Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dwwin.exe


  • This topic is locked This topic is locked
3 replies to this topic

#1 Moc

Moc

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:13 AM

Posted 25 June 2008 - 06:00 AM

Hey,

Since a few days I seem to have problems with my computer. At the moment I shutdown my pc it gives several errors, 1 of them closes automatically so no time to read, and another dwwin.exe stays for somewhat longer. I've tried searching on google and it was said to look in logfiles. So I did, they are in dutch so if you need a translation please tell me! Furthermore I have also ran the Kaspersky Online Scanner, this gave no result, no infections, nothing.

DCOM kreeg foutmelding 'De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. ' bij het starten van de lxcf_device-service met de argumenten '' om de server 
{323CE21C-A448-40AA-BA74-7FCF1E44106F} te starten

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.

De lxcf_device-service kan vanwege de volgende fout niet worden gestart: 
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. 

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.

Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: lxcf_device.

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.

DCOM kreeg foutmelding 'De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord. ' bij het starten van de lxcf_device-service met de argumenten '' om de server 
{323CE21C-A448-40AA-BA74-7FCF1E44106F} te starten

Zie Help en ondersteuning op [url=http://go.microsoft.com/fwlink/events.asp]http://go.microsoft.com/fwlink/events.asp[/url] voor meer informatie.


I made 2 logfiles as requested in the preparation guide:

Deckard's System Scanner v20071014.68
Run by Tijn Kuyper on 2008-06-25 12:48:13
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
28: 2008-06-25 10:48:18 UTC - RP77 - Deckard's System Scanner Restore Point
27: 2008-06-25 05:06:42 UTC - RP76 - Software Distribution Service 3.0
26: 2008-06-24 04:47:40 UTC - RP75 - Software Distribution Service 3.0
25: 2008-06-23 17:06:13 UTC - RP74 - Installed TI NoteFolio Creator
24: 2008-06-23 17:03:50 UTC - RP73 - Installed Microsoft .NET Framework 1.1


-- First Restore Point -- 
1: 2008-06-13 13:19:00 UTC - RP50 - Installed Microsoft Office Project Professional 2007


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Tijn Kuyper.exe) -----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:51:02, on 25-6-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
D:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tijn Kuyper.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url=http://go.microsoft.com/fwlink/?LinkId=54896]http://go.microsoft.com/fwlink/?LinkId=54896[/url]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [url=http://go.microsoft.com/fwlink/?LinkId=69157]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [nHancer] "C:\Program Files\nHancer\nHancer.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - [url=http://dev.srtest.com/srl_bin/sysreqlab3.cab]http://dev.srtest.com/srl_bin/sysreqlab3.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url=http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212782837359]http://www.update.microsoft.com/microsoftu...b?1212782837359[/url]
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8C1DA0F-0E0B-4F00-8241-C054AE648385}: NameServer = 10.0.0.138
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: lxcf_device -   - C:\WINDOWS\system32\lxcfcoms.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 8917 bytes

-- File Associations -----------------------------------------------------------

[color=red].cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*[/color]
[color=red].cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*[/color]


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
R1 asuskbnt (Enhanced Display Driver Helper Service) - c:\windows\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
R2 EIO - c:\windows\system32\drivers\eio.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows  2000 DDK driver>
R3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys <Not Verified; IVT Corporation; Windows  2000 DDK driver>
R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver>
R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil>
R3 VHidMinidrv (Bluetooth HID Device Service) - c:\windows\system32\drivers\vhidmini.sys <Not Verified; IVT Corporation; IVT BlueSoleil>

S3 TIEHDUSB - c:\windows\system32\drivers\tiehdusb.sys <Not Verified; Texas Instruments Incorporated; Texas Instruments Incorporated Educational Handheld Device>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ATKKeyboardService (ATK Keyboard Service) - c:\windows\atkkbservice.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
R2 BlueSoleil Hid Service - c:\program files\sitecom\ivt bluesoleil\btntservice.exe
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##) - "c:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Computer, Inc.; Bonjour>

S3 FLEXnet Licensing Service - "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>
S4 0295781212912402mcinstcleanup (McAfee Application Installer Cleanup (0295781212912402)) - c:\windows\temp\029578~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service (file missing)


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {00000000-0000-0000-0000-000000000000}
Description: Ander PCI-brugapparaat
Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Manufacturer: 
Name: Ander PCI-brugapparaat
PNP Device ID: PCI\VEN_10DE&DEV_0057&SUBSYS_81411043&REV_A3\3&2411E6FE&0&50
Service: 


-- Scheduled Tasks -------------------------------------------------------------

2008-06-21 20:50:45	   284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2008-06-09 17:32:50	   358 --a------ C:\WINDOWS\Tasks\McDefragTask.job
2008-06-09 17:32:49	   344 --a------ C:\WINDOWS\Tasks\McQcTask.job


