PDA

View Full Version : Smitfraud C Toolbar 888



janhooijen
2007-06-18, 22:52
Hello,

I need some assistance, please.

I've got a virus (Smitfraud C Toolbar888) what's very difficult to delete. Did several McAfee scans and removed viruses, ran Spybot. But just when I think Smitfraud is off my system, it returns.. :sad:.

I included a recent HijackThis logfile.

Thanks in advance,
Jan


Logfile of HijackThis v1.99.1
Scan saved at 21:43:21, on 18-6-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Azureus\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: (no name) - {81B78E86-460A-488A-A4AC-FFDBFB846E26} - C:\WINDOWS\system32\awtqq.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Azureus\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - 802.11g Wi-Fi USB Dongle LAN Utility.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v902/Navigram.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Shaba
2007-06-19, 12:19
Hi janhooijen

Please post also spybot report here :)

janhooijen
2007-06-19, 21:29
Hello Shaba,

Thanks for helping out.

Spybot log:
Yesterday I encountered Smitfraud C Toolbar888 again after scanning, and I removed it (not for the first time). In this recent Spybot scan (see log below) Smitfraud was not detected...

Thanks in advance,
Jan


Part1
--- Search result list ---
DoubleClick: Tracking cookie (Internet Explorer: Cindy Kortum) (Cookie, nothing done)


Avenue A, Inc.: Tracking cookie (Firefox: default) (Cookie, nothing done)


DoubleClick: Tracking cookie (Firefox: default) (Cookie, nothing done)


Tradedoubler: Tracking cookie (Firefox: default) (Cookie, nothing done)


Tradedoubler: Tracking cookie (Firefox: default) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2007-02-17 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2007-05-23 advcheck.dll (1.5.3.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2007-01-02 Tools.dll (2.0.1.0)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2007-06-13 Includes\Cookies.sbi (*)
2007-05-30 Includes\Dialer.sbi (*)
2007-06-13 Includes\DialerC.sbi (*)
2007-06-13 Includes\Hijackers.sbi (*)
2007-06-13 Includes\HijackersC.sbi (*)
2006-10-27 Includes\Keyloggers.sbi (*)
2007-06-13 Includes\KeyloggersC.sbi (*)
2007-05-30 Includes\Malware.sbi (*)
2007-06-13 Includes\MalwareC.sbi (*)
2007-03-21 Includes\PUPS.sbi (*)
2007-06-13 Includes\PUPSC.sbi (*)
2007-06-13 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-06-13 Includes\SecurityC.sbi (*)
2007-06-06 Includes\Spybots.sbi (*)
2007-06-13 Includes\SpybotsC.sbi (*)
2005-02-17 Includes\Tracks.uti
2007-05-16 Includes\Trojans.sbi (*)
2007-06-13 Includes\TrojansC.sbi (*)
2007-06-06 Plugins\TCPIPAddress.dll



