Dwwin.exe

Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Important Announcement: In recognition of reaching a milestone of 1,000,000 posts on the site, we are hosting the BC 1 Million Post contest. More information about this contest can be found at the following link:

Bleeping Computer 1,000,000 Post Contest

- BleepingComputer Management

BleepingComputer.com > Security > HijackThis Logs and Malware Removal

Forum Guidelines

Read this topic before posting a log.

DO NOT post a ComboFix log unless requested to.

Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

Dwwin.exe

Options

Moc

Jun 25 2008, 06:00 AM

Post #1

Member

Group: Members
Posts: 24
Joined: 7-April 07
Member No.: 122,755

Hey,

Since a few days I seem to have problems with my computer. At the moment I shutdown my pc it gives several errors, 1 of them closes automatically so no time to read, and another dwwin.exe stays for somewhat longer. I've tried searching on google and it was said to look in logfiles. So I did, they are in dutch so if you need a translation please tell me! Furthermore I have also ran the Kaspersky Online Scanner, this gave no result, no infections, nothing.

CODE

DCOM kreeg foutmelding 'De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. ' bij het starten van de lxcf_device-service met de argumenten '' om de server
{323CE21C-A448-40AA-BA74-7FCF1E44106F} te starten

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.

CODE

De lxcf_device-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.

CODE

Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: lxcf_device.

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.

CODE

I made 2 logfiles as requested in the preparation guide:

CODE

Deckard's System Scanner v20071014.68
Run by Tijn Kuyper on 2008-06-25 12:48:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
28: 2008-06-25 10:48:18 UTC - RP77 - Deckard's System Scanner Restore Point
27: 2008-06-25 05:06:42 UTC - RP76 - Software Distribution Service 3.0
26: 2008-06-24 04:47:40 UTC - RP75 - Software Distribution Service 3.0
25: 2008-06-23 17:06:13 UTC - RP74 - Installed TI NoteFolio Creator
24: 2008-06-23 17:03:50 UTC - RP73 - Installed Microsoft .NET Framework 1.1

-- First Restore Point --
1: 2008-06-13 13:19:00 UTC - RP50 - Installed Microsoft Office Project Professional 2007

Backed up registry hives.
Performed disk cleanup.

-- HijackThis (run as Tijn Kuyper.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:02, on 25-6-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tijn Kuyper.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [nHancer] "C:\Program Files\nHancer\nHancer.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - [url=http://dev.srtest.com/srl_bin/sysreqlab3.cab]http://dev.srtest.com/srl_bin/sysreqlab3.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url=http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212782837359]http://www.update.microsoft.com/microsoftu...b?1212782837359[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8C1DA0F-0E0B-4F00-8241-C054AE648385}: NameServer = 10.0.0.138
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: lxcf_device -   - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 8917 bytes

-- File Associations -----------------------------------------------------------

[color=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/color]
[color=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/color]

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil©>
R1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
R2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows ® 2000 DDK driver>
R3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys <Not Verified; IVT Corporation; Windows ® 2000 DDK driver>
R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VHidMinidrv (Bluetooth HID Device Service) - c:\windows\system32\drivers\vhidmini.sys <Not Verified; IVT Corporation; IVT BlueSoleil>

S3 TIEHDUSB - c:\windows\system32\drivers\tiehdusb.sys <Not Verified; Texas Instruments Incorporated; Texas Instruments Incorporated Educational Handheld Device>

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
R2 BlueSoleil Hid Service - c:\program files\sitecom\ivt bluesoleil\btntservice.exe
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>

S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S4 0295781212912402mcinstcleanup (McAfee Application Installer Cleanup (0295781212912402)) - c:\windows\temp\029578~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)

-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {00000000-0000-0000-0000-000000000000}
Description: Ander PCI-brugapparaat
Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Manufacturer:
Name: Ander PCI-brugapparaat
PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Service:

-- Scheduled Tasks -------------------------------------------------------------

2008-06-21 20:50:45       284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-06-09 17:32:50       358 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-06-09 17:32:49       344 --a------ C:\WINDOWS\Tasks\McQcTask.job

