Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

langzaam opstart xp-home

pimvandenderen
3 antwoorden
  • hello medenetters,

    By opstarten van xp-home duurt het wel 1 minuut voor dat het scherm en windows tervoorschijn komt…Zoals men ziet zitten een aantal opstart programma's erin maar dan lijkt net of een ander programma ervoor 1rst opstart en dan de rest…Hier een logje:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:50:24, on 25-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    (Unable to list running processes)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Java\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe
    unkey
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [HP Software Update] H:\HP software\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Java\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [FAST Defrag] H:\UTILIT~1\FDF\FAST2.EXE -tray
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Multimedia\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [Rainlendar2] H:\Utilities\Calendaer\Rainlendar2\Rainlendar2.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Registration .LNK = M:\UBISOFT\Silent Hunter 4 Wolves of the Pacific\RegistrationReminder\RegistrationReminder.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\HP software\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = H:\HP software\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Java\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Java\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206697018929
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206784592890
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8FC75D6E-C28C-44A6-80DE-2473086E3E05}: NameServer = 194.109.6.66,194.109.9.99
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - H:\Antivirus\Ad-Aware\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - H:\Utilities\perfect disk 8.0\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - H:\Utilities\perfect disk 8.0\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - H:\Multimedia\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe


    End of file - 7873 bytes

    Hartelijk dank voor de hulp
  • Deze vind ik nogal raar:
    [b:be5abb93c7](Unable to list running processes) [/b:be5abb93c7]

    Heb je toevallig ooit met register tweakers o.i.d. lopen spelen?
    Herstart je PC eens en doe de volgende scan:

    Download Deckard's System Scanner naar je [b:be5abb93c7]Bureaublad[/b:be5abb93c7]

    [list:be5abb93c7]
    Sluit alle toepassingen en vensters.
    [b:be5abb93c7]Dubbelklik[/b:be5abb93c7] op [b:be5abb93c7]dss.exe[/b:be5abb93c7] om het te activeren, en volg de aanwijzingen.
    Wanneer de scan volledig is, zal een tekstbestand - [b:be5abb93c7]main.txt[/b:be5abb93c7] - openen.
    Kopiëer [b:be5abb93c7]Ctrl+A gevolgd door Ctrl+C[/b:be5abb93c7]) en plak ([b:be5abb93c7]Ctrl+V[/b:be5abb93c7]) de inhoud van [b:be5abb93c7]main.txt[/b:be5abb93c7] in je volgende antwoord.
    [/list:u:be5abb93c7]
    Opmerking:[/color:be5abb93c7] Sommige firewalls [b:be5abb93c7]kunnen[/b:be5abb93c7] waarschuwen dat [b:be5abb93c7]sigcheck.exe[/b:be5abb93c7] probeert verbinding te maken met het internet
    - zorg dat [b:be5abb93c7]sigcheck.exe[/b:be5abb93c7] toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)
  • [quote:fcf63d1a77="pimvandenderen"]Deze vind ik nogal raar:
    [b:fcf63d1a77](Unable to list running processes) [/b:fcf63d1a77]

    Heb je toevallig ooit met register tweakers o.i.d. lopen spelen?
    Herstart je PC eens en doe de volgende scan:

    Download Deckard's System Scanner naar je [b:fcf63d1a77]Bureaublad[/b:fcf63d1a77]

    [list:fcf63d1a77]
    Sluit alle toepassingen en vensters.
    [b:fcf63d1a77]Dubbelklik[/b:fcf63d1a77] op [b:fcf63d1a77]dss.exe[/b:fcf63d1a77] om het te activeren, en volg de aanwijzingen.
    Wanneer de scan volledig is, zal een tekstbestand - [b:fcf63d1a77]main.txt[/b:fcf63d1a77] - openen.
    Kopiëer [b:fcf63d1a77]Ctrl+A gevolgd door Ctrl+C[/b:fcf63d1a77]) en plak ([b:fcf63d1a77]Ctrl+V[/b:fcf63d1a77]) de inhoud van [b:fcf63d1a77]main.txt[/b:fcf63d1a77] in je volgende antwoord.
    [/list:u:fcf63d1a77]
    Opmerking:[/color:fcf63d1a77] Sommige firewalls [b:fcf63d1a77]kunnen[/b:fcf63d1a77] waarschuwen dat [b:fcf63d1a77]sigcheck.exe[/b:fcf63d1a77] probeert verbinding te maken met het internet
    - zorg dat [b:fcf63d1a77]sigcheck.exe[/b:fcf63d1a77] toestemming krijgt om dit te doen !
    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)[/quote:fcf63d1a77]

    Hier de main-txt:

    Deckard's System Scanner v20071014.68
    Run by Eigenaar on 2008-04-26 00:49:20
    Computer is in Normal Mode.
    ——————————————————————————–

    – System Restore ————————————————————–

    Successfully created a Deckard's System Scanner Restore Point.