--- System information ---
Windows XP (Build: 2600) Service Pack 2
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Hotfix (KB886903)
/ .NETFramework / 1.1: Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/917283
/ Microsoft .NET Framework 2.0: This Security Update is for Microsoft .NET Framework 2.0. \n
If you later install a more recent service pack, this Security Update will be uninstalled automatically. \n
For more information, visit http://support.microsoft.com/kb/922770
/ MSXML4SP2: FIX: ASP stops responding when calling Response.Redirect to another server using msxml4 sp2
/ Step By Step Interactive Training / SP2: KB898458: Beveiligingsupdate voor Step by Step Interactive Training
/ Windows / SP1: Microsoft Internationalized Domain Names Mitigation APIs
/ Windows / SP1: Microsoft National Language Support Downlevel APIs
/ Windows Media Format 11 SDK: Hotfix for Windows Media Format 11 SDK (KB929399)
/ Windows Media Player 10: Beveiligingsupdate for Windows Media Player 10 (KB911565)
/ Windows Media Player 10: Beveiligingsupdate for Windows Media Player 10 (KB917734)
/ Windows Media Player 6.4: Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
/ Windows XP: Beveiligingsupdate for Windows XP (KB923689)
/ Windows XP / SP0: Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090)
/ Windows XP / SP0: Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969)
/ Windows XP / SP0: Beveiligingsupdate voor Windows Internet Explorer 7 (KB931768)
/ Windows XP / SP0: Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566)
/ Windows XP / SP10: Microsoft Compression Client Pack 1.0 for Windows XP
/ Windows XP / SP3: Windows XP Hotfix - KB834707
/ Windows XP / SP3: Windows XP Hotfix - KB867282
/ Windows XP / SP3: Windows XP Hotfix - KB873333
/ Windows XP / SP3: Windows XP Hotfix - KB873339
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB883939)
/ Windows XP / SP3: Windows XP Hotfix - KB885250
/ Windows XP / SP3: Windows XP Hotfix - KB885835
/ Windows XP / SP3: Windows XP Hotfix - KB885836
/ Windows XP / SP3: Windows XP Hotfix - KB885884
/ Windows XP / SP3: Windows XP Hotfix - KB886185
/ Windows XP / SP3: Windows XP Hotfix - KB887472
/ Windows XP / SP3: Windows XP Hotfix - KB887742
/ Windows XP / SP3: Windows XP Hotfix - KB887797
/ Windows XP / SP3: Windows XP Hotfix - KB888113
/ Windows XP / SP3: Windows XP Hotfix - KB888302
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB890046)
/ Windows XP / SP3: Windows XP Hotfix - KB890047
/ Windows XP / SP3: Windows XP Hotfix - KB890175
/ Windows XP / SP3: Windows XP Hotfix - KB890859
/ Windows XP / SP3: Windows XP Hotfix - KB891781
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB893066)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB893756)
/ Windows XP / SP3: Windows Installer 3.1 (KB893803)
/ Windows XP / SP3: Update voor Windows XP (KB894391)
/ Windows XP / SP3: Hotfix voor Windows XP (KB896256)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB896358)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB896422)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB896423)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB896424)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB896428)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB896688)
/ Windows XP / SP3: Update voor Windows XP (KB898461)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB899587)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB899589)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB899591)
/ Windows XP / SP3: Update voor Windows XP (KB900485)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB900725)
/ Windows XP / SP3: Update voor Windows XP (KB900930)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB901017)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB901214)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB902400)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB904706)
/ Windows XP / SP3: Update voor Windows XP (KB904942)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB905414)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB905749)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB908519)
/ Windows XP / SP3: Update voor Windows XP (KB908531)
/ Windows XP / SP3: Update voor Windows XP (KB910437)
/ Windows XP / SP3: Update voor Windows XP (KB911280)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB911562)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB911567)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB911927)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB912812)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB912919)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB913446)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB913580)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB914388)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB914389)
/ Windows XP / SP3: Hotfix voor Windows XP (KB914440)
/ Windows XP / SP3: Hotfix for Windows XP (KB915865)
/ Windows XP / SP3: Update voor Windows XP (KB916595)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB917159)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB917344)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB917422)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB917953)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB918118)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB918439)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB918899)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB919007)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB920213)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB920214)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB920670)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB920683)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB920685)
/ Windows XP / SP3: Update voor Windows XP (KB920872)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB921398)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB921883)
/ Windows XP / SP3: Update voor Windows XP (KB922582)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB922616)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB922760)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB922819)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB923191)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB923414)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB923694)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB923980)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB924191)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB924270)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB924496)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB924667)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB925454)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB925486)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB925902)
/ Windows XP / SP3: Hotfix for Windows XP (KB926239)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB926255)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB926436)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB927779)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB927802)
/ Windows XP / SP3: Update voor Windows XP (KB927891)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB928255)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB928843)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB929123)
/ Windows XP / SP3: Update voor Windows XP (KB929338)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB929969)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB930178)
/ Windows XP / SP3: Update voor Windows XP (KB930916)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB931261)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB931784)
/ Windows XP / SP3: Update voor Windows XP (KB931836)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB932168)
/ Windows XP / SP3: Hotfix voor Windows XP (KB935448)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB935839)
/ Windows XP / SP3: Beveiligingsupdate voor Windows XP (KB935840)
/ Windows XP OOB / SP10: High Definition Audio Driver Package - KB835221

janhooijen
2007-06-19, 21:33
part2

--- Startup entries list ---
Located: HK_LM:Run, Alcmtr
command: ALCMTR.EXE
file: C:\WINDOWS\ALCMTR.EXE
size: 69632
MD5: 8b4cbba1ea526830c7f97e7822e2493a

