:

    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Hamachi Network Interface
    Device ID: ROOT\NET\0000
    Manufacturer: LogMeIn, Inc.
    Name: Hamachi Network Interface
    PNP Device ID: ROOT\NET\0000
    Service: hamachi

    Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
    Description: Photosmart 2570 series
    Device ID: ROOT\PRINTER\0000
    Manufacturer: HP
    Name: Photosmart 2570 series
    PNP Device ID: ROOT\PRINTER\0000
    Service:


    – Files created between 2007-08-27 and 2007-09-27 —————————–

    2007-09-27 17:00:40 0 d——– C:\Users\andries\DoctorWeb
    2007-09-27 16:18:46 0 d——– C:\Users\All Users\Electronic Arts
    2007-09-27 12:40:44 506368 –a—— C:\Windows\system32\msxml.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
    2007-09-23 21:06:15 0 d——– C:\Program Files (x86)\OpenAL
    2007-09-16 20:46:38 0 d——– C:\Program Files (x86)\GameSpy
    2007-09-16 20:45:07 0 d——– C:\Windows\system32\URTTEMP
    2007-09-11 21:23:11 0 d——– C:\Program Files (x86)\Sierra On-Line
    2007-09-11 16:45:27 0 d——– C:\Program Files (x86)\Microsoft Silverlight
    2007-09-10 19:50:13 335872 –a—— C:\Windows\Nero PhotoShow.scr <Not Verified; Nero AG / Nero Inc.; Nero PhotoShow Screen Saver>
    2007-09-10 19:48:23 0 d——– C:\Users\All Users\Simple Star Shared
    2007-09-10 19:48:22 0 d——– C:\Program Files (x86)\Common Files\Simple Star Shared
    2007-09-10 19:37:52 0 d——– C:\Users\All Users\Nero
    2007-09-10 19:37:52 0 d——– C:\Program Files (x86)\Nero
    2007-09-10 19:37:52 0 d——– C:\Program Files (x86)\Common Files\Nero
    2007-09-10 19:35:41 0 d——– C:\Program Files (x86)\Google
    2007-09-09 19:18:04 0 d——– C:\Windows\system32\AGEIA
    2007-09-09 19:18:02 0 d——– C:\Program Files (x86)\AGEIA Technologies
    2007-09-09 19:17:23 0 d——– C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2007-09-09 19:01:16 0 d——– C:\Windows\vbSkinner
    2007-09-09 18:49:05 0 d——– C:\Program Files (x86)\uTorrent
    2007-09-09 17:01:47 0 d——– C:\Program Files (x86)\Common Files\PocketSoft
    2007-09-09 16:21:37 0 d——– C:\Users\All Users\Test Drive Unlimited
    2007-09-09 13:29:44 0 d——– C:\Users\All Users\SpieleEntwicklungsKombinat
    2007-09-08 22:39:05 0 d——– C:\Windows\system32\storage
    2007-09-08 22:00:49 0 d——– C:\Windows\system32\PlayLinc
    2007-09-08 22:00:49 0 d——– C:\Program Files (x86)\PlayLinc
    2007-09-08 21:47:41 0 d——– C:\Program Files (x86)\Steam
    2007-09-08 20:59:22 0 d——– C:\Program Files (x86)\EA Games
    2007-09-08 20:35:56 306688 –a—— C:\Windows\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
    2007-09-08 19:38:41 556 –a—— C:\Windows\eReg.dat
    2007-09-08 19:33:07 729088 –a—— C:\Windows\iun6002.exe <Not Verified; Indigo Rose Corporation; Setup Factory 6.0 Runtime Module>
    2007-09-08 18:00:08 0 d–hs—- C:\Windows\ftpcache
    2007-09-08 14:41:41 0 d——– C:\NVIDIA
    2007-09-08 14:38:40 0 d——– C:\Users\All Users\Media Center Programs
    2007-09-08 13:59:00 0 d——– C:\Program Files (x86)\Games
    2007-09-08 11:34:54 0 d——– C:\Program Files (x86)\Download Manager
    2007-09-07 23:51:36 0 d——– C:\Program Files (x86)\MSDN
    2007-09-07 23:36:17 0 d——– C:\Windows\system32\js