    – Last 3 Restore Point(s) –
    3: 2008-04-25 22:49:27 UTC - RP192 - Deckard's System Scanner Restore Point
    2: 2008-04-25 09:12:50 UTC - RP191 - Installed Lock On: Modern Air Combat
    1: 2008-04-25 05:23:55 UTC - RP190 - Software Distribution Service 3.0


    Backed up registry hives.
    Performed disk cleanup.



    – HijackThis (run as Eigenaar.exe) ——————————————–

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 0:51:41, on 26-4-2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    (Unable to list running processes)
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Java\bin\ssv.dll
    O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe
    unkey
    O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe
    O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [HP Software Update] H:\HP software\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Java\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [FAST Defrag] H:\UTILIT~1\FDF\FAST2.EXE -tray
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [AlcoholAutomount] "H:\Multimedia\Alcohol 120\axcmd.exe" /automount
    O4 - HKCU\..\Run: [Rainlendar2] H:\Utilities\Calendaer\Rainlendar2\Rainlendar2.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Registration .LNK = M:\UBISOFT\Silent Hunter 4 Wolves of the Pacific\RegistrationReminder\RegistrationReminder.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\HP software\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Photosmart Premier Snelstart.lnk = H:\HP software\Digital Imaging\bin\hpqthb08.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Java\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Java\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1206697018929
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206784592890
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{8FC75D6E-C28C-44A6-80DE-2473086E3E05}: NameServer = 194.109.6.66,194.109.9.99
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - H:\Antivirus\Ad-Aware\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
    O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
    O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
    O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: PDAgent - Raxco Software, Inc. - H:\Utilities\perfect disk 8.0\PDAgent.exe
    O23 - Service: PDEngine - Raxco Software, Inc. - H:\Utilities\perfect disk 8.0\PDEngine.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe
    O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - H:\Multimedia\Alcohol 120\StarWind\StarWindServiceAE.exe
    O23 - Service: WUSB54GCSVC - GEMTEKS - C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe


    End of file - 7872 bytes

    – HijackThis Fixed Entries (H:\ANTIVI~1\HIJACK~1\backups\) ——————–

    backup-20070826-151752-192 O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    backup-20070826-151752-378 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    backup-20070826-151752-796 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    backup-20070915-090745-684 O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    backup-20070915-090745-726 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    backup-20070915-090746-336 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    backup-20071112-034955-201 O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
    backup-20071112-034955-202 O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5120/mcfscan.cab
    backup-20071112-034955-421 O4 - HKCU\..\Run: [Pando] "F:\Utilities\Pando\pando.exe" /Minimized
    backup-20071112-034955-491 O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - F:\Utilities\Pando\PandoIEPlugin.dll
    backup-20071112-034955-643 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    backup-20071112-034955-829 O4 - Global Startup: XS4ALL Softphone.lnk = ?
    backup-20071112-034955-997 O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    backup-20071112-034956-971 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    backup-20071112-034956-978 O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    backup-20071202-090111-221 O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    backup-20071202-090111-304 O20 - AppInit_DLLs:
    backup-20071202-090111-488 O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-windows-i586-jc.cab
    backup-20071202-090111-563 O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    backup-20071202-090111-648 O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    backup-20071202-090111-783 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.nl/0SENLNL/SAOS01?FORM=TOOLBR
    backup-20071202-090111-833 O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
    backup-20071202-090111-991 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    backup-20071202-214517-408 O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
    backup-20071206-083657-221 O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
    backup-20071206-083657-678 O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    backup-20071209-193301-358 O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    backup-20071209-193301-431 O17 - HKLM\System\CCS\Services\Tcpip\..\{48F87C26-25BD-486F-90B4-5E849068B173}: NameServer = 192.168.1.254,0.0.0.0
    backup-20071209-193301-512 O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    backup-20071209-193301-586 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Utilities\Adobe reader 8 nl\Reader\Reader_sl.exe"
    backup-20071209-193301-608 O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    backup-20071209-193301-698 O17 - HKLM\System\CCS\Services\Tcpip\..\{858A6734-8FFE-4519-9446-66F5243D90A9}: NameServer = 194.109.6.66,194.109.9.99
    backup-20071209-193301-806 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    backup-20071209-193301-844 O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
    backup-20071209-193301-897 O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - F:\Multimedia\magix\Common\Database\bin\fbserver.exe
    backup-20071226-120142-130 O17 - HKLM\System\CCS\Services\Tcpip\..\{48F87C26-25BD-486F-90B4-5E849068B173}: NameServer = 192.168.1.254,0.0.0.0
    backup-20071226-120142-233 O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    backup-20071226-120142-322 O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\Multimedia\Deamon Tools\DAEMON Tools Lite\daemon.exe"
    backup-20071226-120142-334 O4 - Startup: Last.fm Helper.lnk = G:\muziek\lastfm\LastFMHelper.exe
    backup-20071226-120142-418 O4 - HKLM\..\Run: [QuickTime Task] "F:\Multimedia\quicktime\qttask.exe" -atboottime
    backup-20071226-120142-560 O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    backup-20071226-120142-807 O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Multimedia\RealPlayer\rpbrowserrecordplugin.dll
    backup-20071226-120142-813 O4 - Startup: Secunia PSI (BETA).lnk = F:\Utilities\Secunia\PSI.exe
    backup-20071226-120142-859 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    backup-20071226-120142-961 O4 - HKLM\..\Run: [ISUSPM Startup] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup

    – File Associations ———————————————————–

    All associations okay.


    – Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ———————

    R3 GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - c:\windows\system32\gtndis5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>


    – Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ——————–

    R2 StarWindServiceAE (StarWind AE Service) - h:\multimedia\alcohol 120\starwind\starwindserviceae.exe <Not Verified; Rocket Division Software; StarWind Alcohol Edition>

    S3 NBService - c:\program files
    ero
    ero 7
    ero backitup
    bservice.exe


    – Device Manager: Disabled —————————————————-

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: Multimedia-videocontroller
    Device ID: PCI\VEN_109E&DEV_036E&SUBSYS_001211BD&REV_11\4&1F7DBC9F&0&08F0
    Manufacturer:
    Name: Multimedia-videocontroller
    PNP Device ID: PCI\VEN_109E&DEV_036E&SUBSYS_001211BD&REV_11\4&1F7DBC9F&0&08F0
    Service:

    Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
    Description: Multimediacontroller
    Device ID: PCI\VEN_109E&DEV_0878&SUBSYS_001211BD&REV_11\4&1F7DBC9F&0&09F0
    Manufacturer:
    Name: Multimediacontroller
    PNP Device ID: PCI\VEN_109E&DEV_0878&SUBSYS_001211BD&REV_11\4&1F7DBC9F&0&09F0
    Service:

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 1394-netwerkkaart
    Device ID: V1394\NIC1394\101270223C01
    Manufacturer: Microsoft
    Name: 1394-netwerkkaart
    PNP Device ID: V1394\NIC1394\101270223C01
    Service: NIC1394

    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: 1394-netwerkkaart
    Device ID: V1394\NIC1394\A55AF40D61
    Manufacturer: Microsoft
    Name: 1394-netwerkkaart #2
    PNP Device ID: V1394\NIC1394\A55AF40D61
    Service: NIC1394

    Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
    Description: Microsoft Kernel Wave-audiomixer
    Device ID: SW\{B7EAFDC0-A680-11D0-96D8-00AA0051E51D}\{9B365890-165F-11D0-A195-0020AFD156E4}
    Manufacturer: Microsoft
    Name: Microsoft Kernel Wave-audiomixer
    PNP Device ID: SW\{B7EAFDC0-A680-11D0-96D8-00AA0051E51D}\{9B365890-165F-11D0-A195-0020AFD156E4}
    Service: kmixer


    – Scheduled Tasks ————————————————————-

    2008-04-15 01:04:50 352 –a—— C:\WINDOWS\Tasks\McDefragTask.job
    2008-04-01 01:00:13 338 –a—— C:\WINDOWS\Tasks\McQcTask.job