-- Files created between 2008-05-25 and 2008-06-25 -----------------------------

2008-06-25 12:50:26         0 d-------- C:\Program Files\Trend Micro
2008-06-24 12:58:34         0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-24 12:58:32         0 d-------- C:\Program Files\DVD Shrink
2008-06-24 12:54:20     47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-24 12:54:20     47360 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-24 12:54:19         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Vso
2008-06-24 12:54:06         0 d-------- C:\Program Files\DVDFab 5
2008-06-23 19:06:14         0 d-------- C:\Program Files\Common Files\SpellEx
2008-06-23 19:04:07         0 d-------- C:\WINDOWS\system32\URTTEMP
2008-06-23 18:57:58     49536 --a------ C:\WINDOWS\system32\drivers\tiehdusb.sys <Not Verified; Texas Instruments Incorporated; Texas Instruments Incorporated Educational Handheld Device>
2008-06-23 18:57:35         0 d-------- C:\Program Files\Common Files\TI Shared
2008-06-23 18:57:34         0 d-------- C:\Program Files\TI Education
2008-06-23 18:56:19         0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-23 14:27:23         0 d-------- C:\Program Files\Bridge Building Game
2008-06-23 14:21:34         0 d-------- C:\Program Files\MSECache
2008-06-21 21:08:42         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Acronis
2008-06-21 21:05:49         0 d-------- C:\Documents and Settings\LocalService\Application Data\Acronis
2008-06-21 21:03:16         0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2008-06-21 21:02:15         0 d-------- C:\Program Files\Common Files\Acronis
2008-06-21 21:02:15         0 d-------- C:\Program Files\Acronis
2008-06-21 20:51:02         0 d-------- C:\Program Files\QuickTime
2008-06-21 20:51:00         0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-21 20:50:40         0 d-------- C:\Program Files\Apple Software Update
2008-06-21 20:50:40         0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-21 20:29:02         0 d-------- C:\Program Files\PA Server Monitor
2008-06-21 11:10:47         0 d-------- C:\Program Files\Teach2000
2008-06-20 21:11:43         0 d-------- C:\WINDOWS\system32\Adobe
2008-06-20 15:33:41         0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-20 09:12:59         0 d-------- C:\WINDOWS\SDold2
2008-06-16 22:20:20         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\DivX
2008-06-16 22:20:06         0 d-------- C:\DECCHECK
2008-06-16 22:15:51         0 d-------- C:\Program Files\DivX
2008-06-15 19:43:50         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\LimeWire
2008-06-15 19:43:37         0 d-------- C:\Program Files\LimeWire
2008-06-15 16:12:57         0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-06-15 16:04:23         0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-15 16:03:39         0 d-------- C:\Program Files\Bonjour
2008-06-15 15:51:28         0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-15 15:50:09         0 d-------- C:\Program Files\Common Files\Adobe
2008-06-15 15:34:14         0 d-------- C:\WINDOWS\system32\DRM
2008-06-14 16:16:32         0 d-------- C:\WINDOWS\Performance
2008-06-14 16:16:17         0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
2008-06-14 13:43:02         0 d-------- C:\Program Files\YouTube Downloader
2008-06-14 12:13:05         0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-13 20:18:28         0 d-------- C:\GameCreate
2008-06-13 15:19:30         0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-13 15:19:03         0 dr-h----- C:\MSOCache
2008-06-12 11:33:41         0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Sjablonen
2008-06-12 11:33:41         0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\SendTo
2008-06-12 11:33:41         0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Onlangs geopend
2008-06-12 11:33:41   1572864 --ah----- C:\Documents and Settings\LogMeInRemoteUser\NTUSER.DAT
2008-06-12 11:33:41         0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Netwerkprinteromgeving
2008-06-12 11:33:41         0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\NetHood
2008-06-12 11:33:41         0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Mijn documenten
2008-06-12 11:33:41         0 dr------- C:\Documents and Settings\LogMeInRemoteUser\Menu Start
2008-06-12 11:33:41         0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Local Settings
2008-06-12 11:33:41         0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Favorieten
2008-06-12 11:33:41         0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Cookies
2008-06-12 11:33:41         0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Bureaublad
2008-06-12 11:33:41         0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\Application Data
2008-06-12 11:33:41         0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft
2008-06-11 17:45:30     46080 --a------ C:\WINDOWS\system32\TSRemote.dll
2008-06-09 18:06:57         0 d--h----- C:\WINDOWS\PIF
2008-06-09 17:40:08         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\McAfee
2008-06-09 17:26:40         0 d-------- C:\WINDOWS\Prefetch
2008-06-09 17:23:34         0 d-------- C:\WINDOWS\system32\nl
2008-06-09 17:23:34         0 d-------- C:\WINDOWS\system32\bits