    2007-09-07 23:36:17 0 d——– C:\Windows\system32\images
    2007-09-07 23:36:17 0 d——– C:\Windows\system32\html
    2007-09-07 23:36:17 0 d——– C:\Windows\system32\css
    2007-09-07 23:36:17 0 d——– C:\Program Files (x86)\Business Objects
    2007-09-07 23:36:05 0 d——– C:\Win
    2007-09-07 23:32:13 0 d——– C:\Program Files (x86)\Microsoft SQL Server
    2007-09-07 23:32:03 0 d——– C:\Program Files (x86)\Microsoft Device Emulator
    2007-09-07 23:31:05 0 d——– C:\Program Files (x86)\Windows Mobile 5.0 SDK R2
    2007-09-07 23:30:35 0 d——– C:\Program Files (x86)\Microsoft Synchronization Services
    2007-09-07 23:30:35 0 d——– C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2007-09-07 23:22:59 0 d——– C:\Users\All Users\PreEmptive Solutions
    2007-09-07 23:18:13 0 d——– C:\Windows\symbols
    2007-09-07 23:18:01 0 d——– C:\Windows\system32\1033
    2007-09-07 23:16:51 0 d——– C:\WCU
    2007-09-07 23:16:50 0 d——– C:\Program Files (x86)\Microsoft Visual Studio 9.0
    2007-09-07 23:16:50 0 d——– C:\Program Files (x86)\Microsoft SDKs
    2007-09-07 23:16:50 0 d——– C:\Program Files (x86)\HTML Help Workshop
    2007-09-07 23:16:50 0 d——– C:\Program Files (x86)\Common Files\Merge Modules
    2007-09-07 23:16:50 0 d——– C:\Program Files (x86)\CE Remote Tools
    2007-09-07 23:15:31 0 d——– C:\Program Files (x86)\Microsoft Web Designer Tools
    2007-09-07 22:11:05 215144 -ra—— C:\Windows\patchw32.dll
    2007-09-07 22:10:27 215144 -ra—— C:\Windows\pw32a.dll
    2007-09-07 21:58:18 0 d——– C:\Program Files (x86)\Norton Ghost
    2007-09-07 21:58:08 0 d——– C:\Users\All Users\Symantec
    2007-09-07 21:22:40 0 d——– C:\Program Files (x86)\Symantec
    2007-09-07 21:22:40 0 d——– C:\Program Files (x86)\Common Files\Symantec Shared
    2007-09-07 19:40:07 0 d——– C:\Windows\.jagex_cache_32
    2007-09-07 14:27:03 0 d——– C:\Program Files (x86)\Hamachi
    2007-09-06 21:37:26 0 d——– C:\Program Files (x86)\GoldWave
    2007-09-06 21:36:26 0 d-a—— C:\Users\All Users\TEMP
    2007-09-06 21:36:17 0 d——– C:\Program Files (x86)\fraps
    2007-09-06 21:33:14 0 d——– C:\Program Files (x86)\Common Files\L&H
    2007-09-06 21:33:00 0 d——– C:\Program Files (x86)\Microsoft ActiveSync
    2007-09-06 21:20:11 0 d——– C:\Program Files (x86)\Combined Community Codec Pack
    2007-09-06 20:57:05 413696 –a—— C:\Windows\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
    2007-09-06 20:57:05 86016 –a—— C:\Windows\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
    2007-09-06 20:56:21 0 d——– C:\Windows\system32\Futuremark
    2007-09-06 20:56:21 3972 –a—— C:\Windows\system32\drivers\PciBus.sys
    2007-09-06 20:56:21 5632 –a—— C:\Windows\system32\drivers\Entech64.sys <Not Verified; EnTech Taiwan; EnTech.sys>
    2007-09-06 20:56:21 21664 –a—— C:\Windows\system32\drivers\Entech.sys <Not Verified; EnTech Taiwan; PowerStrip>
    2007-09-06 20:55:45 0 d——– C:\Program Files (x86)\3DMark06
    2007-09-06 20:42:00 0 d——– C:\Program Files (x86)\Common Files\PX Storage Engine
    2007-09-06 20:41:55 0 d——– C:\Program Files (x86)\DivX
    2007-09-06 20:31:29 0 d——– C:\Users\All Users\Messenger Plus!
    2007-09-06 20:26:45 0 d——– C:\Program Files (x86)\BitTorrent_DNA
    2007-09-06 20:26:44 0 d——– C:\Program Files (x86)\BitTorrent