    – Files created between 2008-03-26 and 2008-04-26 —————————–

    2008-04-25 11:30:31 0 dr-h—– C:\Documents and Settings\Eigenaar\Onlangs geopend
    2008-04-20 12:49:40 0 d——– C:\Documents and Settings\Eigenaar\Application Data\dvdcss
    2008-04-16 14:36:13 119739 –a—— C:\WINDOWS\hpoins11.dat
    2008-04-10 11:47:29 0 d——– C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-04-09 12:17:16 0 d——– C:\Documents and Settings\Eigenaar\.rainlendar2
    2008-04-08 21:25:25 0 d——– C:\WINDOWS\Sun
    2008-04-07 09:47:23 0 d——– C:\Documents and Settings\Eigenaar\Application Data\OpenOffice.org2
    2008-04-07 08:23:25 0 d——– C:\Program Files\Java
    2008-04-07 08:23:23 0 d——– C:\Program Files\Common Files\Java
    2008-04-07 08:23:00 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Sun
    2008-04-04 17:10:57 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Auslogics
    2008-04-04 15:16:32 715248 –a—— C:\WINDOWS\system32\drivers\sptd.sys
    2008-04-04 14:11:03 0 d——– C:\Documents and Settings\Eigenaar\Application Data\vlc
    2008-04-02 15:48:17 0 d——– C:\Program Files\Common Files\Raxco
    2008-04-02 15:48:17 0 d——– C:\Documents and Settings\All Users\Application Data\Raxco
    2008-04-01 13:43:49 0 d——– C:\Documents and Settings\All Users\Application Data\Ahead
    2008-04-01 13:39:58 0 d——– C:\Program Files\Nero
    2008-04-01 13:39:58 0 d——– C:\Documents and Settings\All Users\Application Data\Nero
    2008-04-01 12:33:17 0 d——– C:\Documents and Settings\All Users\Application Data\ATI
    2008-04-01 12:24:25 593920 —–n— C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
    2008-04-01 00:15:26 0 d——– C:\temp
    2008-04-01 00:15:11 0 d——– C:\WINDOWS\Downloaded Installations
    2008-04-01 00:11:05 0 d——– C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
    2008-03-31 23:51:43 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Ahead
    2008-03-31 23:48:32 0 d——– C:\Program Files\Common Files\Ahead
    2008-03-31 22:22:47 0 d——– C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-31 10:11:55 0 d——– C:\Documents and Settings\Eigenaar\Application Data\InstallShield
    2008-03-31 10:07:00 0 dr-h—– C:\Documents and Settings\Eigenaar\Application Data\SecuROM
    2008-03-31 09:14:05 0 d——– C:\Program Files\Windows Media Connect 2
    2008-03-31 09:11:56 0 d——– C:\WINDOWS\system32\LogFiles
    2008-03-31 09:11:56 0 d——– C:\WINDOWS\system32\drivers\UMDF
    2008-03-31 08:53:29 0 d——– C:\Documents and Settings\Eigenaar\Application Data\WinRAR
    2008-03-31 08:32:35 0 d——– C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-03-30 18:41:18 96557 –a—— C:\WINDOWS\hpqins16.dat
    2008-03-29 14:13:08 0 d——– C:\Program Files\MSXML 4.0
    2008-03-29 13:46:24 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Macromedia
    2008-03-29 13:19:17 0 d——– C:\Documents and Settings\Eigenaar\Application Data\ATI
    2008-03-29 12:59:54 0 d——– C:\Documents and Settings\Eigenaar\Application Data\HP
    2008-03-29 12:58:46 0 d——– C:\Documents and Settings\All Users\Application Data\HP
    2008-03-29 12:55:48 0 d——– C:\Documents and Settings\All Users\Application Data\Sonic
    2008-03-29 12:55:47 0 d——– C:\Program Files\Common Files\Sonic Shared
    2008-03-29 12:53:42 0 d——– C:\Program Files\Common Files\HP
    2008-03-29 12:51:41 0 d——– C:\Program Files\Hewlett-Packard
    2008-03-29 12:50:58 0 d——– C:\Program Files\Common Files\Hewlett-Packard
    2008-03-29 12:49:35 73728 —–n— C:\WINDOWS\system32\HPZipm12.exe <Not Verified; HP; HP PML>
    2008-03-29 12:49:32 306688 –a—— C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
    2008-03-29 12:48:59 0 d——– C:\Program Files\HP
    2008-03-29 12:08:43 0 d——– C:\Program Files\Microsoft Silverlight
    2008-03-29 12:01:48 0 d——– C:\Program Files\MSXML 6.0
    2008-03-29 11:10:28 0 d——– C:\WINDOWS
    etwork diagnostic
    2008-03-29 11:01:04 409600 –a—— C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
    2008-03-29 11:01:04 114688 –a—— C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
    2008-03-29 11:01:03 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Creative
    2008-03-29 10:59:57 0 d——– C:\WINDOWS\system32\data
    2008-03-29 10:57:40 0 d——– C:\WINDOWS\system32
    l-NL
    2008-03-29 10:55:32 0 d——– C:\Program Files\MSBuild
    2008-03-29 10:48:52 0 d——– C:\WINDOWS\system32\XPSViewer
    2008-03-29 10:48:08 0 d——– C:\Program Files\Reference Assemblies