-- Files created between 2008-05-25 and 2008-06-25 -----------------------------

2008-06-25 12:50:26		 0 d-------- C:\Program Files\Trend Micro
2008-06-24 12:58:34		 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-24 12:58:32		 0 d-------- C:\Program Files\DVD Shrink
2008-06-24 12:54:20	 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-24 12:54:20	 47360 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-24 12:54:19		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Vso
2008-06-24 12:54:06		 0 d-------- C:\Program Files\DVDFab 5
2008-06-23 19:06:14		 0 d-------- C:\Program Files\Common Files\SpellEx
2008-06-23 19:04:07		 0 d-------- C:\WINDOWS\system32\URTTEMP
2008-06-23 18:57:58	 49536 --a------ C:\WINDOWS\system32\drivers\tiehdusb.sys <Not Verified; Texas Instruments Incorporated; Texas Instruments Incorporated Educational Handheld Device>
2008-06-23 18:57:35		 0 d-------- C:\Program Files\Common Files\TI Shared
2008-06-23 18:57:34		 0 d-------- C:\Program Files\TI Education
2008-06-23 18:56:19		 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-23 14:27:23		 0 d-------- C:\Program Files\Bridge Building Game
2008-06-23 14:21:34		 0 d-------- C:\Program Files\MSECache
2008-06-21 21:08:42		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Acronis
2008-06-21 21:05:49		 0 d-------- C:\Documents and Settings\LocalService\Application Data\Acronis
2008-06-21 21:03:16		 0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2008-06-21 21:02:15		 0 d-------- C:\Program Files\Common Files\Acronis
2008-06-21 21:02:15		 0 d-------- C:\Program Files\Acronis
2008-06-21 20:51:02		 0 d-------- C:\Program Files\QuickTime
2008-06-21 20:51:00		 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-21 20:50:40		 0 d-------- C:\Program Files\Apple Software Update
2008-06-21 20:50:40		 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-21 20:29:02		 0 d-------- C:\Program Files\PA Server Monitor
2008-06-21 11:10:47		 0 d-------- C:\Program Files\Teach2000
2008-06-20 21:11:43		 0 d-------- C:\WINDOWS\system32\Adobe
2008-06-20 15:33:41		 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-20 09:12:59		 0 d-------- C:\WINDOWS\SDold2
2008-06-16 22:20:20		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\DivX
2008-06-16 22:20:06		 0 d-------- C:\DECCHECK
2008-06-16 22:15:51		 0 d-------- C:\Program Files\DivX
2008-06-15 19:43:50		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\LimeWire
2008-06-15 19:43:37		 0 d-------- C:\Program Files\LimeWire
2008-06-15 16:12:57		 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-06-15 16:04:23		 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-15 16:03:39		 0 d-------- C:\Program Files\Bonjour
2008-06-15 15:51:28		 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-15 15:50:09		 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-15 15:34:14		 0 d-------- C:\WINDOWS\system32\DRM
2008-06-14 16:16:32		 0 d-------- C:\WINDOWS\Performance
2008-06-14 16:16:17		 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
2008-06-14 13:43:02		 0 d-------- C:\Program Files\YouTube Downloader
2008-06-14 12:13:05		 0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-13 20:18:28		 0 d-------- C:\GameCreate
2008-06-13 15:19:30		 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-13 15:19:03		 0 dr-h----- C:\MSOCache
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Sjablonen
2008-06-12 11:33:41		 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\SendTo
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Onlangs geopend
2008-06-12 11:33:41   1572864 --ah----- C:\Documents and Settings\LogMeInRemoteUser\NTUSER.DAT
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Netwerkprinteromgeving
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\NetHood
2008-06-12 11:33:41		 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Mijn documenten
2008-06-12 11:33:41		 0 dr------- C:\Documents and Settings\LogMeInRemoteUser\Menu Start
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Local Settings
2008-06-12 11:33:41		 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Favorieten
2008-06-12 11:33:41		 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Cookies
2008-06-12 11:33:41		 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Bureaublad
2008-06-12 11:33:41		 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\Application Data
2008-06-12 11:33:41		 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft
2008-06-11 17:45:30	 46080 --a------ C:\WINDOWS\system32\TSRemote.dll
2008-06-09 18:06:57		 0 d--h----- C:\WINDOWS\PIF
2008-06-09 17:40:08		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\McAfee
2008-06-09 17:26:40		 0 d-------- C:\WINDOWS\Prefetch
2008-06-09 17:23:34		 0 d-------- C:\WINDOWS\system32\nl
2008-06-09 17:23:34		 0 d-------- C:\WINDOWS\system32\bits
2008-06-09 17:23:34		 0 d-------- C:\WINDOWS\l2schemas
2008-06-09 17:22:15		 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-09 17:21:04		 0 d-------- C:\WINDOWS\network diagnostic
2008-06-09 17:19:09		 0 d-------- C:\WINDOWS\EHome
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Sjablonen
2008-06-09 17:15:11		 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Onlangs geopend
2008-06-09 17:15:11   1835008 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-09 17:15:11		 0 d-------- C:\Documents and Settings\Administrator\Mijn documenten
2008-06-09 17:15:11		 0 dr------- C:\Documents and Settings\Administrator\Menu Start
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-09 17:15:11		 0 d-------- C:\Documents and Settings\Administrator\Favorieten
2008-06-09 17:15:11		 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-06-09 17:15:11		 0 d-------- C:\Documents and Settings\Administrator\Bureaublad
2008-06-09 17:15:11		 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-09 17:15:11		 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-09 17:01:57		 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-09 16:57:20		 0 d-------- C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-06-09 16:56:57		 0 d-------- C:\Program Files\LogMeIn
2008-06-08 15:28:04		 0 d-------- C:\Program Files\MegaSpoof
2008-06-08 11:38:35		 0 d-------- C:\Program Files\Notepad++
2008-06-08 11:38:35		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Notepad++
2008-06-08 10:32:06		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Help
2008-06-08 00:40:25		 0 d-------- C:\Program Files\MSXML 4.0
2008-06-08 00:24:12		 0 d-------- C:\Program Files\Lexmark 730 Series
2008-06-08 00:22:39		 0 d-------- C:\Lexmark
2008-06-07 15:52:21		 0 d-------- C:\Program Files\SystemRequirementsLab
2008-06-07 12:55:33		 0 d-------- C:\WINDOWS\nview
2008-06-07 12:47:04	   664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-07 12:13:42		 0 d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-06-07 12:13:17		 0 d-------- C:\Documents and Settings\All Users\Application Data\nHancer
2008-06-07 12:12:06		 0 d-------- C:\WINDOWS\system32\nl-NL
2008-06-07 12:10:25		 0 d-------- C:\WINDOWS\NV3216476.TMP
2008-06-07 12:09:52		 0 d-------- C:\Program Files\MSBuild
2008-06-07 12:09:43		 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-06-07 12:09:34		 0 d-------- C:\Program Files\Reference Assemblies
2008-06-07 12:06:44		 0 d-------- C:\Program Files\MSXML 6.0
2008-06-07 11:55:16		 0 d-------- C:\Documents and Settings\LocalService\Application Data\Xfire
2008-06-07 11:49:00		 0 d-------- C:\WINDOWS\nvidia icons
2008-06-07 11:48:44		 0 d-------- C:\WINDOWS\Sun
2008-06-07 11:48:44		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Sun
2008-06-07 11:47:50		 0 d-------- C:\NVIDIA
2008-06-07 11:47:41		 0 d-------- C:\Program Files\Java
2008-06-07 11:46:11		 0 d-------- C:\Program Files\Common Files\Java
2008-06-07 11:05:05		 0 d-------- C:\Program Files\Microsoft.NET
2008-06-07 11:04:18		 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-07 10:24:50		 0 d-------- C:\Program Files\Common Files\L&H
2008-06-07 10:24:16		 0 d-------- C:\Program Files\Microsoft Works
2008-06-07 10:24:07		 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-07 10:17:19		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Xfire
2008-06-06 23:17:11		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Nero
2008-06-06 23:16:06		 0 d-------- C:\Program Files\NeroInstall.bak
2008-06-06 23:10:57		 0 d-------- C:\Program Files\Nero
2008-06-06 23:10:57		 0 d-------- C:\Program Files\Common Files\Nero
2008-06-06 23:10:57		 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-06 23:05:07		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\PE Explorer
2008-06-06 23:03:34		 0 d-------- C:\Program Files\PE Explorer
2008-06-06 23:02:25		 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-06 22:58:10		 0 d-------- C:\Program Files\BitLord
2008-06-06 22:42:03		 0 d--h----- C:\WINDOWS\msdownld.tmp
2008-06-06 22:41:55		 0 d-------- C:\WINDOWS\Logs
2008-06-06 22:27:30		 0 d---s---- C:\Program Files\HLSW
2008-06-06 22:27:30		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\HLSW
2008-06-06 22:06:56		 0 d--hs---- C:\Documents and Settings\Tijn Kuyper\UserData
2008-06-06 21:50:06		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Macromedia
2008-06-06 21:50:05		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Adobe
2008-06-06 21:49:56	  1927 --a------ C:\WINDOWS\mozver.dat
2008-06-06 21:45:59		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\WinRAR
2008-06-06 21:40:14	   683 --a------ C:\WINDOWS\eReg.dat
2008-06-06 21:26:59		 0 d-------- C:\Program Files\EA GAMES
2008-06-06 21:21:47		 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-06 21:15:03		 0 d-------- C:\Program Files\FlashFXP
2008-06-06 21:15:02		 0 d-------- C:\Documents and Settings\All Users\Application Data\FlashFXP
2008-06-06 21:11:20		 0 d-------- C:\Program Files\Google
2008-06-06 21:03:59		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\teamspeak2
2008-06-06 21:03:46		 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-06-06 21:03:14	   658 --a------ C:\WINDOWS\unins000.dat
2008-06-06 21:02:02		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Mijn documenten
2008-06-06 20:52:30		 0 d--hs---- C:\WINDOWS\Installer
2008-06-06 20:52:30		 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-06 20:52:27		 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-06 20:52:26		 0 dr------- C:\Program Files
2008-06-06 20:52:26		 0 d-------- C:\Program Files\Common Files
2008-06-06 20:52:16		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Thunderbird
2008-06-06 20:52:07		 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\Sjablonen
2008-06-06 20:52:00		 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\Onlangs geopend
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\Netwerkprinteromgeving
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\Default User\Mijn documenten
2008-06-06 20:52:00		 0 dr------- C:\Documents and Settings\Default User\Menu Start
2008-06-06 20:52:00		 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\Default User\Favorieten
2008-06-06 20:52:00		 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\Default User\Bureaublad
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\All Users\Sjablonen
2008-06-06 20:52:00		 0 dr------- C:\Documents and Settings\All Users\Menu Start
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\All Users\Favorieten
2008-06-06 20:52:00		 0 dr------- C:\Documents and Settings\All Users\Documenten
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\All Users\Bureaublad
2008-06-06 20:51:43		 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-06 20:51:43		 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-06 20:51:38		 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-06 20:51:38		 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-06 20:51:38		 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-06 20:51:38		 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-06 20:51:14		 0 d--hs---- C:\System Volume Information
2008-06-06 20:51:14		 0 d-------- C:\Documents and Settings
2008-06-06 20:46:35		 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-06 20:46:22		 0 d-------- C:\Program Files\Lx_cats
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\WinSxS
2008-06-06 20:45:11		 0 dr------- C:\WINDOWS\Web
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\twain_32
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\wins
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\wbem
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\usmt
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\spool
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\Setup
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\ras
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\oobe
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\npp
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\mui
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\IME
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\ias
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\export
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\drivers
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-06 20:45:11		 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\config
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\3076
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\2052
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1054
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1043
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1042
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1041
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1037
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1033
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1031
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1028
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1025
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\security
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Resources
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\repair
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Provisioning
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\PeerNet
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\pchealth
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\mui
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\msapps
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\msagent
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Media
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\java
2008-06-06 20:45:11		 0 d--h----- C:\WINDOWS\inf
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\ime
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Help
2008-06-06 20:45:11		 0 dr--s---- C:\WINDOWS\Fonts
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Driver Cache
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Debug
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Cursors
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Config
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\AppPatch
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\addins
2008-06-06 20:45:11		 0 d-------- C:\Temp
2008-06-06 20:44:58		 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-06 20:44:58		 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-06 20:39:54		 0 d-------- C:\WINDOWS\OvtCam
2008-06-06 20:38:26		 0 d-------- C:\WINDOWS\Options
2008-06-06 20:36:10		 0 d-------- C:\Program Files\Foxit Software
2008-06-06 20:29:14		 0 d-------- C:\Program Files\Windows Live Safety Center
2008-06-06 20:27:15		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Contacts
2008-06-06 20:22:51		 0 d-------- C:\WINDOWS\pss
2008-06-06 20:20:06		 0 d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-06-06 20:14:19		 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-06 20:14:14		 0 d-------- C:\Program Files\Windows Live
2008-06-06 20:14:10		 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-06 20:11:38		 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire
2008-06-06 20:10:59	  1100 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-06 20:10:33		 0 d-------- C:\Program Files\Xfire
2008-06-06 20:07:32		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Talkback
2008-06-06 20:07:24		 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-06 20:07:17		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Mozilla
2008-06-06 20:07:03		 0 d-------- C:\Program Files\Sitecom
2008-06-06 20:03:26		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Logitech
2008-06-06 20:03:03		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Leadertech
2008-06-06 20:03:01		 0 d-------- C:\Program Files\Common Files\LogiShared
2008-06-06 20:00:38		 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-06 20:00:03	 69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03	110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03	135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03	163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 19:59:15		 0 d-------- C:\Program Files\Common Files\Logitech
2008-06-06 19:59:13		 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-06-06 19:59:00		 0 d-------- C:\Program Files\Logitech
2008-06-06 19:58:52		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\InstallShield
2008-06-06 19:58:47		 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-06-06 19:56:43		 0 d-------- C:\Program Files\McAfee.com
2008-06-06 19:56:39		 0 d-------- C:\Program Files\Common Files\McAfee
2008-06-06 19:56:35		 0 d-------- C:\Program Files\McAfee
2008-06-06 19:55:31		 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-06 19:55:23		 0 d-------- C:\Program Files\Realtek Sound Manager
2008-06-06 19:55:17		 0 d-------- C:\Program Files\AvRack
2008-06-06 19:55:04	 40960 -----n--- C:\WINDOWS\system32\ChCfg.exe
2008-06-06 19:54:52		 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-06 19:54:50		 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-06 19:54:41	208896 -----n--- C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Update Application for Realtek AC'97>
2008-06-06 19:54:41	139264 -----n--- C:\WINDOWS\alcrmv.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Removing Tool>
2008-06-06 19:54:29		 0 d-------- C:\Program Files\AMD
2008-06-06 19:51:41		 0 d-------- C:\WINDOWS\NV6561860.TMP
2008-06-06 19:51:25		 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-06 19:51:21		 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-06 19:50:43		 0 d-------- C:\Program Files\Marvell
2008-06-06 19:50:03	  5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-06-06 19:48:22		 0 d-------- C:\Program Files\ASUSTeK
2008-06-06 19:48:08	 20096 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
2008-06-06 19:48:08	347648 --a------ C:\WINDOWS\system32\ATKOSDX.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS On-Screen Display For 3D Game>
2008-06-06 19:48:08	  8704 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL
2008-06-06 19:48:08	 61440 --a------ C:\WINDOWS\system32\ATKOGL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUSTeK Computer Inc. AsusOGL>
2008-06-06 19:48:08	303104 --a------ C:\WINDOWS\system32\ATKDispCPL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS Display Property Page>
2008-06-06 19:48:08	154144 --a------ C:\WINDOWS\system32\ATKDISP.dll <Not Verified; ASUSTeK Computer Inc.; ASUS Windows 2000/XP Display Driver>
2008-06-06 19:48:08	 90112 --a------ C:\WINDOWS\ATKKBService.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
2008-06-06 19:48:07	180224 --a------ C:\WINDOWS\system32\ATKCheckDispIDs.dll
2008-06-06 19:48:07		 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-06 19:47:28		 0 d-------- C:\WINDOWS\NV1681648.TMP
2008-06-06 19:46:53		 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-06 19:46:38	  9472 -ra------ C:\WINDOWS\system32\drivers\EIO.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-06-06 19:42:36		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Identities
2008-06-06 19:42:29		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Local Settings
2008-06-06 19:42:29		 0 dr------- C:\Documents and Settings\Tijn Kuyper\Favorieten
2008-06-06 19:42:29		 0 d--hs---- C:\Documents and Settings\Tijn Kuyper\Cookies
2008-06-06 19:42:29		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Bureaublad
2008-06-06 19:42:29		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Application Data
2008-06-06 19:42:28		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Sjablonen
2008-06-06 19:42:28		 0 dr-h----- C:\Documents and Settings\Tijn Kuyper\SendTo
2008-06-06 19:42:28		 0 dr-h----- C:\Documents and Settings\Tijn Kuyper\Onlangs geopend
2008-06-06 19:42:28   4194304 --ah----- C:\Documents and Settings\Tijn Kuyper\NTUSER.DAT
2008-06-06 19:42:28		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Netwerkprinteromgeving
2008-06-06 19:42:28		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\NetHood
2008-06-06 19:42:28		 0 dr------- C:\Documents and Settings\Tijn Kuyper\Menu Start
2008-06-06 19:41:39		 0 d-------- C:\WINDOWS\SDold
2008-06-06 19:41:37		 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-06 19:41:36	229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-06 19:41:36		 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-06 19:41:36		 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-06-06 19:41:36		 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-06 19:41:36		 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-06 19:41:21	229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-06 19:41:21		 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-06 19:41:21		 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-06-06 19:41:21		 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-06 19:41:21		 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-06 19:38:36		 0 d-------- C:\WINDOWS\system32\xircom
2008-06-06 19:38:36		 0 d-------- C:\Program Files\microsoft frontpage
2008-06-06 19:38:35	229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-06 19:38:26		 0 -rahs---- C:\MSDOS.SYS
2008-06-06 19:38:26		 0 -rahs---- C:\IO.SYS
2008-06-06 19:38:26		 0 --a------ C:\CONFIG.SYS
2008-06-06 19:38:26		 0 --a------ C:\AUTOEXEC.BAT
2008-06-06 19:37:29		 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-06 19:37:19		 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-06 19:37:19		 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-06 19:37:09		 0 d--h----- C:\Program Files\WindowsUpdate
2008-06-06 19:37:05		 0 d-------- C:\Program Files\Online Services
2008-06-06 19:36:49		 0 d-------- C:\WINDOWS\system32\DirectX
2008-06-06 19:36:15		 0 d---s---- C:\WINDOWS\Tasks
2008-06-06 19:36:14		 0 d-------- C:\Program Files\Common Files\MSSoap
2008-06-06 19:36:10		 0 d-------- C:\WINDOWS\srchasst
2008-06-06 19:36:09		 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-06 19:36:01		 0 d-------- C:\Program Files\Movie Maker
2008-06-06 19:35:53		 0 d-------- C:\WINDOWS\system32\Restore
2008-06-06 19:35:37	 21748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-06 19:35:18		 0 d-------- C:\WINDOWS\Registration
2008-06-06 19:34:43		 0 d-------- C:\Program Files\Messenger
2008-06-06 19:34:39		 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-06 19:34:16		 0 d-------- C:\Program Files\Windows NT
2008-06-06 19:34:13		 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-06 19:34:11		 0 d-------- C:\WINDOWS\system32\Com
2008-05-30 19:22:22   3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:18:56	196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-30 19:18:56	 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-30 19:18:50	823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:48	802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-30 19:18:48	823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:48	815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:48	683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:00	 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll


-- Find3M Report ---------------------------------------------------------------

2008-06-24 12:54:46		34 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.log
2008-06-24 12:54:20	  1144 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.inf
2008-06-24 12:54:20	  7887 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.cat
2008-06-24 06:48:46	509428 --a------ C:\WINDOWS\system32\perfh013.dat
2008-06-24 06:48:46	 91296 --a------ C:\WINDOWS\system32\perfc013.dat
2008-06-06 21:03:14	 72748 --a------ C:\WINDOWS\unins000.exe <Not Verified; Jordan Russell; >
2008-06-06 20:52:00		62 --ahs---- C:\Documents and Settings\Tijn Kuyper\Application Data\desktop.ini
2008-05-03 05:46:00   1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-03 05:46:00   1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-03 05:46:00   1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-03 05:46:00	466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-03 05:46:00   1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-03 05:46:00   1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-03 05:46:00	442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-03 05:46:00	425984 --a------ C:\WINDOWS\system32\keystone.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11-04-2007 15:32 C:\WINDOWS\KHALMNPR.Exe]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15-07-2005 23:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25-03-2008 04:28]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [03-05-2008 05:46]
"nwiz"="nwiz.exe" [03-05-2008 05:46 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [03-05-2008 05:46]
"LXCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [20-07-2005 19:47]
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [03-08-2007 22:33]
"McENUI"="C:\PROGRA~1\McAfee\MHN\McENUI.exe" [30-11-2007 05:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27-05-2008 10:50]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [14-09-2007 02:52]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [14-09-2007 03:02]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [14-09-2007 02:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14-04-2008 22:32]
"nHancer"="C:\Program Files\nHancer\nHancer.exe" []