    2007-09-06 20:20:52 0 d——– C:\Users\All Users\Apple Computer
    2007-09-06 20:20:30 0 d——– C:\Users\All Users\Apple
    2007-09-06 20:20:30 0 d——– C:\Program Files (x86)\Apple Software Update
    2007-09-06 20:02:24 0 d——– C:\Program Files (x86)\MSXML 4.0
    2007-09-06 19:53:42 0 d——– C:\Users\All Users\Xfire
    2007-09-06 19:53:41 0 d——– C:\Program Files (x86)\Xfire
    2007-09-06 19:47:05 0 d——– C:\Program Files (x86)\Teamspeak2_RC2
    2007-09-06 19:37:58 0 d——– C:\Users\All Users\Ahead
    2007-09-06 19:19:35 0 d——– C:\Windows\system32\directx
    2007-09-06 19:16:41 0 –a—— C:\Windows
    sreg.dat
    2007-09-06 19:14:00 0 d——– C:\Windows\Sun
    2007-09-06 19:13:01 0 d——– C:\Program Files (x86)\Java
    2007-09-06 19:12:35 0 d——– C:\Program Files (x86)\Common Files\Java
    2007-09-06 19:01:03 0 d——– C:\Program Files (x86)\Windows Live
    2007-09-06 19:01:02 0 d——– C:\Program Files (x86)\Messenger Plus! Live
    2007-09-06 18:49:00 0 d——– C:\Users\All Users\WEBREG
    2007-09-06 18:47:48 0 d——– C:\Users\All Users\HPSSUPPLY
    2007-09-06 18:44:47 0 d——– C:\Program Files (x86)\Hewlett-Packard
    2007-09-06 18:44:47 0 d——– C:\Program Files (x86)\Common Files\Hewlett-Packard
    2007-09-06 18:44:20 0 d——– C:\Program Files (x86)\Common Files\HP
    2007-09-06 18:41:26 0 d——– C:\Program Files (x86)\HP
    2007-09-06 18:39:59 158415 –a—— C:\Windows\hpoins19.dat
    2007-09-06 18:39:39 0 d——– C:\Users\All Users\HP
    2007-09-06 18:39:33 26952 –a—— C:\Windows\hpomdl19.dat
    2007-09-06 17:51:31 0 d——– C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
    2007-09-06 17:40:38 0 d——– C:\Users\All Users\Office Genuine Advantage
    2007-09-06 17:07:22 0 d——– C:\Program Files (x86)\Microsoft Works
    2007-09-06 17:06:08 0 d——– C:\Program Files (x86)\Microsoft.NET
    2007-09-06 17:03:29 0 d——– C:\Program Files (x86)\Microsoft Visual Studio 8
    2007-09-06 17:02:29 0 d——– C:\Users\All Users\Microsoft Help
    2007-09-06 17:00:13 0 dr-h—– C:\MSOCache
    2007-09-06 16:55:41 0 d——– C:\Program Files (x86)\QuickTime
    2007-09-06 16:54:33 0 d——– C:\Program Files (x86)\Bonjour
    2007-09-06 16:42:00 0 d——– C:\Program Files (x86)\DAEMON Tools
    2007-09-06 16:35:53 0 d——– C:\Program Files (x86)\cpu-z
    2007-09-06 16:28:16 0 d——– C:\Windows\pss
    2007-09-06 16:24:12 0 d——– C:\Windows\system32\RTCOM
    2007-09-06 16:23:38 0 d——– C:\Program Files (x86)\Realtek
    2007-09-06 16:23:36 520192 –a—— C:\Windows\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
    2007-09-06 16:23:36 315392 –a—— C:\Windows\HideWin.exe <Not Verified; Realtek Semiconductor Corp.; HD Audio Hide windows program>
    2007-09-06 16:23:10 0 d——– C:\Users\All Users\FreeDownloadManager.ORG
    2007-09-06 16:23:09 0 d——– C:\Program Files (x86)\Free Download Manager
    2007-09-06 16:21:02 0 d——– C:\Users\All Users\FLEXnet
    2007-09-06 16:20:47 0 d——– C:\Program Files (x86)\Common Files\Macrovision Shared
    2007-09-06 16:16:05 0 d——– C:\Windows\system32\spool
    2007-09-06 16:13:40 0 d——– C:\Program Files (x86)\Fake Webcam
    2007-09-06 16:07:29 0 d——– C:\images
    2007-09-06 16:06:09 0 d——– C:\Program Files (x86)\GrabIt
    2007-09-06 16:03:09 0 d——– C:\Program Files (x86)\Shareaza