2008-06-09 17:23:34         0 d-------- C:\WINDOWS\l2schemas
2008-06-09 17:22:15         0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-09 17:21:04         0 d-------- C:\WINDOWS\network diagnostic
2008-06-09 17:19:09         0 d-------- C:\WINDOWS\EHome
2008-06-09 17:15:11         0 d--h----- C:\Documents and Settings\Administrator\Sjablonen
2008-06-09 17:15:11         0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-09 17:15:11         0 d--h----- C:\Documents and Settings\Administrator\Onlangs geopend
2008-06-09 17:15:11   1835008 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-09 17:15:11         0 d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving
2008-06-09 17:15:11         0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-09 17:15:11         0 d-------- C:\Documents and Settings\Administrator\Mijn documenten
2008-06-09 17:15:11         0 dr------- C:\Documents and Settings\Administrator\Menu Start
2008-06-09 17:15:11         0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-09 17:15:11         0 d-------- C:\Documents and Settings\Administrator\Favorieten
2008-06-09 17:15:11         0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-06-09 17:15:11         0 d-------- C:\Documents and Settings\Administrator\Bureaublad
2008-06-09 17:15:11         0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-09 17:15:11         0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-09 17:01:57         0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-09 16:57:20         0 d-------- C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-06-09 16:56:57         0 d-------- C:\Program Files\LogMeIn
2008-06-08 15:28:04         0 d-------- C:\Program Files\MegaSpoof
2008-06-08 11:38:35         0 d-------- C:\Program Files\Notepad++
2008-06-08 11:38:35         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Notepad++
2008-06-08 10:32:06         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Help
2008-06-08 00:40:25         0 d-------- C:\Program Files\MSXML 4.0
2008-06-08 00:24:12         0 d-------- C:\Program Files\Lexmark 730 Series
2008-06-08 00:22:39         0 d-------- C:\Lexmark
2008-06-07 15:52:21         0 d-------- C:\Program Files\SystemRequirementsLab
2008-06-07 12:55:33         0 d-------- C:\WINDOWS\nview
2008-06-07 12:47:04       664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-07 12:13:42         0 d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-06-07 12:13:17         0 d-------- C:\Documents and Settings\All Users\Application Data\nHancer
2008-06-07 12:12:06         0 d-------- C:\WINDOWS\system32\nl-NL
2008-06-07 12:10:25         0 d-------- C:\WINDOWS\NV3216476.TMP
2008-06-07 12:09:52         0 d-------- C:\Program Files\MSBuild
2008-06-07 12:09:43         0 d-------- C:\WINDOWS\system32\XPSViewer
2008-06-07 12:09:34         0 d-------- C:\Program Files\Reference Assemblies
2008-06-07 12:06:44         0 d-------- C:\Program Files\MSXML 6.0
2008-06-07 11:55:16         0 d-------- C:\Documents and Settings\LocalService\Application Data\Xfire
2008-06-07 11:49:00         0 d-------- C:\WINDOWS\nvidia icons
2008-06-07 11:48:44         0 d-------- C:\WINDOWS\Sun
2008-06-07 11:48:44         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Sun
2008-06-07 11:47:50         0 d-------- C:\NVIDIA
2008-06-07 11:47:41         0 d-------- C:\Program Files\Java
2008-06-07 11:46:11         0 d-------- C:\Program Files\Common Files\Java
2008-06-07 11:05:05         0 d-------- C:\Program Files\Microsoft.NET
2008-06-07 11:04:18         0 d-------- C:\WINDOWS\SHELLNEW
2008-06-07 10:24:50         0 d-------- C:\Program Files\Common Files\L&H
2008-06-07 10:24:16         0 d-------- C:\Program Files\Microsoft Works
2008-06-07 10:24:07         0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-07 10:17:19         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Xfire
2008-06-06 23:17:11         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Nero
2008-06-06 23:16:06         0 d-------- C:\Program Files\NeroInstall.bak
2008-06-06 23:10:57         0 d-------- C:\Program Files\Nero
2008-06-06 23:10:57         0 d-------- C:\Program Files\Common Files\Nero
2008-06-06 23:10:57         0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-06 23:05:07         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\PE Explorer
2008-06-06 23:03:34         0 d-------- C:\Program Files\PE Explorer
2008-06-06 23:02:25         0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-06 22:58:10         0 d-------- C:\Program Files\BitLord
2008-06-06 22:42:03         0 d--h----- C:\WINDOWS\msdownld.tmp
2008-06-06 22:41:55         0 d-------- C:\WINDOWS\Logs
2008-06-06 22:27:30         0 d---s---- C:\Program Files\HLSW
2008-06-06 22:27:30         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\HLSW
2008-06-06 22:06:56         0 d--hs---- C:\Documents and Settings\Tijn Kuyper\UserData
2008-06-06 21:50:06         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Macromedia
2008-06-06 21:50:05         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Adobe
2008-06-06 21:49:56      1927 --a------ C:\WINDOWS\mozver.dat
2008-06-06 21:45:59         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\WinRAR
2008-06-06 21:40:14       683 --a------ C:\WINDOWS\eReg.dat
2008-06-06 21:26:59         0 d-------- C:\Program Files\EA GAMES