C:\Documents and Settings\Tijn Kuyper\Menu Start\Programma's\Opstarten\
Xfire.lnk - D:\Program Files\Xfire\xfire.exe [3-6-2008 2:56:46]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
BlueSoleil.lnk - C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe [16-7-2006 17:33:36]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [6-6-2008 20:00:02]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] 
C:\WINDOWS\System32\dimsntfy.dll 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 
LMIinit.dll 28-05-2008 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"McSysmon"=3 (0x3)
"McShield"=2 (0x2)
"McProxy"=2 (0x2)
"McODS"=3 (0x3)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"0295781212912402mcinstcleanup"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs	eaphost
dot3svc	dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{caee2768-33f4-11dd-93ac-806d6172696f}]
AutoRun\command- E:\autorun.exe




-- Hosts -----------------------------------------------------------------------

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com

8744 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-06-25 12:54:29 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: Dutch

CPU 0: AMD Athlon(tm) 64 Processor 3000+
Percentage of Memory in Use: 66%
Physical Memory (total/avail): 1023.48 MiB / 339.54 MiB
Pagefile Memory (total/avail): 2459.38 MiB / 1781.12 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1889.71 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 94.95 GiB total, 76.69 GiB free. 
D: is Fixed (NTFS) - 94.96 GiB total, 17.85 GiB free. 
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - Maxtor 6L200M0 - 189.92 GiB - 2 partitions
  \PARTITION0 (bootable) - Installable File System - 94.95 GiB - C:
  \PARTITION1 - Extended w/Extended Int 13 - 94.96 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
AUState says computer is ready and waiting.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Tijn Kuyper\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=TIJN
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Tijn Kuyper
LOGONSERVER=\\TIJN
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_06\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\TIJNKU~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\TIJNKU~1\LOCALS~1\Temp
USERDOMAIN=TIJN
USERNAME=Tijn Kuyper
USERPROFILE=C:\Documents and Settings\Tijn Kuyper
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI 


-- User Profiles ---------------------------------------------------------------

Tijn Kuyper [i](admin)[/i]
LogMeInRemoteUser [i](new local, admin)[/i]
Administrator [i](new local, admin)[/i]


-- Add/Remove Programs ---------------------------------------------------------

 --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
 --> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{20A4352A-237B-41DD-A6C0-3CD2F8E8D35C}\Setup.exe" -l0x13 
 --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
Acronis True Image Home --> MsiExec.exe /X{E5343B27-55DF-40BD-9FCF-A643C1331E8A}
Adobe Anchor Service CS3 --> MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3 --> MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3 --> MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting --> MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0 --> MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps --> MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific --> MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings --> C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings --> MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings --> MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings --> MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings --> MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Default Language CS3 --> MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3 --> MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2 --> C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2 --> MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Fonts All --> MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3 --> MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3 --> MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files --> MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3 --> C:\Program Files\Common Files\Adobe\Installers\719d6f144d0c086a0dfa7ff76bb9ac1\Setup.exe
Adobe Photoshop CS3 --> MsiExec.exe /I{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}
Adobe Setup --> MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup --> MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup --> MsiExec.exe /I{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Adobe Stock Photos CS3 --> MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3 --> MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client --> MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin --> MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3 --> MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ASUS Enhanced Display Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{315ACD04-BCEB-478B-9B1D-5431D0E6CB11}\setup.exe" -l0x9 
Athlon 64 Processor Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C151CE54-E7EA-4804-854B-F515368B0798}\setup.exe" -l0x13 
Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Beveiligingsupdate voor Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe
BlueSoleil 2.3.2.3 Release --> MsiExec.exe /X{8BD35570-F24B-4763-B8CD-42F93543D1E7}
Bridge Building Game --> C:\Program Files\Bridge Building Game\uninstall.exe
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DVD Shrink 3.2 --> "C:\Program Files\DVD Shrink\unins000.exe"
DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.3.0 --> "C:\Program Files\DVDFab 5\unins000.exe"
FlashFXP v3 --> "C:\Program Files\FlashFXP\Uninstall.exe" "C:\Program Files\FlashFXP\install.log" -u
Flatcast 4.16 RC1 --> C:\WINDOWS\unins000.exe
Foxit Reader --> C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
Google Gmail Notifier --> "C:\Program Files\Google\Gmail Notifier\UninstallGmail.exe"
HLSW v1.2.1 --> "C:\Program Files\HLSW\unins000.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Java(tm) 6 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
KhalInstallWrapper --> MsiExec.exe /I{56918C0C-0D87-4CA6-92BF-4975A43AC719}
Lexmark 730 Series --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxcfUNST.EXE -NOLICENSE
LimeWire PRO 4.18.2 --> "C:\Program Files\LimeWire\uninstall.exe"
Logitech Registration --> MsiExec.exe /I{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}
Logitech SetPoint --> C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe -runfromtemp -l0x0013 -removeonly
LogMeIn --> MsiExec.exe /I{ED0042CA-CBEA-4ADF-B262-FE0518AF2221}
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe
Medal of Honor Allied Assault --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0DEA94ED-915A-4834-A87E-388D012C8E02}\Setup.exe" -l0x13 
Medal of Honor Allied Assault(tm) Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7914BE1E-F186-4790-B8F4-9F63C52A41C1}\Setup.exe" -l0x13 
Medal of Honor Allied Assault(tm) Spearhead --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BE699EDC-9E58-4671-A23E-9CDF7F6F42F2}\Setup.exe" -l0x13 
Medal of Honor Allied Assault(tm) Spearhead Patch 2.15 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{18EF2DEE-DCB0-466A-ABA5-4C73E508530A}\Setup.exe" -l0x13 
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office FrontPage 2003 --> MsiExec.exe /I{90170409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Editie 2003 --> MsiExec.exe /I{90110413-6000-11D3-8CFE-0150048383C9}
Microsoft Office Project 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {C1877F6E-C1C8-486D-A697-86431029690C}
Microsoft Office Project 2007 Service Pack 1 (SP1) --> msiexec /package {90120000-00B4-0413-0000-0000000FF1CE} /uninstall {74C62E21-DA95-4C54-8840-DE989162D4DF}
Microsoft Office Project MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-00B4-0413-0000-0000000FF1CE}
Microsoft Office Project Professional 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PRJPRO /dll OSETUP.DLL
Microsoft Office Project Professional 2007 --> MsiExec.exe /X{90120000-003B-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007 --> MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007 --> MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0.0.14) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.14) --> C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
Nero 8 Ultra Edition HD --> MsiExec.exe /X{BE282C23-5484-47FF-B2C1-EBEA5C891043}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Notepad++ --> C:\Program Files\Notepad++\uninstall.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PE Explorer 1.99 --> "C:\Program Files\PE Explorer\unins000.exe"
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
RapidShare Manager --> rundll32.exe dfshim.dll,ShArpMaintain RapidShareManager.application, Culture=neutral, PublicKeyToken=c14d24c3c9280019, processorArchitecture=msil
Realtek AC'97 Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" REMOVE
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
SuperMegaSpoof 2.0 --> "C:\Program Files\MegaSpoof\unins000.exe"
System Requirements Lab --> C:\Program Files\SystemRequirementsLab\Uninstall.exe
Teach2000 8.25 --> "C:\Program Files\Teach2000\Uninstall\unins000.exe"
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
Terugwaartse compatibiliteit van Windows Rights Management Client SP2 --> MsiExec.exe /X{EC905264-BCFE-423B-9C42-C3A106266790}
TI Connect 1.6 --> MsiExec.exe /I{A8B94669-8654-4126-BD28-D0D2412CDED6}
TI NoteFolio Creator --> MsiExec.exe /I{F07AE5AB-516C-4CEB-A0AA-AD083B9182C6}
TRUST 320 SPACEC@M --> C:\WINDOWS\CleanDev.exe C:\WINDOWS\ov519.TXT
Update for Office 2007 (KB946691) --> msiexec /package {90120000-003B-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
VCRedistSetup --> MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live aanmeldhulp --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Live installer --> MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
Windows Live Messenger --> MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Rights Management Client met Service Pack 2 --> MsiExec.exe /X{13902DA3-1CE3-47E8-A42F-440FFC2BAC2F}
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Xfire (remove only) --> "D:\Program Files\Xfire\uninst.exe"
XML Paper Specification Shared Components Language Pack 1.0 --> "C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Pack 1.0 --> 