    2007-09-06 16:02:46 0 d——– C:\Users\All Users\eMule
    2007-09-06 16:02:45 0 d——– C:\Program Files (x86)\eMule
    2007-09-06 16:00:12 0 d——– C:\Program Files (x86)\QuickPar
    2007-09-06 15:59:33 0 d——– C:\Program Files (x86)\Electronic Arts
    2007-09-06 15:59:24 0 d——– C:\Users\All Users\EA Link
    2007-09-06 15:46:24 0 d–h—– C:\Program Files (x86)\InstallShield Installation Information
    2007-09-06 15:46:15 0 d——– C:\Program Files (x86)\Common Files\InstallShield
    2007-09-06 15:39:27 0 d——– C:\Users\All Users\Adobe Systems
    2007-09-06 15:31:38 0 d——– C:\Program Files (x86)\Common Files\Adobe Systems Shared
    2007-09-06 15:30:36 0 d——– C:\Users\All Users\Adobe
    2007-09-06 15:30:36 0 d——– C:\Program Files (x86)\Common Files\Adobe
    2007-09-06 15:30:36 0 d——– C:\Program Files (x86)\Adobe Photoshop CS2
    2007-09-06 15:15:50 0 d——– C:\Program Files (x86)\EVEREST Ultimate Edition
    2007-09-06 15:02:49 298104 –a—— C:\Windows\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
    2007-09-06 14:54:32 0 d——– C:\Users\All Users\WinZip
    2007-09-06 12:20:15 0 d——– C:\Windows\PCHEALTH
    2007-09-06 12:20:15 0 d——– C:\Program Files (x86)\MSN Messenger
    2007-09-06 12:19:33 0 d–hs—- C:\Windows\Installer
    2007-09-06 12:18:41 0 d——– C:\Windows\system32\Macromed
    2007-09-06 05:27:15 0 d——– C:\Windows\Panther
    2007-09-06 05:26:49 59 -ra—— C:\Windows\DELL_VERSION
    2007-09-06 04:30:34 0 d——– C:\Windows\SoftwareDistribution
    2007-09-06 04:29:38 0 d——– C:\Windows\Debug
    2007-09-06 04:29:37 0 d——– C:\Windows\CSC
    2007-09-06 04:28:29 0 d——– C:\Windows\Prefetch
    2007-09-06 04:28:15 0 d–hs—- C:\System Volume Information
    2007-09-05 22:13:23 0 d——– C:\Users\All Users\NVIDIA
    2007-09-05 18:27:00 0 d——– C:\games
    2007-09-05 07:45:12 0 dr——- C:\Users\andries\Searches
    2007-09-05 07:45:02 0 dr——- C:\Users\andries\Contacts
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Videos
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\Templates
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\Start Menu
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\SendTo
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Saved Games
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\Recent
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\PrintHood
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Pictures
    2007-09-05 07:44:57 3407872 –ahs—- C:\Users\andries\NTUSER.DAT
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\NetHood
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\My Documents
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Music
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\Local Settings
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Links
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Favorites
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Downloads
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Documents
    2007-09-05 07:44:57 0 dr——- C:\Users\andries\Desktop
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\Cookies
    2007-09-05 07:44:57 0 d–hs—- C:\Users\andries\Application Data
    2007-09-05 07:44:57 0 d–h—– C:\Users\andries\AppData