2008-06-06 21:21:47         0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-06 21:15:03         0 d-------- C:\Program Files\FlashFXP
2008-06-06 21:15:02         0 d-------- C:\Documents and Settings\All Users\Application Data\FlashFXP
2008-06-06 21:11:20         0 d-------- C:\Program Files\Google
2008-06-06 21:03:59         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\teamspeak2
2008-06-06 21:03:46         0 d-------- C:\Program Files\Teamspeak2_RC2
2008-06-06 21:03:14       658 --a------ C:\WINDOWS\unins000.dat
2008-06-06 21:02:02         0 d-------- C:\Documents and Settings\Tijn Kuyper\Mijn documenten
2008-06-06 20:52:30         0 d--hs---- C:\WINDOWS\Installer
2008-06-06 20:52:30         0 d-------- C:\Program Files\Common Files\ODBC
2008-06-06 20:52:27         0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-06 20:52:26         0 dr------- C:\Program Files
2008-06-06 20:52:26         0 d-------- C:\Program Files\Common Files
2008-06-06 20:52:16         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Thunderbird
2008-06-06 20:52:07         0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-06 20:52:00         0 d--h----- C:\Documents and Settings\Default User\Sjablonen
2008-06-06 20:52:00         0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-06 20:52:00         0 d--h----- C:\Documents and Settings\Default User\Onlangs geopend
2008-06-06 20:52:00         0 d--h----- C:\Documents and Settings\Default User\Netwerkprinteromgeving
2008-06-06 20:52:00         0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-06 20:52:00         0 d-------- C:\Documents and Settings\Default User\Mijn documenten
2008-06-06 20:52:00         0 dr------- C:\Documents and Settings\Default User\Menu Start
2008-06-06 20:52:00         0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-06 20:52:00         0 d-------- C:\Documents and Settings\Default User\Favorieten
2008-06-06 20:52:00         0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-06-06 20:52:00         0 d-------- C:\Documents and Settings\Default User\Bureaublad
2008-06-06 20:52:00         0 d--h----- C:\Documents and Settings\All Users\Sjablonen
2008-06-06 20:52:00         0 dr------- C:\Documents and Settings\All Users\Menu Start
2008-06-06 20:52:00         0 d-------- C:\Documents and Settings\All Users\Favorieten
2008-06-06 20:52:00         0 dr------- C:\Documents and Settings\All Users\Documenten
2008-06-06 20:52:00         0 d-------- C:\Documents and Settings\All Users\Bureaublad
2008-06-06 20:51:43         0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-06 20:51:43         0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-06 20:51:38         0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-06 20:51:38         0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-06 20:51:38         0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-06 20:51:38         0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-06 20:51:14         0 d--hs---- C:\System Volume Information
2008-06-06 20:51:14         0 d-------- C:\Documents and Settings
2008-06-06 20:46:35         0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-06 20:46:22         0 d-------- C:\Program Files\Lx_cats
2008-06-06 20:45:11         0 d-------- C:\WINDOWS
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\WinSxS
2008-06-06 20:45:11         0 dr------- C:\WINDOWS\Web
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\twain_32
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\wins
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\wbem
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\usmt
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\spool
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\Setup
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\ras
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\oobe
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\npp
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\mui
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\IME
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\icsxml
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\ias
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\export
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\drivers
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-06 20:45:11         0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\dhcp
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\config
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\3076
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\2052
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1054
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1043
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1042
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1041
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1037
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1033
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1031
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1028
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system32\1025
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\system
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\security
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Resources