Located: HK_LM:Run, DAEMON Tools
command: "D:\Azureus\DAEMON Tools\daemon.exe" -lang 1033
file: D:\Azureus\DAEMON Tools\daemon.exe
size: 133016
MD5: d050311a72d10d4d2cffacf5728fc978

Located: HK_LM:Run, GrooveMonitor
command: "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
file: C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 31016
MD5: 38d198a2dd54a67120040566a38103ba

Located: HK_LM:Run, NeroFilterCheck
command: C:\WINDOWS\system32\NeroCheck.exe
file: C:\WINDOWS\system32\NeroCheck.exe
size: 155648
MD5: 3e4c03cefad8de135263236b61a49c90

Located: HK_LM:Run, NvCplDaemon
command: RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: 16c68603123832bfd177b8334e9d9cb2

Located: HK_LM:Run, NvMediaCenter
command: RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
file: C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: 16c68603123832bfd177b8334e9d9cb2

Located: HK_LM:Run, nwiz
command: nwiz.exe /install
file: C:\WINDOWS\system32\nwiz.exe
size: 1519616
MD5: 67a8dd30af82e412cb4bf1b6d1623809

Located: HK_LM:Run, Recguard
command: C:\WINDOWS\SMINST\RECGUARD.EXE
file:

Located: HK_LM:Run, RemoteControl
command: "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
file: C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 32768
MD5: 8fb740d758b14b1bc950cc347c21e461

Located: HK_LM:Run, RTHDCPL
command: RTHDCPL.EXE
file: C:\WINDOWS\RTHDCPL.EXE
size: 14864384
MD5: 569ddc03b8fea3936731cae99dd95fa5

Located: HK_LM:Run, SunJavaUpdateSched
command: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
file: C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61a3a9d5d98bf0331df5b716144a8100

Located: HK_CU:Run, CTFMON.EXE
command: C:\WINDOWS\system32\ctfmon.exe
file: C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 7de46c9c40abb58c8fdfe0212a3bf2b4

Located: HK_CU:Run, swg
command: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
file: C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
size: 171448
MD5: 0fa44ea8b03aba3e1d240b5a333d8e6a

Located: Startup (common), Adobe Acrobat Speed Launcher.lnk
command: C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe
file:

Located: Startup (common), Adobe Reader Speed Launch.lnk
command: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
file: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
size: 29696
MD5: 43362b96870ce8649f4f2ec893da93f0

Located: Startup (common), Sagem - 802.11g Wi-Fi USB Dongle LAN Utility.lnk
command: C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
file: C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
size: 679936
MD5: 4e5e1969ff6adce6f2bfafd24bfacf13

Located: System.ini, crypt32chain
command: crypt32.dll
file: crypt32.dll

Located: System.ini, cryptnet
command: cryptnet.dll
file: cryptnet.dll

Located: System.ini, cscdll
command: cscdll.dll
file: cscdll.dll

Located: System.ini, ScCertProp
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, Schedule
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, sclgntfy
command: sclgntfy.dll
file: sclgntfy.dll

Located: System.ini, SensLogn
command: WlNotify.dll
file: WlNotify.dll

Located: System.ini, termsrv
command: wlnotify.dll
file: wlnotify.dll

Located: System.ini, wlballoon
command: wlnotify.dll
file: wlnotify.dll

janhooijen
2007-06-19, 21:34
part 3

--- Browser helper object list ---
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} (Groove GFS Browser Helper)
BHO name:
CLSID name: Groove GFS Browser Helper
Path: C:\PROGRA~1\MICROS~1\Office12\
Long name: GrooveShellExtensions.dll
Short name: GRA8E1~1.DLL
Date (created): 27-10-2006 1:48:42
Date (last access): 19-6-2007 20:21:56
Date (last write): 27-10-2006 1:48:42
Filesize: 2210608
Attributes: archive
MD5: 786DD1892B553EFE5A004AC39775C851
CRC32: AAD965C9
Version: 12.0.4518.1014