    – Find3M Report —————————————————————

    2007-09-27 19:32:11 0 d——– C:\Users\andries\AppData\Roaming\BitTorrent DNA
    2007-09-27 19:24:35 0 d——– C:\Users\andries\AppData\Roaming\Free Download Manager
    2007-09-27 12:39:35 0 d——– C:\Users\andries\AppData\Roaming\GrabIt
    2007-09-25 21:52:15 0 d——– C:\Users\andries\AppData\Roaming\Disney Interactive Studios
    2007-09-25 19:26:10 0 d——– C:\Users\andries\AppData\Roaming\Xfire
    2007-09-20 15:58:46 0 d——– C:\Users\andries\AppData\Roaming\teamspeak2
    2007-09-19 20:21:07 0 d——– C:\Users\andries\AppData\Roaming\Bioshock
    2007-09-17 18:29:01 0 d——– C:\Users\andries\AppData\Roaming\uTorrent
    2007-09-17 16:06:04 0 d——– C:\Users\andries\AppData\Roaming\Sports Interactive
    2007-09-13 17:37:31 0 d——– C:\Users\andries\AppData\Roaming\IGN_DLM
    2007-09-12 22:12:33 0 d——– C:\Program Files (x86)\Windows Mail
    2007-09-10 22:49:01 0 d——– C:\Users\andries\AppData\Roaming\BitTorrent
    2007-09-10 19:50:19 0 d——– C:\Users\andries\AppData\Roaming\Nero
    2007-09-10 19:48:22 0 d——– C:\Program Files (x86)\Common Files
    2007-09-10 19:48:11 0 d——– C:\Users\andries\AppData\Roaming\Simple Star
    2007-09-10 19:44:45 0 d——– C:\Users\andries\AppData\Roaming\Adobe
    2007-09-09 17:16:29 0 d——– C:\Users\andries\AppData\Roaming\Atari
    2007-09-09 17:01:48 0 d——– C:\Users\andries\AppData\Roaming\Leadertech
    2007-09-09 16:48:29 0 d——– C:\Users\andries\AppData\Roaming\Ahead
    2007-09-09 13:29:48 0 d——– C:\Users\andries\AppData\Roaming\SpieleEntwicklungsKombinat
    2007-09-08 18:29:08 0 d——– C:\Users\andries\AppData\Roaming\Command & Conquer 3 Tiberium Wars
    2007-09-08 15:00:11 0 dr-h—– C:\Users\andries\AppData\Roaming\SecuROM
    2007-09-08 13:58:35 0 d——– C:\Users\andries\AppData\Roaming\InstallShield
    2007-09-07 23:18:44 0 d——– C:\Program Files (x86)\MSBuild
    2007-09-07 22:12:53 0 d——– C:\Users\andries\AppData\Roaming\Symantec
    2007-09-07 14:27:19 0 d——– C:\Users\andries\AppData\Roaming\Hamachi
    2007-09-06 21:09:48 0 d——– C:\Users\andries\AppData\Roaming\DivX
    2007-09-06 21:05:24 0 d——– C:\Users\andries\AppData\Roaming\Pegasys Inc
    2007-09-06 19:44:16 174 –ahs—- C:\Program Files (x86)\desktop.ini
    2007-09-06 19:17:04 0 d——– C:\Users\andries\AppData\Roaming\Talkback
    2007-09-06 19:16:39 0 d——– C:\Users\andries\AppData\Roaming\Mozilla
    2007-09-06 18:48:20 0 d——– C:\Users\andries\AppData\Roaming\HP
    2007-09-06 16:33:55 0 d——– C:\Users\andries\AppData\Roaming\GetBot
    2007-09-06 16:03:09 0 d——– C:\Users\andries\AppData\Roaming\Shareaza
    2007-09-06 15:01:13 0 d——– C:\Users\andries\AppData\Roaming\WinRAR
    2007-09-06 12:22:41 31049 –a—— C:\Users\andries\AppData\Roaming\UserTile.png
    2007-09-06 12:22:02 0 d——– C:\Users\andries\AppData\Roaming\PeerNetworking
    2007-09-06 12:18:46 0 d——– C:\Users\andries\AppData\Roaming\Macromedia
    2007-09-05 10:06:24 0 d——– C:\Program Files (x86)\Windows Calendar
    2007-09-05 07:45:04 0 d——– C:\Users\andries\AppData\Roaming\Identities
    2007-07-27 01:06:22 3596288 –a—— C:\Windows\system32\qt-dx331.dll
    2007-07-27 01:03:48 196608 –a—— C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
    2007-07-27 01:03:48 81920 –a—— C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
    2007-07-27 01:03:38 802816 –a—— C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
    2007-07-27 01:03:38 823296 –a—— C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
    2007-07-27 01:03:38 823296 –a—— C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
    2007-07-27 01:03:38 740442 –a—— C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
    2007-07-27 01:03:02 12288 –a—— C:\Windows\system32\DivXWMPExtType.dll


    – Registry Dump —————————————————————



    – End of Deckard's System Scanner: finished at 2007-09-27 19:34:48 ————[/quote:8bc02cc4eb]
  • vanwege een limiet hier is extra.txt er ook bij:

    [quote:ed4e47c615]Deckard's System Scanner v20070905.67
    Extra logfile - please post this as an attachment with your post.
    ——————————————————————————–

    – System Information ———————————————————-

    Microsoft® Windows Vista™ Ultimate (build 6000)
    Architecture: X64; Language: English

    CPU 0: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
    Percentage of Memory in Use: 48%
    Physical Memory (total/avail): 4093.69 MiB / 2110.96 MiB
    Pagefile Memory (total/avail): 8340.94 MiB / 6845.8 MiB
    Virtual Memory (total/avail): 2047.88 MiB / 1923.57 MiB

    A: is Removable (No Media)
    C: is Fixed (NTFS) - 298.09 GiB total, 35.99 GiB free.
    D: is Fixed (NTFS) - 298.09 GiB total, 132.69 GiB free.
    E: is CDROM (No Media)
    F: is Removable (No Media)
    G: is Removable (No Media)
    H: is Removable (No Media)
    I: is Removable (No Media)

    \\.\PHYSICALDRIVE1 - WDC WD3200AAJS-65RYA0 ATA Device - 298.09 GiB - 1 partition
    \PARTITION0 (bootable) - Installable File System - 298.09 GiB - C:

    \\.\PHYSICALDRIVE0 - WDC WD3200AAKS-00SBA0 ATA Device - 298.09 GiB - 1 partition
    \PARTITION0 (bootable) - Installable File System - 298.09 GiB - D:

    \\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device

    \\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device

    \\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device

    \\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device



    – Security Center ————————————————————-

    AUOptions is scheduled to auto-install.
    Windows Internal Firewall is enabled.