    2008-03-29 10:36:46 0 d——– C:\WINDOWS\RegisteredPackages
    2008-03-29 10:34:11 0 d——– C:\WINDOWS\system32\URTTemp
    2008-03-29 10:21:42 0 d——– C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2008-03-29 09:57:21 0 d——– C:\Documents and Settings\LocalService\Bureaublad
    2008-03-29 09:57:21 0 d——– C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
    2008-03-29 09:57:15 0 d——– C:\Program Files\SiteAdvisor
    2008-03-29 09:57:15 0 d——– C:\Documents and Settings\Eigenaar\Application Data\SiteAdvisor
    2008-03-29 09:57:15 0 d——– C:\Documents and Settings\All Users\Application Data\SiteAdvisor
    2008-03-29 09:55:32 0 d——– C:\Program Files\McAfee.com
    2008-03-29 09:55:28 0 d——– C:\Program Files\Common Files\McAfee
    2008-03-29 09:55:19 0 d——– C:\Program Files\McAfee
    2008-03-29 09:54:04 0 d——– C:\Documents and Settings\All Users\Application Data\McAfee
    2008-03-29 09:47:34 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Google
    2008-03-29 09:32:53 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Adobe
    2008-03-29 09:32:01 0 d——– C:\Documents and Settings\All Users\Application Data\Adobe
    2008-03-29 09:31:51 0 d——– C:\Program Files\Common Files\Adobe
    2008-03-29 09:31:11 0 d——– C:\Documents and Settings\All Users\Application Data\Google
    2008-03-29 09:31:03 0 d——– C:\Program Files\Google
    2008-03-28 12:53:08 0 d——– C:\Documents and Settings\LocalService\Menu Start
    2008-03-28 12:52:14 0 d——– C:\WINDOWS\Prefetch
    2008-03-28 12:29:15 0 d——– C:\WINDOWS\provisioning
    2008-03-28 12:29:15 0 d——– C:\WINDOWS\peernet
    2008-03-28 12:28:15 0 d——– C:\WINDOWS\ServicePackFiles
    2008-03-28 12:25:56 0 d——– C:\WINDOWS\system32\ReinstallBackups
    2008-03-28 12:24:09 0 d——– C:\WINDOWS\EHome
    2008-03-28 12:04:17 171280 –a—— C:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:17 139536 –a—— C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:17 46352 –a—— C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:17 6550 –a—— C:\WINDOWS\jautoexp.dat
    2008-03-28 12:04:16 313856 –a—— C:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
    2008-03-28 12:04:12 113 –a—— C:\WINDOWS\system32\zonedon.reg
    2008-03-28 12:04:12 113 –a—— C:\WINDOWS\system32\zonedoff.reg
    2008-03-28 12:04:12 171792 –a—— C:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-03-28 12:04:12 286992 –a—— C:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-03-28 12:04:12 21264 –a—— C:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:11 947472 –a—— C:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:11 154384 –a—— C:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:10 172304 –a—— C:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-03-28 12:04:10 15120 –a—— C:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:10 404752 –a—— C:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:10 63248 –a—— C:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 12:04:10 187152 –a—— C:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Besturingssysteem Microsoft® Windows®>
    2008-03-28 12:04:09 49424 –a—— C:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
    2008-03-28 11:41:25 0 d——– C:\WINDOWS\system32\PreInstall
    2008-03-28 11:41:22 0 d–h—– C:\WINDOWS\$hf_mig$
    2008-03-28 11:40:48 0 d——– C:\WINDOWS\system32\bits
    2008-03-28 11:37:07 0 d——– C:\WINDOWS\SoftwareDistribution
    2008-03-28 11:36:58 0 d–hs—- C:\Documents and Settings\Eigenaar\UserData
    2008-03-28 11:10:06 0 –a—— C:\WINDOWS\ativpsrm.bin
    2008-03-28 10:43:38 0 d—s—- C:\WINDOWS\system32\Microsoft
    2008-03-28 10:43:14 94208 –a—— C:\WINDOWS\system32\GTW32N50.dll
    2008-03-28 10:43:14 15872 –a—— C:\WINDOWS\system32\GTNDIS5.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows>
    2008-03-28 10:43:14 32768 –a—— C:\WINDOWS\system32\GTGina.dll <Not Verified; Gemtek; GTGina Dynamic Link Library>
    2008-03-28 10:43:10 0 d——– C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor
    2008-03-28 10:33:37 0 d——– C:\Program Files\Common Files\ODBC
    2008-03-28 10:33:33 0 d——– C:\Program Files\Common Files\SpeechEngines
    2008-03-28 10:33:32 0 dr——- C:\Program Files
    2008-03-28 10:33:32 0 d——– C:\Program Files\Common Files
    2008-03-28 10:33:03 0 d–h—– C:\Documents and Settings\Default User\Sjablonen
    2008-03-28 10:33:03 0 dr-h—– C:\Documents and Settings\Default User\SendTo