-- Application Event Log -------------------------------------------------------

Event Record #/Type1337 / Success
Event Submitted/Written: 06/25/2008 07:07:05 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type1320 / Error
Event Submitted/Written: 06/24/2008 00:54:45 PM
Event ID/Source: 8 / crypt32
Event Description:
Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> opvragen van de automatische update van het basislijstvolgordenummer van derden is mislukt met de fout: De opgegeven server kan de aangevraagde bewerking niet uitvoeren.

Event Record #/Type1319 / Error
Event Submitted/Written: 06/24/2008 00:54:44 PM
Event ID/Source: 8 / crypt32
Event Description:
Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> opvragen van de automatische update van het basislijstvolgordenummer van derden is mislukt met de fout: De opgegeven server kan de aangevraagde bewerking niet uitvoeren.

Event Record #/Type1318 / Error
Event Submitted/Written: 06/24/2008 00:54:42 PM
Event ID/Source: 8 / crypt32
Event Description:
Het bij <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> opvragen van de automatische update van het basislijstvolgordenummer van derden is mislukt met de fout: Deze bewerking is geretourneerd omdat de time-outperiode verlopen is.

Event Record #/Type1290 / Success
Event Submitted/Written: 06/24/2008 07:00:00 AM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type4775 / Error
Event Submitted/Written: 06/25/2008 00:12:59 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM kreeg foutmelding '%%1053' bij het starten van de lxcf_device-service met de argumenten ''
om de server 
{323CE21C-A448-40AA-BA74-7FCF1E44106F} te starten

Event Record #/Type4771 / Error
Event Submitted/Written: 06/25/2008 00:12:32 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
De lxcf_device-service kan vanwege de volgende fout niet worden gestart: 
%%1053

Event Record #/Type4770 / Error
Event Submitted/Written: 06/25/2008 00:12:32 AM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: lxcf_device.

Event Record #/Type4769 / Error
Event Submitted/Written: 06/25/2008 00:12:32 AM
Event ID/Source: 10005 / DCOM
Event Description:
DCOM kreeg foutmelding '%%1053' bij het starten van de lxcf_device-service met de argumenten ''
om de server 
{323CE21C-A448-40AA-BA74-7FCF1E44106F} te starten

Event Record #/Type4768 / Warning
Event Submitted/Written: 06/24/2008 08:22:58 PM
Event ID/Source: 36 / W32Time
Event Description:
De systeemtijd is gedurende 49152 seconden niet door de
tijdservice gesynchroniseerd omdat geen van de tijdproviders een bruikbaar tijdstempel
heeft kunnen aanbieden. De systeemklok is niet gesynchroniseerd.



-- End of Deckard's System Scanner: finished at 2008-06-25 12:54:29 ------------

Would someone please explain this to me, and tell me what to do to remove this?

Thanks in advance,


Moc

Edited by Moc, 25 June 2008 - 02:17 PM.


BC AdBot (Login to Remove)

 


#2 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:13 AM

Posted 04 July 2008 - 12:48 PM

Updated log, help still appreaciated:
- McAfee --> seem not the able to delete it completly
- dwwin.exe --> still there (very few times the error doenst show, but the next time it appears again.


Deckard's System Scanner v20071014.68
Run by Tijn Kuyper on 2008-07-04 19:43:55
Computer is in Normal Mode.
--------------------------------------------------------------------------------



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:02:01, on 4-7-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
D:\Program Files\Xfire\xfire.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\SiteAdvisor\6172\SAService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LXCFCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [nHancer] "C:\Program Files\nHancer\nHancer.exe" /tray
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Xfire.lnk = D:\Program Files\Xfire\xfire.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\Sitecom\IVT BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://dev.srtest.com/srl_bin/sysreqlab3.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1212782837359
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F8C1DA0F-0E0B-4F00-8241-C054AE648385}: NameServer = 10.0.0.138
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\Sitecom\IVT BlueSoleil\BTNtService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: McAfee Real-time Scanner (McShield) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (file missing)
O23 - Service: McAfee SystemGuards (McSysmon) - Unknown owner - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\Program Files\McAfee\MPF\MPFSrv.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SiteAdvisor-service (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6172\SAService.exe
O23 - Service: Acronis Try And Decide Service (TryAndDecideService) - Unknown owner - C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