    AV: ESET NOD32 antivirus system 2.70 v2.70 (ESET, spol. s r.o.)
    AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE64\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE64\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe"="C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"


    – Environment Variables ——————————————————-

    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=C:\Users\andries\AppData\Roaming
    CLASSPATH=.;C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files (x86)\Common Files
    CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
    CommonProgramW6432=C:\Program Files\Common Files
    COMPUTERNAME=PC-ANDRIES
    ComSpec=C:\Windows\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HellgateEnv64=C:\Program Files (x86)\Games\Hellgate London Beta\
    HOMEDRIVE=C:
    HOMEPATH=\Users\andries
    LOCALAPPDATA=C:\Users\andries\AppData\Local
    LOGONSERVER=\\PC-ANDRIES
    NUMBER_OF_PROCESSORS=2
    OS=Windows_NT
    Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files (x86)\Common Files\Adobe\AGL;C:\Program Files (x86)\QuickTime\QTSystem\;c:\Program Files (x86)\Microsoft SQL Server\90\Tools\binn\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_ARCHITEW6432=AMD64
    PROCESSOR_IDENTIFIER=EM64T Family 6 Model 15 Stepping 6, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0f06
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files (x86)
    ProgramFiles(x86)=C:\Program Files (x86)
    ProgramW6432=C:\Program Files
    PROMPT=$P$G
    PUBLIC=C:\Users\Public
    QTJAVA=C:\Program Files (x86)\Java\jre1.6.0_02\lib\ext\QTJava.zip
    SESSIONNAME=Console
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=C:\Users\andries\AppData\Local\Temp
    TMP=C:\Users\andries\AppData\Local\Temp
    USERDOMAIN=PC-andries
    USERNAME=andries
    USERPROFILE=C:\Users\andries
    VS90COMNTOOLS=C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\Tools\
    windir=C:\Windows


    – User Profiles —————————————————————

    andries [i:ed4e47c615](admin)[/i:ed4e47c615]


    – Add/Remove Programs ———————————————————

    µTorrent –> "C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL
    64 Bit HP CIO Components Installer –> MsiExec.exe /I{9F560BEB-021F-43AC-825F-AA60442D8DE4}
    Adobe Flash Player 9 ActiveX –> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
    BitTorrent –> "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL
    BitTorrent DNA –> "C:\Program Files (x86)\BitTorrent_DNA\dna.exe" /UNINSTALL
    Crystal Reports Runtime for Visual Studio 2008 Beta2 (x64) –> MsiExec.exe /I{7D5638D0-5201-46E9-B7BA-B611E37850AF}
    Hellgate: London Beta –> MsiExec.exe /X{DBB0C0DD-5AB5-4B2A-944C-B2E78551FEEE}
    HP Customer Participation Program 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\ExtCapUninstall\hpzscr40.exe -datfile hpqhsc01.dat
    HP Imaging Device Functions 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\DeviceManagement\hpzscr40.exe -datfile hpqbud01.dat
    HP OCR Software 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\OCR\hpzscr40.exe -datfile hpqbud11.dat
    HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B –> C:\Program Files (x86)\HP\Digital Imaging\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}\setup\hpzscr40.exe -datfile hposcr19.dat -onestop -showdisconnect -forcereboot
    HP Solution Center 8.0 –> C:\Program Files (x86)\HP\Digital Imaging\eSupport\hpzscr40.exe -datfile hpqbud05.dat
    Microsoft .NET Framework 3.5 (Pre-Release Version) –> C:\Windows\Microsoft.NET\Framework64\v3.5\Microsoft .NET Framework 3.5 (Pre-Release Version)\setup.exe
    Microsoft .NET Framework 3.5 (Pre-Release Version) –> MsiExec.exe /I{8E7D9374-438A-3E7F-95A2-99B7D67838EB}
    Microsoft Device Emulator (64 bit) version 3.0 - ENU –> MsiExec.exe /X{68BBA687-FEE3-30BC-9DBA-9DC9D1DFF2B6}
    Microsoft Office Office 64-bit Components 2007 –> MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE}
    Microsoft Office Shared 64-bit MUI (English) 2007 –> MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE}
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 –> MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE}
    Microsoft SQL Server Native Client –> MsiExec.exe /I{6E740973-8E71-42F9-A910-C18452E60450}
    Microsoft SQL Server VSS Writer –> MsiExec.exe /I{50822200-2E95-4E62-A8D8-41C3B308DF5E}
    Microsoft Visual C++ 2005 Redistributable (x64) –> MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
    Microsoft Visual Studio 2008 Remote Debugger - ENU –> C:\Program Files\Microsoft Visual Studio 9.0\Microsoft Visual Studio 2008 Remote Debugger - ENU\install.exe
    NVIDIA Drivers –> C:\Windows\system32\NVUNINST.EXE UninstallGUI
    Visual Studio .NET Prerequisites - English –> MsiExec.exe /X{5AC6E3BE-83DE-3330-94D9-B390DA5B5E4A}


    – Application Event Log ——————————————————-

    Event Record #/Type8879 / Error
    Event Submitted/Written: 09/27/2007 07:23:46 PM
    Event ID/Source: 1000 / Application Error
    Event Description:
    Faulting application iexplore.exe, version 7.0.6000.16512, time stamp 0x46807103, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdf8, exception code 0xc0000005, fault offset 0x0003d058,
    process id 0x80c, application start time 0xiexplore.exe0.