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\repair
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Provisioning
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\PeerNet
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\pchealth
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\mui
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\msapps
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\msagent
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Media
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\java
2008-06-06 20:45:11         0 d--h----- C:\WINDOWS\inf
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\ime
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Help
2008-06-06 20:45:11         0 dr--s---- C:\WINDOWS\Fonts
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Driver Cache
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Debug
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Cursors
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Connection Wizard
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\Config
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\AppPatch
2008-06-06 20:45:11         0 d-------- C:\WINDOWS\addins
2008-06-06 20:45:11         0 d-------- C:\Temp
2008-06-06 20:44:58         0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-06 20:44:58         0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-06 20:39:54         0 d-------- C:\WINDOWS\OvtCam
2008-06-06 20:38:26         0 d-------- C:\WINDOWS\Options
2008-06-06 20:36:10         0 d-------- C:\Program Files\Foxit Software
2008-06-06 20:29:14         0 d-------- C:\Program Files\Windows Live Safety Center
2008-06-06 20:27:15         0 d-------- C:\Documents and Settings\Tijn Kuyper\Contacts
2008-06-06 20:22:51         0 d-------- C:\WINDOWS\pss
2008-06-06 20:20:06         0 d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-06-06 20:14:19         0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-06 20:14:14         0 d-------- C:\Program Files\Windows Live
2008-06-06 20:14:10         0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-06 20:11:38         0 d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire
2008-06-06 20:10:59      1100 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-06 20:10:33         0 d-------- C:\Program Files\Xfire
2008-06-06 20:07:32         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Talkback
2008-06-06 20:07:24         0 --a------ C:\WINDOWS\nsreg.dat
2008-06-06 20:07:17         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Mozilla
2008-06-06 20:07:03         0 d-------- C:\Program Files\Sitecom
2008-06-06 20:03:26         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Logitech
2008-06-06 20:03:03         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Leadertech
2008-06-06 20:03:01         0 d-------- C:\Program Files\Common Files\LogiShared
2008-06-06 20:00:38         0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-06 20:00:03     69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03    110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03    135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03    163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 19:59:15         0 d-------- C:\Program Files\Common Files\Logitech
2008-06-06 19:59:13         0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-06-06 19:59:00         0 d-------- C:\Program Files\Logitech
2008-06-06 19:58:52         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\InstallShield
2008-06-06 19:58:47         0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-06-06 19:56:43         0 d-------- C:\Program Files\McAfee.com
2008-06-06 19:56:39         0 d-------- C:\Program Files\Common Files\McAfee
2008-06-06 19:56:35         0 d-------- C:\Program Files\McAfee
2008-06-06 19:55:31         0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-06 19:55:23         0 d-------- C:\Program Files\Realtek Sound Manager
2008-06-06 19:55:17         0 d-------- C:\Program Files\AvRack
2008-06-06 19:55:04     40960 -----n--- C:\WINDOWS\system32\ChCfg.exe
2008-06-06 19:54:52         0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-06 19:54:50         0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-06 19:54:41    208896 -----n--- C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Update Application for Realtek AC'97>
2008-06-06 19:54:41    139264 -----n--- C:\WINDOWS\alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing Tool>
2008-06-06 19:54:29         0 d-------- C:\Program Files\AMD
2008-06-06 19:51:41         0 d-------- C:\WINDOWS\NV6561860.TMP
2008-06-06 19:51:25         0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-06 19:51:21         0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-06 19:50:43         0 d-------- C:\Program Files\Marvell
2008-06-06 19:50:03      5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-06-06 19:48:22         0 d-------- C:\Program Files\ASUSTeK
2008-06-06 19:48:08     20096 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
2008-06-06 19:48:08    347648 --a------ C:\WINDOWS\system32\ATKOSDX.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS On-Screen Display For 3D Game>
2008-06-06 19:48:08      8704 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL
2008-06-06 19:48:08     61440 --a------ C:\WINDOWS\system32\ATKOGL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUSTeK Computer Inc. AsusOGL>
2008-06-06 19:48:08    303104 --a------ C:\WINDOWS\system32\ATKDispCPL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS Display Property Page>
2008-06-06 19:48:08    154144 --a------ C:\WINDOWS\system32\ATKDISP.dll <Not Verified; ASUSTeK Computer Inc.; ASUS Windows 2000/XP Display Driver>
2008-06-06 19:48:08     90112 --a------ C:\WINDOWS\ATKKBService.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
2008-06-06 19:48:07    180224 --a------ C:\WINDOWS\system32\ATKCheckDispIDs.dll
2008-06-06 19:48:07         0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-06 19:47:28         0 d-------- C:\WINDOWS\NV1681648.TMP
2008-06-06 19:46:53         0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-06 19:46:38      9472 -ra------ C:\WINDOWS\system32\drivers\EIO.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-06-06 19:42:36         0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Identities
2008-06-06 19:42:29         0 d--h----- C:\Documents and Settings\Tijn Kuyper\Local Settings
2008-06-06 19:42:29         0 dr------- C:\Documents and Settings\Tijn Kuyper\Favorieten
2008-06-06 19:42:29         0 d--hs---- C:\Documents and Settings\Tijn Kuyper\Cookies
2008-06-06 19:42:29         0 d-------- C:\Documents and Settings\Tijn Kuyper\Bureaublad
2008-06-06 19:42:29         0 d--h----- C:\Documents and Settings\Tijn Kuyper\Application Data
2008-06-06 19:42:28         0 d--h----- C:\Documents and Settings\Tijn Kuyper\Sjablonen
2008-06-06 19:42:28         0 dr-h----- C:\Documents and Settings\Tijn Kuyper\SendTo
2008-06-06 19:42:28         0 dr-h----- C:\Documents and Settings\Tijn Kuyper\Onlangs geopend
2008-06-06 19:42:28   4194304 --ah----- C:\Documents and Settings\Tijn Kuyper\NTUSER.DAT
2008-06-06 19:42:28         0 d--h----- C:\Documents and Settings\Tijn Kuyper\Netwerkprinteromgeving
2008-06-06 19:42:28         0 d--h----- C:\Documents and Settings\Tijn Kuyper\NetHood
2008-06-06 19:42:28         0 dr------- C:\Documents and Settings\Tijn Kuyper\Menu Start
2008-06-06 19:41:39         0 d-------- C:\WINDOWS\SDold
2008-06-06 19:41:37         0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-06 19:41:36    229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-06 19:41:36         0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-06 19:41:36         0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-06-06 19:41:36         0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-06 19:41:36         0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-06 19:41:21    229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-06 19:41:21         0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-06 19:41:21         0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-06-06 19:41:21         0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-06 19:41:21         0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-06 19:38:36         0 d-------- C:\WINDOWS\system32\xircom
2008-06-06 19:38:36         0 d-------- C:\Program Files\microsoft frontpage
2008-06-06 19:38:35    229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-06 19:38:26         0 -rahs---- C:\MSDOS.SYS
2008-06-06 19:38:26         0 -rahs---- C:\IO.SYS
2008-06-06 19:38:26         0 --a------ C:\CONFIG.SYS
2008-06-06 19:38:26         0 --a------ C:\AUTOEXEC.BAT
2008-06-06 19:37:29         0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-06 19:37:19         0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-06 19:37:19         0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-06 19:37:09         0 d--h----- C:\Program Files\WindowsUpdate
2008-06-06 19:37:05         0 d-------- C:\Program Files\Online Services
2008-06-06 19:36:49         0 d-------- C:\WINDOWS\system32\DirectX
2008-06-06 19:36:15         0 d---s---- C:\WINDOWS\Tasks
2008-06-06 19:36:14         0 d-------- C:\Program Files\Common Files\MSSoap
2008-06-06 19:36:10         0 d-------- C:\WINDOWS\srchasst
2008-06-06 19:36:09         0 d-------- C:\WINDOWS\system32\Macromed
2008-06-06 19:36:01         0 d-------- C:\Program Files\Movie Maker
2008-06-06 19:35:53         0 d-------- C:\WINDOWS\system32\Restore
2008-06-06 19:35:37     21748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-06 19:35:18         0 d-------- C:\WINDOWS\Registration
2008-06-06 19:34:43         0 d-------- C:\Program Files\Messenger
2008-06-06 19:34:39         0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-06 19:34:16         0 d-------- C:\Program Files\Windows NT
2008-06-06 19:34:13         0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-06 19:34:11         0 d-------- C:\WINDOWS\system32\Com
2008-05-30 19:22:22   3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:18:56    196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-30 19:18:56     81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-30 19:18:50    823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:48    802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-30 19:18:48    823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:48    815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:48    683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:00     12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll

-- Find3M Report ---------------------------------------------------------------

2008-06-24 12:54:46        34 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.log
2008-06-24 12:54:20      1144 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.inf
2008-06-24 12:54:20      7887 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.cat
2008-06-24 06:48:46    509428 --a------ C:\WINDOWS\system32\perfh013.dat
2008-06-24 06:48:46     91296 --a------ C:\WINDOWS\system32\perfc013.dat
2008-06-06 21:03:14     72748 --a------ C:\WINDOWS\unins000.exe <Not Verified; Jordan Russell; >
2008-06-06 20:52:00        62 --ahs---- C:\Documents and Settings\Tijn Kuyper\Application Data\desktop.ini
2008-05-03 05:46:00   1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-03 05:46:00   1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-03 05:46:00   1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-03 05:46:00    466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-03 05:46:00   1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-03 05:46:00   1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-03 05:46:00    442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-03 05:46:00    425984 --a------ C:\WINDOWS\system32\keystone.exe

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11-04-2007 15:32 C:\WINDOWS\KHALMNPR.Exe]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15-07-2005 23:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25-03-2008 04:28]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [03-05-2008 05:46]
"nwiz"="nwiz.exe" [03-05-2008 05:46 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [03-05-2008 05:46]
"LXCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [20-07-2005 19:47]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [03-08-2007 22:33]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [30-11-2007 05:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27-05-2008 10:50]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [14-09-2007 02:52]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [14-09-2007 03:02]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [14-09-2007 02:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14-04-2008 22:32]
"nHancer"="C:\Program Files\nHancer\nHancer.exe" []

C:\Documents and Settings\Tijn Kuyper\Menu Start\Programma's\Opstarten\
Xfire.lnk - D:\Program Files\Xfire\xfire.exe [3-6-2008 2:56:46]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
BlueSoleil.lnk - C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe [16-7-2006 17:33:36]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [6-6-2008 20:00:02]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
LMIinit.dll 28-05-2008 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"McSysmon"=3 (0x3)
"McShield"=2 (0x2)
"McProxy"=2 (0x2)
"McODS"=3 (0x3)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"0295781212912402mcinstcleanup"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs    eaphost
dot3svc    dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
napagent
hkmsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{caee2768-33f4-11dd-93ac-806d6172696f}]
AutoRun\command- E:\autorun.exe

-- Hosts -----------------------------------------------------------------------

127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com

8744 more entries in hosts file.

-- End of Deckard's System Scanner: finished at 2008-06-25 12:54:29 ------------

CODE

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: Dutch

CPU 0: AMD Athlon(tm) 64 Processor 3000+
Percentage of Memory in Use: 66%
Physical Memory (total/avail): 1023.48 MiB / 339.54 MiB
Pagefile Memory (total/avail): 2459.38 MiB / 1781.12 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1889.71 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 94.95 GiB total, 76.69 GiB free.
D: is Fixed (NTFS) - 94.96 GiB total, 17.85 GiB free.
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6L200M0 - 189.92 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 94.95 GiB - C:
\PARTITION1 - Extended w/Extended Int 13 - 94.96 GiB - D:

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
AUState says computer is ready and waiting.