{7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)
BHO name: scriptproxy
CLSID name: scriptproxy
Path: c:\PROGRA~1\mcafee\VIRUSS~1\
Long name: scriptcl.dll
Short name:
Date (created): 2-1-2007 14:44:04
Date (last access): 19-6-2007 20:21:56
Date (last write): 22-12-2006 17:02:40
Filesize: 67136
Attributes: archive
MD5: 196CCD7A9076A9D937EF39ED52332688
CRC32: C3E8AA9F
Version: 13.3.2.101

{81B78E86-460A-488A-A4AC-FFDBFB846E26} ()
BHO name:
CLSID name:
Path: C:\WINDOWS\system32\
Long name: awtqq.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
BHO name:
CLSID name: Google Toolbar Helper
description: Google toolbar
classification: Open for discussion
known filename: googletoolbar.dll<br>googletoolbar*.dll<br>(* = number)<br>googletoolbar_en_*.**-big.dll<br>Googletoolbar_en_*.*.**-deleon.dll
info link: http://toolbar.google.com/
info source: TonyKlein
Path: c:\program files\google\
Long name: GoogleToolbar4.dll
Short name: GOOGLE~4.DLL
Date (created): 1-2-2007 19:31:52
Date (last access): 19-6-2007 20:21:56
Date (last write): 20-1-2007 0:55:32
Filesize: 2403392
Attributes: readonly archive
MD5: 6319F2D4708DBCAE37CFA03DA10782C0
CRC32: D51D8296
Version: 4.0.1601.4978



--- ActiveX list ---
{6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control)
DPF name:
CLSID name: Navigram Control
Installer: C:\WINDOWS\Downloaded Program Files\navigram.inf
Codebase: http://www.navigram.com/engine/v902/Navigram.cab
Path: C:\PROGRA~1\Navigram\NAVIGR~1\
Long name: navigram.ocx
Short name:
Date (created): 3-4-2007 11:00:18
Date (last access): 19-6-2007 20:21:56
Date (last write): 3-4-2007 11:00:18
Filesize: 1400832
Attributes: archive
MD5: 0874EDEC76F44413C82F12C99A6F45F0
CRC32: 55B01B11
Version: 9.0.2.0