--
End of file - 9330 bytes


-- Files created between 2008-06-04 and 2008-07-04 -----------------------------

2008-07-04 19:39:01		 0 d-------- C:\WINDOWS\LastGood
2008-07-04 18:42:34		 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-07-04 18:42:14		 0 d-------- C:\Program Files\AVG
2008-07-04 18:42:14		 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-04 18:26:54		 0 d-------- C:\Documents and Settings\LocalService\Bureaublad
2008-07-04 18:26:54		 0 d-------- C:\Documents and Settings\LocalService\Application Data\SiteAdvisor
2008-07-04 18:26:48		 0 d-------- C:\Program Files\SiteAdvisor
2008-07-04 18:26:48		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\SiteAdvisor
2008-07-04 18:26:48		 0 d-------- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-07-04 18:17:20		 0 d-------- C:\Program Files\AAALOGO2008
2008-07-04 16:00:58		 0 d-------- C:\Program Files\Realtek AC97
2008-07-04 15:46:55	 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2008-07-04 15:46:52		 0 d-------- C:\WINDOWS\system32\Lang
2008-07-03 10:38:22		56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-07-03 10:38:20		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\skypePM
2008-07-03 10:37:38		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Skype
2008-07-03 10:36:59		 0 d-------- C:\Program Files\Skype
2008-07-03 10:36:59		 0 d-------- C:\Program Files\Common Files\Skype
2008-07-03 10:36:45		 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-03 10:30:09		 0 --a------ C:\Documents and Settings\Tijn Kuyper\jagex_runescape_preferences.dat
2008-07-03 10:29:58		 0 d-------- C:\WINDOWS\.jagex_cache_32
2008-07-02 22:23:56	 86016 --a------ C:\WINDOWS\system32\custmon32.dll
2008-07-02 21:40:17		 0 d-------- C:\Documents and Settings\Tijn Kuyper\System
2008-07-02 21:40:17		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\SmartDraw
2008-07-02 21:35:06		 0 d-------- C:\Program Files\SmartDraw 2008
2008-07-02 21:31:43	262144 --a------ C:\WINDOWS\system32\ExPrint.dll <Not Verified; Exontrol Inc.; ExPrint Module>
2008-07-02 21:31:43	331776 --a------ C:\WINDOWS\system32\ExOrgView.dll <Not Verified; Exontrol Inc.; ExOrgView Module>
2008-07-02 21:31:43	552960 --a------ C:\WINDOWS\system32\ExImages.dll <Not Verified; Exontrol Inc.; ExImages Module>
2008-07-02 21:31:42	946176 --a------ C:\WINDOWS\system32\ExPropertiesList.dll <Not Verified; Exontrol Inc.; ExPropertiesList Module>
2008-07-02 21:31:42	733184 --a------ C:\WINDOWS\system32\ExOrgChart.dll <Not Verified; Exontrol Inc.; ExOrgChart Module>
2008-07-02 21:31:42		 0 d-------- C:\Program Files\Exontrol
2008-07-02 20:17:13		 0 d-------- C:\Program Files\Nattyware
2008-07-02 13:41:45		 0 d-------- C:\Documents and Settings\All Users\Application Data\Ten Thumbs Typing Tutor
2008-07-01 11:24:30		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Kayako
2008-06-29 21:32:33		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Uniblue
2008-06-29 21:17:41		 0 d-------- C:\Program Files\DMW Scanner 3
2008-06-29 14:01:16		 0 d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-06-29 14:00:21		 0 d-------- C:\Program Files\Messenger Plus! Live
2008-06-26 11:36:32		 0 d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-26 11:35:39		 0 d-------- C:\Program Files\Banner Maker Pro 7
2008-06-25 12:50:26		 0 d-------- C:\Program Files\Trend Micro
2008-06-24 12:58:34		 0 d-------- C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-24 12:58:32		 0 d-------- C:\Program Files\DVD Shrink
2008-06-24 12:54:20	 47360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-24 12:54:20	 47360 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-06-24 12:54:19		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Vso
2008-06-24 12:54:06		 0 d-------- C:\Program Files\DVDFab 5
2008-06-23 19:06:14		 0 d-------- C:\Program Files\Common Files\SpellEx
2008-06-23 19:04:07		 0 d-------- C:\WINDOWS\system32\URTTEMP
2008-06-23 18:57:58	 49536 --a------ C:\WINDOWS\system32\drivers\tiehdusb.sys <Not Verified; Texas Instruments Incorporated; Texas Instruments Incorporated Educational Handheld Device>
2008-06-23 18:57:35		 0 d-------- C:\Program Files\Common Files\TI Shared
2008-06-23 18:57:34		 0 d-------- C:\Program Files\TI Education
2008-06-23 18:56:19		 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-23 14:27:23		 0 d-------- C:\Program Files\Bridge Building Game
2008-06-23 14:21:34		 0 d-------- C:\Program Files\MSECache
2008-06-21 21:08:42		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Acronis
2008-06-21 21:05:49		 0 d-------- C:\Documents and Settings\LocalService\Application Data\Acronis
2008-06-21 21:03:16		 0 d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2008-06-21 21:02:15		 0 d-------- C:\Program Files\Common Files\Acronis
2008-06-21 21:02:15		 0 d-------- C:\Program Files\Acronis
2008-06-21 20:51:02		 0 d-------- C:\Program Files\QuickTime
2008-06-21 20:51:00		 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-21 20:50:40		 0 d-------- C:\Program Files\Apple Software Update
2008-06-21 20:50:40		 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-21 20:29:02		 0 d-------- C:\Program Files\PA Server Monitor
2008-06-21 11:10:47		 0 d-------- C:\Program Files\Teach2000
2008-06-20 21:11:43		 0 d-------- C:\WINDOWS\system32\Adobe
2008-06-20 15:33:41		 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-20 09:12:59		 0 d-------- C:\WINDOWS\SDold2
2008-06-16 22:20:20		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\DivX
2008-06-16 22:20:06		 0 d-------- C:\DECCHECK
2008-06-16 22:15:51		 0 d-------- C:\Program Files\DivX
2008-06-15 19:43:50		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\LimeWire
2008-06-15 19:43:37		 0 d-------- C:\Program Files\LimeWire
2008-06-15 16:12:57		 0 d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-06-15 16:04:23		 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-15 16:03:39		 0 d-------- C:\Program Files\Bonjour
2008-06-15 15:51:28		 0 d-------- C:\Program Files\Common Files\Macrovision Shared
2008-06-15 15:50:09		 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-15 15:34:14		 0 d-------- C:\WINDOWS\system32\DRM
2008-06-14 16:16:32		 0 d-------- C:\WINDOWS\Performance
2008-06-14 16:16:17		 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Corporation
2008-06-14 13:43:02		 0 d-------- C:\Program Files\YouTube Downloader
2008-06-14 12:13:05		 0 d-------- C:\Program Files\Microsoft Silverlight
2008-06-13 15:19:30		 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-13 15:19:03		 0 dr-h----- C:\MSOCache
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Sjablonen
2008-06-12 11:33:41		 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\SendTo
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Onlangs geopend
2008-06-12 11:33:41   1556480 --a------ C:\Documents and Settings\LogMeInRemoteUser\NTUSER.DAT
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Netwerkprinteromgeving
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\NetHood
2008-06-12 11:33:41		 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Mijn documenten
2008-06-12 11:33:41		 0 dr------- C:\Documents and Settings\LogMeInRemoteUser\Menu Start
2008-06-12 11:33:41		 0 d--h----- C:\Documents and Settings\LogMeInRemoteUser\Local Settings
2008-06-12 11:33:41		 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Favorieten
2008-06-12 11:33:41		 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Cookies
2008-06-12 11:33:41		 0 d-------- C:\Documents and Settings\LogMeInRemoteUser\Bureaublad
2008-06-12 11:33:41		 0 dr-h----- C:\Documents and Settings\LogMeInRemoteUser\Application Data
2008-06-12 11:33:41		 0 d---s---- C:\Documents and Settings\LogMeInRemoteUser\Application Data\Microsoft
2008-06-11 17:45:30	 46080 --a------ C:\WINDOWS\system32\TSRemote.dll
2008-06-09 18:06:57		 0 d--h----- C:\WINDOWS\PIF
2008-06-09 17:40:08		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\McAfee
2008-06-09 17:26:40		 0 d-------- C:\WINDOWS\Prefetch
2008-06-09 17:23:34		 0 d-------- C:\WINDOWS\system32\nl
2008-06-09 17:23:34		 0 d-------- C:\WINDOWS\system32\bits
2008-06-09 17:23:34		 0 d-------- C:\WINDOWS\l2schemas
2008-06-09 17:22:15		 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-09 17:21:04		 0 d-------- C:\WINDOWS\network diagnostic
2008-06-09 17:19:09		 0 d-------- C:\WINDOWS\EHome
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Sjablonen
2008-06-09 17:15:11		 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Onlangs geopend
2008-06-09 17:15:11   1794048 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Netwerkprinteromgeving
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2008-06-09 17:15:11		 0 d-------- C:\Documents and Settings\Administrator\Mijn documenten
2008-06-09 17:15:11		 0 dr------- C:\Documents and Settings\Administrator\Menu Start
2008-06-09 17:15:11		 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-06-09 17:15:11		 0 d-------- C:\Documents and Settings\Administrator\Favorieten
2008-06-09 17:15:11		 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2008-06-09 17:15:11		 0 d-------- C:\Documents and Settings\Administrator\Bureaublad
2008-06-09 17:15:11		 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2008-06-09 17:15:11		 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-06-09 17:01:57		 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-06-09 16:57:20		 0 d-------- C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-06-09 16:56:57		 0 d-------- C:\Program Files\LogMeIn
2008-06-08 15:28:04		 0 d-------- C:\Program Files\MegaSpoof
2008-06-08 11:38:35		 0 d-------- C:\Program Files\Notepad++
2008-06-08 11:38:35		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Notepad++
2008-06-08 10:32:06		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Help
2008-06-08 00:40:25		 0 d-------- C:\Program Files\MSXML 4.0
2008-06-08 00:24:12		 0 d-------- C:\Program Files\Lexmark 730 Series
2008-06-08 00:22:39		 0 d-------- C:\Lexmark
2008-06-07 15:52:21		 0 d-------- C:\Program Files\SystemRequirementsLab
2008-06-07 12:55:33		 0 d-------- C:\WINDOWS\nview
2008-06-07 12:47:04	   664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-06-07 12:13:42		 0 d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-06-07 12:13:17		 0 d-------- C:\Documents and Settings\All Users\Application Data\nHancer
2008-06-07 12:12:06		 0 d-------- C:\WINDOWS\system32\nl-NL
2008-06-07 12:10:25		 0 d-------- C:\WINDOWS\NV3216476.TMP
2008-06-07 12:09:52		 0 d-------- C:\Program Files\MSBuild