    Event Record #/Type8869 / Success
    Event Submitted/Written: 09/27/2007 05:21:26 PM
    Event ID/Source: 12001 / usnjsvc
    Event Description:
    The Messenger Sharing USN Journal Reader service started successfully.

    Event Record #/Type8863 / Error
    Event Submitted/Written: 09/27/2007 04:41:28 PM
    Event ID/Source: 78 / SideBySide
    Event Description:
    Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.

    Event Record #/Type8862 / Error
    Event Submitted/Written: 09/27/2007 04:41:28 PM
    Event ID/Source: 78 / SideBySide
    Event Description:
    Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.
    Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.

    Event Record #/Type8861 / Error
    Event Submitted/Written: 09/27/2007 04:41:10 PM
    Event ID/Source: 78 / SideBySide
    Event Description:
    Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_1559f1c6f365a7fa.manifest.
    Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100.manifest.



    – Security Event Log ———————————————————-

    No Errors/Warnings found.


    – System Event Log ————————————————————

    Event Record #/Type31746 / Warning
    Event Submitted/Written: 09/27/2007 07:32:47 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    %%8271.1.1505.0{02CF8070-34BB-445C-AFEA-3EDCE0C4B6D2}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832service:xpdt0%%807

    Event Record #/Type31745 / Warning
    Event Submitted/Written: 09/27/2007 07:32:47 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    %%8271.1.1505.0{20E25DD5-AA10-410C-9532-B5F27177C778}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832driver:xpdt0%%807

    Event Record #/Type31744 / Warning
    Event Submitted/Written: 09/27/2007 07:32:47 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    %%8271.1.1505.0{7C2321BF-2BCA-4F8B-8E49-F041857683ED}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832driver:huy320%%807

    Event Record #/Type31743 / Warning
    Event Submitted/Written: 09/27/2007 07:32:45 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    %%8271.1.1505.0{A442AB02-4629-44EF-8272-078FCF63F41B}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832service:lzx320%%807

    Event Record #/Type31742 / Warning
    Event Submitted/Written: 09/27/2007 07:32:45 PM
    Event ID/Source: 3004 / WinDefend
    Event Description:
    %%8271.1.1505.0{BAE6CE1A-6A3D-4A66-90EB-0442F60042AF}PC-andriesandriesS-1-5-21-1887023637-2835658961-1265127688-1000Unknown%%832driver:msguard0%%807



    – End of Deckard's System Scanner: finished at 2007-09-27 19:34:48 ————[/quote:ed4e47c615]

    1. Ik hoop dat je hier wat mee kan :D

    2. weet je toevallig ook zeker of die 3 schuingedrukte processen in mijn eerste post echt normaal zijn?

    3. iemand een reg check tool heeft voor windows vista(x64), want dat is toch wel handig :P
  • Graag gedaan alvast :)

    Je logjes zien er allemaal schoon uit. BSOD's kunnen een heleboel oorzaken hebben, om de juiste oorzaak vast te stellen hebben we de juiste foutcode nodig. Kijk eens in je logboeken op het moment dat je een BSOD krijgt, kopieer die tekst in je volgende bericht.

    Logboek kan je terugvinden hier:
    start –> uitvoeren –> [b:3bde4978d0]eventvwr.msc[/b:3bde4978d0]

    Succes!
  • [b:451940b35b]oke nogmaals bedankt,[/b:451940b35b]
    naar de BSOD heb ik al eerder gekeken, en elke keer is het een andere foute code, ik heb ze ergens opgeschreven maar kan het blaadje niet meer vinden :cry: maar das een ander verhaal… :P

    Aan de eventviewer zijn wel wat kleine probleempjes….
    Maar daar heb ik nu even geen tijd voor…
    Daar heb ik het morgen nog wel over :wink:
  • Ik zie het wel verschijnen, ben van het weekend niet zoveel online :wink:
  • oke, hoop dat ik binnenkort wel weer op je hulp kan rekenen :P

    ben ff event viewer uitgezocht en de problemen die ik kan vinden:

    1.
    [quote:6a45a6cd86]Faulting application iexplore.exe, version 7.0.6000.16512, time stamp 0x46807103, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0x00000000, fault offset 0x00000000, process id 0x129c, application start time 0x01c801eba486ef41.