    2008-03-28 10:33:03 0 d–h—– C:\Documents and Settings\Default User\Onlangs geopend
    2008-03-28 10:33:03 0 d–h—– C:\Documents and Settings\Default User\Netwerkprinteromgeving
    2008-03-28 10:33:03 0 d–h—– C:\Documents and Settings\Default User\NetHood
    2008-03-28 10:33:03 0 d——– C:\Documents and Settings\Default User\Mijn documenten
    2008-03-28 10:33:03 0 dr——- C:\Documents and Settings\Default User\Menu Start
    2008-03-28 10:33:03 0 dr-h—– C:\Documents and Settings\Default User\Local Settings
    2008-03-28 10:33:03 0 d——– C:\Documents and Settings\Default User\Favorieten
    2008-03-28 10:33:03 0 d—s—- C:\Documents and Settings\Default User\Cookies
    2008-03-28 10:33:03 0 d——– C:\Documents and Settings\Default User\Bureaublad
    2008-03-28 10:33:03 0 d–h—– C:\Documents and Settings\All Users\Sjablonen
    2008-03-28 10:33:03 0 dr——- C:\Documents and Settings\All Users\Menu Start
    2008-03-28 10:33:03 0 d——– C:\Documents and Settings\All Users\Favorieten
    2008-03-28 10:33:03 0 dr——- C:\Documents and Settings\All Users\Documenten
    2008-03-28 10:33:03 0 d——– C:\Documents and Settings\All Users\Bureaublad
    2008-03-28 10:32:47 0 d——– C:\WINDOWS\system32\CatRoot2
    2008-03-28 10:32:47 0 d——– C:\WINDOWS\system32\CatRoot
    2008-03-28 10:32:42 0 dr-h—– C:\Documents and Settings\Default User\Application Data
    2008-03-28 10:32:42 0 d—s—- C:\Documents and Settings\Default User\Application Data\Microsoft
    2008-03-28 10:32:41 0 dr-h—– C:\Documents and Settings\All Users\Application Data
    2008-03-28 10:32:41 0 d—s—- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-03-28 10:32:19 0 d——– C:\Documents and Settings
    2008-03-28 10:26:39 0 d——– C:\Program Files\ATI Technologies
    2008-03-28 10:26:32 0 d–h—– C:\Program Files\InstallShield Installation Information
    2008-03-28 10:26:22 0 d——– C:\WINDOWS
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\WinSxS
    2008-03-28 10:26:22 0 dr——- C:\WINDOWS\Web
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\twain_32
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\wins
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\wbem
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\usmt
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\spool
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\ShellExt
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\Setup
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\ras
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\oobe
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32
    pp
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\mui
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\inetsrv
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\IME
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\icsxml
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\ias
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\export
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\drivers
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\drivers\etc
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\drivers\disdn
    2008-03-28 10:26:22 0 dr-hs–c- C:\WINDOWS\system32\dllcache
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\dhcp
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\config
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\3com_dmi
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\3076
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\2052
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1054
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1043
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1042
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1041
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1037
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1033
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1031
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1028
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system32\1025
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\system
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\security
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Resources
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\repair
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\mui
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\msapps
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\msagent