2008-06-07 12:09:43		 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-06-07 12:09:34		 0 d-------- C:\Program Files\Reference Assemblies
2008-06-07 12:06:44		 0 d-------- C:\Program Files\MSXML 6.0
2008-06-07 11:55:16		 0 d-------- C:\Documents and Settings\LocalService\Application Data\Xfire
2008-06-07 11:49:00		 0 d-------- C:\WINDOWS\nvidia icons
2008-06-07 11:48:44		 0 d-------- C:\WINDOWS\Sun
2008-06-07 11:48:44		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Sun
2008-06-07 11:47:50		 0 d-------- C:\NVIDIA
2008-06-07 11:47:41		 0 d-------- C:\Program Files\Java
2008-06-07 11:46:11		 0 d-------- C:\Program Files\Common Files\Java
2008-06-07 11:05:05		 0 d-------- C:\Program Files\Microsoft.NET
2008-06-07 11:04:18		 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-07 10:24:50		 0 d-------- C:\Program Files\Common Files\L&H
2008-06-07 10:24:16		 0 d-------- C:\Program Files\Microsoft Works
2008-06-07 10:24:07		 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-07 10:17:19		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Xfire
2008-06-06 23:17:11		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Nero
2008-06-06 23:16:06		 0 d-------- C:\Program Files\NeroInstall.bak
2008-06-06 23:10:57		 0 d-------- C:\Program Files\Nero
2008-06-06 23:10:57		 0 d-------- C:\Program Files\Common Files\Nero
2008-06-06 23:10:57		 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-06 23:05:07		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\PE Explorer
2008-06-06 23:03:34		 0 d-------- C:\Program Files\PE Explorer
2008-06-06 23:02:25		 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-06 22:58:10		 0 d-------- C:\Program Files\BitLord
2008-06-06 22:42:03		 0 d--h----- C:\WINDOWS\msdownld.tmp
2008-06-06 22:41:55		 0 d-------- C:\WINDOWS\Logs
2008-06-06 22:27:30		 0 d---s---- C:\Program Files\HLSW
2008-06-06 22:27:30		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\HLSW
2008-06-06 22:06:56		 0 d--hs---- C:\Documents and Settings\Tijn Kuyper\UserData
2008-06-06 21:50:06		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Macromedia
2008-06-06 21:50:05		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Adobe
2008-06-06 21:49:56	  1927 --a------ C:\WINDOWS\mozver.dat
2008-06-06 21:45:59		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\WinRAR
2008-06-06 21:40:14	   683 --a------ C:\WINDOWS\eReg.dat
2008-06-06 21:26:59		 0 d-------- C:\Program Files\EA GAMES
2008-06-06 21:21:47		 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-06 21:15:03		 0 d-------- C:\Program Files\FlashFXP
2008-06-06 21:15:02		 0 d-------- C:\Documents and Settings\All Users\Application Data\FlashFXP
2008-06-06 21:11:20		 0 d-------- C:\Program Files\Google
2008-06-06 21:03:59		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\teamspeak2
2008-06-06 21:03:46		 0 d-------- C:\Program Files\Teamspeak2_RC2
2008-06-06 21:03:14	   658 --a------ C:\WINDOWS\unins000.dat
2008-06-06 21:02:02		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Mijn documenten
2008-06-06 20:52:30		 0 d--hs---- C:\WINDOWS\Installer
2008-06-06 20:52:30		 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-06 20:52:27		 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-06 20:52:26		 0 dr------- C:\Program Files <PROGRA~1>
2008-06-06 20:52:26		 0 d-------- C:\Program Files\Common Files
2008-06-06 20:52:16		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Thunderbird
2008-06-06 20:52:07		 0 d-------- C:\Program Files\Mozilla Thunderbird
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\Sjablonen
2008-06-06 20:52:00		 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\Onlangs geopend
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\Netwerkprinteromgeving
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\Default User\Mijn documenten
2008-06-06 20:52:00		 0 dr------- C:\Documents and Settings\Default User\Menu Start
2008-06-06 20:52:00		 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\Default User\Favorieten
2008-06-06 20:52:00		 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\Default User\Bureaublad
2008-06-06 20:52:00		 0 d--h----- C:\Documents and Settings\All Users\Sjablonen
2008-06-06 20:52:00		 0 dr------- C:\Documents and Settings\All Users\Menu Start
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\All Users\Favorieten
2008-06-06 20:52:00		 0 dr------- C:\Documents and Settings\All Users\Documenten
2008-06-06 20:52:00		 0 d-------- C:\Documents and Settings\All Users\Bureaublad
2008-06-06 20:51:43		 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-06 20:51:43		 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-06 20:51:38		 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-06 20:51:38		 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-06 20:51:38		 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-06 20:51:38		 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-06 20:51:14		 0 d--hs---- C:\System Volume Information <SYSTEM~1>
2008-06-06 20:51:14		 0 d-------- C:\Documents and Settings
2008-06-06 20:46:35		 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-06 20:46:22		 0 d-------- C:\Program Files\Lx_cats
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\WinSxS
2008-06-06 20:45:11		 0 dr------- C:\WINDOWS\Web
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\twain_32
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\wins
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\wbem
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\usmt
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\spool
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\Setup
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\ras
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\oobe
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\npp
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\mui
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\IME
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\ias
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\export
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\drivers
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-06 20:45:11		 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\config
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\3076
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\2052
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1054
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1043
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1042
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1041
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1037
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1033
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1031
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1028
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system32\1025
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\system
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\security
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Resources
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\repair
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Provisioning
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\PeerNet
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\pchealth
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\mui
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\msapps
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\msagent
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Media
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\java
2008-06-06 20:45:11		 0 d--h----- C:\WINDOWS\inf
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\ime
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Help
2008-06-06 20:45:11		 0 dr--s---- C:\WINDOWS\Fonts
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Driver Cache
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Debug
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Cursors
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\Config
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\AppPatch
2008-06-06 20:45:11		 0 d-------- C:\WINDOWS\addins
2008-06-06 20:45:11		 0 d-------- C:\Temp
2008-06-06 20:44:58		 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-06 20:44:58		 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-06 20:39:54		 0 d-------- C:\WINDOWS\OvtCam
2008-06-06 20:38:26		 0 d-------- C:\WINDOWS\Options
2008-06-06 20:36:10		 0 d-------- C:\Program Files\Foxit Software
2008-06-06 20:29:14		 0 d-------- C:\Program Files\Windows Live Safety Center
2008-06-06 20:27:15		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Contacts
2008-06-06 20:22:51		 0 d-------- C:\WINDOWS\pss
2008-06-06 20:20:06		 0 d-------- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-06-06 20:14:19		 0 d--hs--c- C:\Program Files\Common Files\WindowsLiveInstaller
2008-06-06 20:14:14		 0 d-------- C:\Program Files\Windows Live
2008-06-06 20:14:10		 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-06-06 20:11:38		 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire
2008-06-06 20:10:59	  1100 --a------ C:\WINDOWS\system32\d3d8caps.dat
2008-06-06 20:10:33		 0 d-------- C:\Program Files\Xfire
2008-06-06 20:07:32		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Talkback
2008-06-06 20:07:24		 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-06 20:07:17		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Mozilla
2008-06-06 20:07:03		 0 d-------- C:\Program Files\Sitecom
2008-06-06 20:03:26		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Logitech
2008-06-06 20:03:03		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Leadertech
2008-06-06 20:03:01		 0 d-------- C:\Program Files\Common Files\LogiShared
2008-06-06 20:00:38		 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-06 20:00:03	 69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03	110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03	135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 20:00:03	163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2008-06-06 19:59:15		 0 d-------- C:\Program Files\Common Files\Logitech
2008-06-06 19:59:13		 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-06-06 19:59:00		 0 d-------- C:\Program Files\Logitech
2008-06-06 19:58:52		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\InstallShield
2008-06-06 19:58:47		 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-06-06 19:56:39		 0 d-------- C:\Program Files\Common Files\McAfee