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Tijn Kuyper\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TIJN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Tijn Kuyper
LOGONSERVER=\\TIJN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\TIJNKU~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\TIJNKU~1\LOCALS~1\Temp
USERDOMAIN=TIJN
USERNAME=Tijn Kuyper
USERPROFILE=C:\Documents and Settings\Tijn Kuyper
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI

-- User Profiles ---------------------------------------------------------------

Tijn Kuyper [i](admin)[/i]
LogMeInRemoteUser [i](new local, admin)[/i]
Administrator [i](new local, admin)[/i]

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20A4352A-237B-41DD-A6C0-3CD2F8E8D35C}\Setup.exe" -l0x13
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
Acronis True Image Home --> MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup --> MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ASUS Enhanced Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9
Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x13
Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Beveiligingsupdate voor Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe
BlueSoleil 2.3.2.3 Release --> MsiExec.exe /X{8BD35570-F24B-4763-B8CD-42F93543D1E7}
Bridge Building Game --> C:\Program Files\Bridge Building Game\uninstall.exe
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0 --> "C:\Program Files\DVDFab 5\unins000.exe"
FlashFXP v3 --> "C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
Flatcast 4.16 RC1 --> C:\WINDOWS\unins000.exe
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
HLSW v1.2.1 --> "C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java(tm) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
KhalInstallWrapper --> MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Lexmark 730 Series --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcfUNST.EXE -NOLICENSE
LimeWire PRO 4.18.2 --> "C:\Program Files\LimeWire\uninstall.exe"
Logitech Registration --> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint --> C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0013 -removeonly
LogMeIn --> MsiExec.exe /I{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Medal of Honor Allied Assault --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x13
Medal of Honor Allied Assault(tm) Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x13
Medal of Honor Allied Assault(tm) Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}\Setup.exe" -l0x13
Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}\Setup.exe" -l0x13
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Editie 2003 --> MsiExec.exe /I{90110413-6000-11D3-8CFE-0150048383C9}
Microsoft Office Project 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {C1877F6E-C1C8-486D-A697-86431029690C}
Microsoft Office Project 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-00B4-0413-0000-0000000FF1CE} /uninstall {74C62E21-DA95-4C54-8840-DE989162D4DF}
Microsoft Office Project MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-00B4-0413-0000-0000000FF1CE}
Microsoft Office Project Professional 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
Microsoft Office Project Professional 2007 --> MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007 --> MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.14) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 8 Ultra Edition HD --> MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891043}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notepad++ --> C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PE Explorer 1.99 --> "C:\Program Files\PE Explorer\unins000.exe"
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RapidShare Manager --> rundll32.exe dfshim.dll,ShArpMaintain RapidShareManager.application, Culture=neutral, PublicKeyToken=c14d24c3c9280019, processorArchitecture=msil
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SuperMegaSpoof 2.0 --> "C:\Program Files\MegaSpoof\unins000.exe"
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Teach2000 8.25 --> "C:\Program Files\Teach2000\Uninstall\unins000.exe"
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
Terugwaartse compatibiliteit van Windows Rights Management Client SP2 --> MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
TI Connect 1.6 --> MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
TI NoteFolio Creator --> MsiExec.exe /I{F07AE5AB-516C-4CEB-A0AA-AD083B9182C6}
TRUST 320 SPACEC@M --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
Update for Office 2007 (KB946691) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live aanmeldhulp --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer --> MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
Windows Live Messenger --> MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Rights Management Client met Service Pack 2 --> MsiExec.exe /X{13902DA3-1CE3-47E8-A42F-440FFC2BAC2F}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only) --> "D:\Program Files\Xfire\uninst.exe"
XML Paper Specification Shared Components Language Pack 1.0 --> "C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Pack 1.0 -->

-- Application Event Log -------------------------------------------------------

Event Record #/Type1337 / Success
Event Submitted/Written: 06/25/20