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Media
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\java
    2008-03-28 10:26:22 0 d–h—– C:\WINDOWS\inf
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\ime
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Help
    2008-03-28 10:26:22 0 dr–s—- C:\WINDOWS\Fonts
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Driver Cache
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Debug
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Cursors
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Connection Wizard
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\Config
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\AppPatch
    2008-03-28 10:26:22 0 d——– C:\WINDOWS\addins
    2008-03-28 10:26:01 0 d——– C:\Program Files\Common Files\InstallShield
    2008-03-28 10:14:21 0 d–hs—- C:\WINDOWS\Installer
    2008-03-28 10:14:18 0 d——– C:\Documents and Settings\Eigenaar\Application Data\Identities
    2008-03-28 10:14:09 0 d–h—– C:\Documents and Settings\Eigenaar\Sjablonen
    2008-03-28 10:14:09 0 dr-h—– C:\Documents and Settings\Eigenaar\SendTo
    2008-03-28 10:14:09 4718592 –a—— C:\Documents and Settings\Eigenaar\NTUSER.DAT
    2008-03-28 10:14:09 0 d–h—– C:\Documents and Settings\Eigenaar\Netwerkprinteromgeving
    2008-03-28 10:14:09 0 d–h—– C:\Documents and Settings\Eigenaar\NetHood
    2008-03-28 10:14:09 0 dr——- C:\Documents and Settings\Eigenaar\Menu Start
    2008-03-28 10:14:09 0 d–h—– C:\Documents and Settings\Eigenaar\Local Settings
    2008-03-28 10:14:09 0 dr——- C:\Documents and Settings\Eigenaar\Favorieten
    2008-03-28 10:14:09 0 d–hs—- C:\Documents and Settings\Eigenaar\Cookies
    2008-03-28 10:14:09 0 d——– C:\Documents and Settings\Eigenaar\Bureaublad
    2008-03-28 10:14:09 0 dr-h—– C:\Documents and Settings\Eigenaar\Application Data
    2008-03-28 10:14:02 0 d–hs—- C:\System Volume Information
    2008-03-28 10:13:57 237568 –ah—– C:\Documents and Settings\LocalService\NTUSER.DAT
    2008-03-28 10:13:57 0 d–h—– C:\Documents and Settings\LocalService\Local Settings
    2008-03-28 10:13:57 0 d–hs—- C:\Documents and Settings\LocalService\Cookies
    2008-03-28 10:13:57 0 d——– C:\Documents and Settings\LocalService\Application Data
    2008-03-28 10:13:57 0 d—s—- C:\Documents and Settings\LocalService\Application Data\Microsoft
    2008-03-28 10:13:56 237568 –ah—– C:\Documents and Settings\NetworkService\NTUSER.DAT
    2008-03-28 10:13:56 0 d–h—– C:\Documents and Settings\NetworkService\Local Settings
    2008-03-28 10:13:56 0 d—s—- C:\Documents and Settings\NetworkService\Cookies
    2008-03-28 10:13:56 0 d——– C:\Documents and Settings\NetworkService\Application Data
    2008-03-28 10:13:56 0 d—s—- C:\Documents and Settings\NetworkService\Application Data\Microsoft
    2008-03-28 09:50:42 0 d——– C:\WINDOWS\system32\xircom
    2008-03-28 09:50:42 0 d——– C:\Program Files\microsoft frontpage
    2008-03-28 09:50:40 237568 —h—– C:\Documents and Settings\Default User\NTUSER.DAT
    2008-03-28 09:50:32 0 -rahs—- C:\MSDOS.SYS
    2008-03-28 09:50:32 0 -rahs—- C:\IO.SYS
    2008-03-28 09:50:32 0 –a—— C:\CONFIG.SYS
    2008-03-28 09:50:32 0 –a—— C:\AUTOEXEC.BAT
    2008-03-28 09:49:39 0 d–hs—- C:\Documents and Settings\All Users\DRM
    2008-03-28 09:49:31 0 dr——- C:\WINDOWS\Offline Web Pages
    2008-03-28 09:49:31 0 d—s—- C:\WINDOWS\Downloaded Program Files
    2008-03-28 09:49:08 0 d——– C:\WINDOWS\system32\DirectX
    2008-03-28 09:48:39 0 d—s—- C:\WINDOWS\Tasks
    2008-03-28 09:48:37 0 d——– C:\Program Files\Common Files\MSSoap
    2008-03-28 09:48:34 0 d——– C:\WINDOWS\system32\Macromed
    2008-03-28 09:48:34 0 d——– C:\WINDOWS\srchasst
    2008-03-28 09:48:32 0 d——– C:\Program Files\Movie Maker
    2008-03-28 09:48:30 0 d——– C:\WINDOWS\PCHealth
    2008-03-28 09:48:29 0 d——– C:\WINDOWS\system32\Restore
    2008-03-28 09:48:18 21748 –a—— C:\WINDOWS\system32\emptyregdb.dat
    2008-03-28 09:48:02 0 d——– C:\WINDOWS\Registration
    2008-03-28 09:47:35 0 d–h—– C:\Program Files\WindowsUpdate
    2008-03-28 09:47:35 0 d——– C:\Program Files\Online Services
    2008-03-28 09:47:30 0 d——– C:\Program Files\Messenger
    2008-03-28 09:47:26 0 d——– C:\Program Files\MSN Gaming Zone
    2008-03-28 09:47:03 0 d——– C:\Program Files\Windows NT
    2008-03-28 09:47:01 0 d——– C:\WINDOWS\system32\MsDtc
    2008-03-28 09:47:01 0 d——– C:\WINDOWS\system32\Com