2008-06-06 19:56:35		 0 d-------- C:\Program Files\McAfee
2008-06-06 19:55:31		 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2008-06-06 19:55:23		 0 d-------- C:\Program Files\Realtek Sound Manager
2008-06-06 19:55:17		 0 d-------- C:\Program Files\AvRack
2008-06-06 19:54:52		 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-06 19:54:50		 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-06 19:54:41	315392 --a------ C:\WINDOWS\alcupd.exe <Not Verified; Realtek Semiconductor Corp.; Realtek AC'97 Update driver Tool>
2008-06-06 19:54:29		 0 d-------- C:\Program Files\AMD
2008-06-06 19:51:41		 0 d-------- C:\WINDOWS\NV6561860.TMP
2008-06-06 19:51:25		 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-06 19:51:21		 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-06 19:50:43		 0 d-------- C:\Program Files\Marvell
2008-06-06 19:50:03	  5824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-06-06 19:48:22		 0 d-------- C:\Program Files\ASUSTeK
2008-06-06 19:48:08	 20096 --a------ C:\WINDOWS\system32\drivers\atkkbnt.sys <Not Verified; ASUSTeK COMPUTER INC.; ASUS Help driver For Keyboard Service.>
2008-06-06 19:48:08	347648 --a------ C:\WINDOWS\system32\ATKOSDX.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS On-Screen Display For 3D Game>
2008-06-06 19:48:08	  8704 --a------ C:\WINDOWS\system32\ATKOSDMini.DLL
2008-06-06 19:48:08	 61440 --a------ C:\WINDOWS\system32\ATKOGL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUSTeK Computer Inc. AsusOGL>
2008-06-06 19:48:08	303104 --a------ C:\WINDOWS\system32\ATKDispCPL.dll <Not Verified; ASUSTeK COMPUTER INC.; ASUS Display Property Page>
2008-06-06 19:48:08	154144 --a------ C:\WINDOWS\system32\ATKDISP.dll <Not Verified; ASUSTeK Computer Inc.; ASUS Windows 2000/XP Display Driver>
2008-06-06 19:48:08	 90112 --a------ C:\WINDOWS\ATKKBService.exe <Not Verified; ASUSTeK COMPUTER INC.; ASUS Keyboard Service>
2008-06-06 19:48:07	180224 --a------ C:\WINDOWS\system32\ATKCheckDispIDs.dll
2008-06-06 19:48:07		 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-06 19:47:28		 0 d-------- C:\WINDOWS\NV1681648.TMP
2008-06-06 19:46:53		 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-06 19:46:38	  9472 -ra------ C:\WINDOWS\system32\drivers\EIO.sys <Not Verified; ASUSTeK Computer Inc.; ASUS Kernel Mode Driver for NT>
2008-06-06 19:42:36		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Application Data\Identities
2008-06-06 19:42:29		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Local Settings
2008-06-06 19:42:29		 0 dr------- C:\Documents and Settings\Tijn Kuyper\Favorieten
2008-06-06 19:42:29		 0 d--hs---- C:\Documents and Settings\Tijn Kuyper\Cookies
2008-06-06 19:42:29		 0 d-------- C:\Documents and Settings\Tijn Kuyper\Bureaublad
2008-06-06 19:42:29		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Application Data
2008-06-06 19:42:28		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Sjablonen
2008-06-06 19:42:28		 0 dr-h----- C:\Documents and Settings\Tijn Kuyper\SendTo
2008-06-06 19:42:28		 0 dr-h----- C:\Documents and Settings\Tijn Kuyper\Onlangs geopend
2008-06-06 19:42:28   5767168 --ah----- C:\Documents and Settings\Tijn Kuyper\NTUSER.DAT
2008-06-06 19:42:28		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\Netwerkprinteromgeving
2008-06-06 19:42:28		 0 d--h----- C:\Documents and Settings\Tijn Kuyper\NetHood
2008-06-06 19:42:28		 0 dr------- C:\Documents and Settings\Tijn Kuyper\Menu Start
2008-06-06 19:41:39		 0 d-------- C:\WINDOWS\SDold
2008-06-06 19:41:37		 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-06 19:41:36	229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-06 19:41:36		 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-06 19:41:36		 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-06-06 19:41:36		 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-06 19:41:36		 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-06 19:41:21	229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-06 19:41:21		 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-06 19:41:21		 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2008-06-06 19:41:21		 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-06 19:41:21		 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-06 19:38:36		 0 d-------- C:\WINDOWS\system32\xircom
2008-06-06 19:38:36		 0 d-------- C:\Program Files\microsoft frontpage
2008-06-06 19:38:35	229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-06 19:38:26		 0 -rahs---- C:\MSDOS.SYS
2008-06-06 19:38:26		 0 -rahs---- C:\IO.SYS
2008-06-06 19:38:26		 0 --a------ C:\CONFIG.SYS
2008-06-06 19:38:26		 0 --a------ C:\AUTOEXEC.BAT
2008-06-06 19:37:29		 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-06 19:37:19		 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-06 19:37:19		 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-06 19:37:09		 0 d--h----- C:\Program Files\WindowsUpdate
2008-06-06 19:37:05		 0 d-------- C:\Program Files\Online Services
2008-06-06 19:36:49		 0 d-------- C:\WINDOWS\system32\DirectX
2008-06-06 19:36:15		 0 d---s---- C:\WINDOWS\Tasks
2008-06-06 19:36:14		 0 d-------- C:\Program Files\Common Files\MSSoap
2008-06-06 19:36:10		 0 d-------- C:\WINDOWS\srchasst
2008-06-06 19:36:09		 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-06 19:36:01		 0 d-------- C:\Program Files\Movie Maker
2008-06-06 19:35:53		 0 d-------- C:\WINDOWS\system32\Restore
2008-06-06 19:35:37	 21748 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-06 19:35:18		 0 d-------- C:\WINDOWS\Registration
2008-06-06 19:34:43		 0 d-------- C:\Program Files\Messenger
2008-06-06 19:34:39		 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-06 19:34:16		 0 d-------- C:\Program Files\Windows NT
2008-06-06 19:34:13		 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-06 19:34:11		 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-07-02 12:02:31	 20276 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\com.koingosw.AlarmClockPro.xml
2008-06-29 18:15:55	509428 --a------ C:\WINDOWS\system32\perfh013.dat
2008-06-29 18:15:55	 91296 --a------ C:\WINDOWS\system32\perfc013.dat
2008-06-24 12:54:46		34 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.log
2008-06-24 12:54:20	  1144 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.inf
2008-06-24 12:54:20	  7887 --a------ C:\Documents and Settings\Tijn Kuyper\Application Data\pcouffin.cat
2008-06-06 21:03:14	 72748 --a------ C:\WINDOWS\unins000.exe <Not Verified; Jordan Russell; >
2008-06-06 20:52:00		62 --ahs---- C:\Documents and Settings\Tijn Kuyper\Application Data\desktop.ini
2008-05-30 19:22:22   3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:18:56	196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-30 19:18:56	 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-30 19:18:50	823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:48	802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-30 19:18:48	823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:48	815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:48	683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX>
2008-05-30 19:18:00	 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-03 05:46:00   1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-03 05:46:00   1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-03 05:46:00   1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-03 05:46:00	466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-03 05:46:00   1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-03 05:46:00   1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-03 05:46:00	442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-03 05:46:00	425984 --a------ C:\WINDOWS\system32\keystone.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [11-04-2007 15:32 C:\WINDOWS\KHALMNPR.Exe]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [15-07-2005 23:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25-03-2008 04:28]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [03-05-2008 05:46]
"nwiz"="nwiz.exe" [03-05-2008 05:46 C:\WINDOWS\system32\nwiz.exe]
"LXCFCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCFtime.dll" [20-07-2005 19:47]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [27-05-2008 10:50]
"TrueImageMonitor.exe"="C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe" [14-09-2007 02:52]
"AcronisTimounterMonitor"="C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe" [14-09-2007 03:02]
"Acronis Scheduler2 Service"="C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" [14-09-2007 02:55]
"SoundMan"="SOUNDMAN.EXE" [16-04-2007 15:28 C:\WINDOWS\soundman.exe]
"SiteAdvisor"="C:\Program Files\SiteAdvisor\6172\SiteAdv.exe" [24-08-2007 23:57]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [04-07-2008 18:42]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [14-04-2008 22:32]
"nHancer"="C:\Program Files\nHancer\nHancer.exe" []
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\runonce]
"MPlayer2_FixUp"=C:\WINDOWS\inf\unregmp2.exe /Fixups

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"=1 (0x1)
"AllowUnhashedWebView"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy] 
C:\WINDOWS\System32\dimsntfy.dll 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit] 
LMIinit.dll 28-05-2008 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"McSysmon"=3 (0x3)
"McShield"=2 (0x2)
"McProxy"=2 (0x2)
"McODS"=3 (0x3)
"McNASvc"=2 (0x2)
"mcmscsvc"=2 (0x2)
"0295781212912402mcinstcleanup"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs	eaphost
dot3svc	dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
napagent
hkmsvc


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{caee2768-33f4-11dd-93ac-806d6172696f}]
AutoRun\command- E:\autorun.exe




-- End of Deckard's System Scanner: finished at 2008-07-04 19:48:30 ------------

Edited by Moc, 04 July 2008 - 01:05 PM.


#3 Moc

Moc
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:03:13 AM

Posted 05 July 2008 - 06:20 AM

Please delete this topic, I have already solved it myself :thumbsup:

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Staff Emeritus
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the &quot;Logic Free Zone&quot;, in Md, USA
  • Local time:09:13 PM

Posted 06 July 2008 - 10:38 AM

Thanks for informing us.

Should you find other problems, please start a new topic.

This thread is closed.
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users