    Event ID: 1000
    Application Error
    user: N/A
    Task Category: (100)

    hoevaak?, heel vaak…[/quote:6a45a6cd86]

    Ik kan niets op internet vinden over deze melding…

    2.
    [quote:6a45a6cd86]The following boot-start or system-start driver(s) failed to load:
    i8042prt

    Application Error
    Event ID: 1000
    User: N/A
    Task Category: (100)

    hoevaak?, schijnt zo te zijn bij elke keer als ik opstart[/quote:6a45a6cd86]

    Ik heb gehoord dat dit iets met je keyboard/mouse driver?, maar voglens device manager heb ik geen problemen. en ik heb Microsoft Wireless Optical Desktop 2000, microsoft dus het zou goed moeten werken…

    3.
    [quote:6a45a6cd86]The description for Event ID 0 from source cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

    If the event originated on another computer, the display information had to be saved with the event.

    The following information was included with the event:
    (allemeldingen ff samen)
    - GPClient

    - SQLServerEventProvider
    root\Microsoft\SqlServer\ServerEvents\SQLEXPRESS

    - OffProv12
    Root\MSAPPS12

    - Sens

    - TrustedInstaller
    CreateSession

    - TrustedInstaller
    107
    CreateSession

    - 2147944003
    Dutch Language Pack
    EV_RenderedValue_2.00
    102
    (en alle andere language pakketen die ik heb geprobeerd te installeren)

    - %%827
    1.1.1505.0
    {9FC14940-44B2-4AF8-98CD-45267B977CEE}
    PC-andries
    andries
    S-1-5-21-1887023637-2835658961-1265127688-1000
    Unknown
    %%832
    process:pid:2680;service:PnkBstrA;file:C:\Windows\SysWOW64
    \PnkBstrA.exe
    0
    %%807
    [i:6a45a6cd86](pnkbstrB.exe zelfde probleem NET Als zo'n 50 andere .exes, .dll etc…
    Deze meldingen vallen onder:
    - aplication error(50x)
    - application hang(10x)
    - applicationExperienceInfrastructure(10x)
    - ASP.NET 1.1.4322.0(1x)
    - BROWSER(2x)
    - CD-rom(paar honderd maal)
    - certivicateServicesClient(2x)
    - Dhcp client(3x)
    - Display(7x)
    - DistributedCOM(14x))[/i:6a45a6cd86]

    [/quote:6a45a6cd86]

    [b:6a45a6cd86]paar duizend maal[/b:6a45a6cd86], over verschillende processen, zie hierboven


    [quote:6a45a6cd86]laten we het hier maar [u:6a45a6cd86]even[/u:6a45a6cd86] bij houden, dit koste me al ruim een halfuur…[/quote:6a45a6cd86]
  • hier het vervolg:

    5.
    [quote:27d84a6283]The description for Event ID 6008 from source EventLog cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

    If the event originated on another computer, the display information had to be saved with the event.

    The following information was included with the event:

    WUClient-SelfUpdate-Aux-lt-LT-LP-Toplevel
    WUClient-SelfUpdate-Aux
    Feature Pack
    Staging
    Staging
    WUClient-SelfUpdate-Aux-TopLevel~31bf3856ad364e35~amd64~~7.0.6000.381
    Staged
    False
    0x80070002
    False

    the message resource is present but the message is not found in the string/message table

    zo’n 50x met verschillende processen, .exe’s etc….
    onder:
    - Eventlog(heel vaak)
    - Languagepacksetup(10x)
    - Msiinstaller(~25x)
    - Plugandplaymanager(8x)
    - Restartmanager(1X)
    - Print(4x)
    - Search(2x)
    - Service control manager eventlog provider(~50x)
    - Servicing[b:27d84a6283](HONDERDEN MALEN, gok zo’n 5000x)[/b:27d84a6283]
    - Windowsupdateclient(10X)
    - Winlogon(8x)
    - WMI(7x) [/quote:27d84a6283]

    6.
    [quote:27d84a6283]iexplore.exe scan has started.
    Scan ID: 46807103
    Scan Type: 6.0.6000.16386
    Scan Parameters: c0000005
    User: 0003d058\12f0[/quote:27d84a6283]
    Scan van windowsdefender, echter heb ik nooit iexplore.exe gedownload?, of geïnstalleerd etc…
  • nvm, systeem opnieuw geinstalleerd, nog steeds niet optimaal… die mensen bij microsoft moeten is wat aan hun eventviewer gaan doen, door alleen al de eerste te updaten na installatie heb je al 500 errors volgens hun event viewer, das toch bullshit…

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.