    – Find3M Report —————————————————————

    2008-03-31 09:15:42 509454 –a—— C:\WINDOWS\system32\perfh013.dat
    2008-03-31 09:15:42 91006 –a—— C:\WINDOWS\system32\perfc013.dat
    2008-03-28 10:33:03 62 –ahs—- C:\Documents and Settings\Eigenaar\Application Data\desktop.ini


    – Registry Dump —————————————————————

    *Note* empty entries & legit default entries are not shown


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [04-08-2004 07:31]
    "PHIME2002ASync"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [11-09-2002 14:00]
    "PHIME2002A"="C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.exe" [11-09-2002 14:00]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11-01-2008 23:16]
    "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [03-08-2007 23:33]
    "SiteAdvisor"="C:\Program Files\SiteAdvisor\6253\SiteAdv.exe" [24-08-2007 23:57]
    "McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [22-07-2007 21:29]
    "CTHelper"="CTHELPER.EXE" [09-04-2007 13:32 C:\WINDOWS\system32\CtHelper.exe]
    "CTxfiHlp"="CTXFIHLP.EXE" [09-04-2007 13:32 C:\WINDOWS\system32\Ctxfihlp.exe]
    "HP Software Update"="H:\HP software\HP Software Update\HPWuSchd2.exe" [19-02-2006 03:41]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21-01-2008 12:17]
    "NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [01-03-2007 15:57]
    "SunJavaUpdateSched"="H:\Java\bin\jusched.exe" [22-02-2008 04:25]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04-08-2004 10:03]
    "MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [13-10-2004 18:24]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [29-03-2008 10:07]
    "FAST Defrag"="H:\UTILIT~1\FDF\FAST2.exe" [24-08-2005 13:12]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [27-06-2007 19:03]
    "AlcoholAutomount"="H:\Multimedia\Alcohol 120\axcmd.exe" [22-12-2007 09:23]
    "Rainlendar2"="H:\Utilities\Calendaer\Rainlendar2\Rainlendar2.exe" [30-12-2007 12:23]

    C:\Documents and Settings\Eigenaar\Menu Start\Programma's\Opstarten\
    Registration .LNK - M:\UBISOFT\Silent Hunter 4 Wolves of the Pacific\RegistrationReminder\RegistrationReminder.exe [13-4-2008 15:12:23]

    C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
    HP Digital Imaging Monitor.lnk - H:\HP software\Digital Imaging\bin\hpqtra08.exe [19-2-2006 5:21:22]
    HP Photosmart Premier Snelstart.lnk - H:\HP software\Digital Imaging\bin\hpqthb08.exe [10-2-2006 8:56:20]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoLowDiskSpaceChecks"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
    @="Service"

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
    @="Volume shadow copy"

    *Newly Created Service* - GTNDIS5



    – Hosts ———————————————————————–

    127.0.0.1 ad.a8.net
    127.0.0.1 asy.a8ww.net
    127.0.0.1 www.abx4.com #[Adware.ABXToolbar]
    127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
    127.0.0.1 www.acezip.net #[Win32/Adware.180Solutions]
    127.0.0.1 phpadsnew.abac.com
    127.0.0.1 a.abnad.net
    127.0.0.1 b.abnad.net
    127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
    127.0.0.1 d.abnad.net

    18156 more entries in hosts file.


    – End of Deckard's System Scanner: finished at 2008-04-26 00:53:49 ————

    Hoop dat het duidelijk word!

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.