--- Process list ---
PID: 0 ( 0) [System]
PID: 676 ( 4) \SystemRoot\System32\smss.exe
PID: 904 ( 676) \??\C:\WINDOWS\system32\csrss.exe
PID: 940 ( 676) \??\C:\WINDOWS\system32\winlogon.exe
PID: 988 ( 940) C:\WINDOWS\system32\services.exe
size: 108544
MD5: 39991CD3C17B7529D039151A88E84499
PID: 1000 ( 940) C:\WINDOWS\system32\lsass.exe
size: 13312
MD5: 34A82DEBEFB057FCCCBE15F619FC98A7
PID: 1156 ( 988) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: AB8C6D89A897BACBA4657FDF00E344A6
PID: 1216 ( 988) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: AB8C6D89A897BACBA4657FDF00E344A6
PID: 1360 ( 988) C:\WINDOWS\System32\svchost.exe
size: 14336
MD5: AB8C6D89A897BACBA4657FDF00E344A6
PID: 1400 ( 988) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: AB8C6D89A897BACBA4657FDF00E344A6
PID: 1468 ( 988) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: AB8C6D89A897BACBA4657FDF00E344A6
PID: 1636 ( 988) C:\WINDOWS\system32\svchost.exe
size: 14336
MD5: AB8C6D89A897BACBA4657FDF00E344A6
PID: 1948 ( 988) C:\WINDOWS\system32\spoolsv.exe
size: 57856
MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
PID: 288 ( 988) C:\WINDOWS\system32\CTsvcCDA.exe
size: 44032
MD5: 3C8B6609712F4FF78E521F6DCFC4032B
PID: 332 ( 988) C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
size: 540776
MD5: 359B5C5CAB0CA31061506E51CCBAF4B1
PID: 380 ( 988) C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
size: 361560
MD5: BB8A45E65BE310996A201F8A75646A8D
PID: 444 ( 988) c:\program files\common files\mcafee\mna\mcnasvc.exe
size: 2209320
MD5: 4C5B97B76C13D9154AA91D0C754E79E3
PID: 612 ( 988) C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
size: 362064
MD5: D984FAF698966AA360C1702EF623C3F9
PID: 692 ( 988) C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
size: 493144
MD5: 14313FF5203DF7CB53E8D2F18F59D4D2
PID: 808 ( 988) c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
size: 248416
MD5: 825040724CA09837719022D7181C555C
PID: 860 ( 988) C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
size: 144960
MD5: B74CEBEF7F2126F68CDC060C855E5AAB
PID: 908 ( 988) C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
size: 643664
MD5: 9770A8706BBA3C4CBEA998D2A6BF2D08
PID: 1264 ( 988) C:\Program Files\McAfee\MPF\MPFSrv.exe
size: 839720
MD5: 0928B5DBBF198340D5FF7EDA01922791
PID: 1304 ( 988) C:\WINDOWS\system32\nvsvc32.exe
size: 143436
MD5: AA78C4677E06CFD4FE048718EE7F6332
PID: 2368 ( 988) C:\WINDOWS\System32\alg.exe
size: 44544
MD5: 15CFF49392F765356EBBF05D87FFB6B2
PID: 524 ( 232) C:\WINDOWS\Explorer.EXE
size: 1035776
MD5: A1D7304A87FC3093150F5E3CC7B0F338
PID: 736 (1156) C:\PROGRA~1\mcafee.com\agent\mcagent.exe
size: 566872
MD5: 4C4F3DE9CF6E0F8B7A4AE639FF981BFF
PID: 2152 ( 524) C:\WINDOWS\system32\RUNDLL32.EXE
size: 33792
MD5: 16C68603123832BFD177B8334E9D9CB2
PID: 1708 ( 524) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
size: 32768
MD5: 8FB740D758B14B1BC950CC347C21E461
PID: 2472 ( 524) C:\WINDOWS\RTHDCPL.EXE
size: 14864384
MD5: 569DDC03B8FEA3936731CAE99DD95FA5
PID: 2544 ( 524) C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
size: 36975
MD5: 61A3A9D5D98BF0331DF5B716144A8100
PID: 2568 ( 524) D:\Azureus\DAEMON Tools\daemon.exe
size: 133016
MD5: D050311A72D10D4D2CFFACF5728FC978
PID: 2580 ( 524) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
size: 31016
MD5: 38D198A2DD54A67120040566A38103BA
PID: 2588 ( 524) C:\WINDOWS\system32\ctfmon.exe
size: 15360
MD5: 7DE46C9C40ABB58C8FDFE0212A3BF2B4
PID: 2648 ( 524) C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
size: 171448
MD5: 0FA44EA8B03ABA3E1D240B5A333D8E6A
PID: 2036 ( 524) C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
size: 679936
MD5: 4E5E1969FF6ADCE6F2BFAFD24BFACF13
PID: 3168 ( 524) C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
size: 7209069
MD5: B8E1B08FD736DBAB8DBC850CC078E5CE
PID: 2064 ( 524) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
size: 4393096
MD5: 09CA174A605B480318731E691DC98539
PID: 4 ( 0) System


--- Browser start & search pages list ---
Spybot - Search & Destroy browser pages report, 19-6-2007 20:23:42

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Local Page
C:\WINDOWS\system32\blank.htm
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Page
http://www.google.com
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Search Bar
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page
http://www.nu.nl/
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\@
http://www.google.com/search?q=%s
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Local Page
%SystemRoot%\system32\blank.htm
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Page
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Start Page
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Page_URL
http://go.microsoft.com/fwlink/?LinkId=69157
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Default_Search_URL
http://go.microsoft.com/fwlink/?LinkId=54896
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\SearchAssistant
http://www.google.com/ie
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\CustomizeSearch
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm


--- Winsock Layered Service Provider list ---

janhooijen
2007-06-19, 21:36
part 4

--- Uninstall list ---
(AddressBook)

Azureus 2.5.0.0 (Azureus)
install location: D:\Azureus
uninstall cmd: D:\Azureus\Uninstall.exe

(Branding)

(CADI)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x13 /remove

Canon CanoCraft CS-P 3.8 (CanoCraft CS-P 3.8)
uninstall cmd: C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\CanoCraft CS-P 3.8\Uninst.isu" -c"C:\Program Files\Canon\CanoCraft CS-P 3.8\scuninst.dll"

(Connection Manager)

(Creative Audio CD Ripper)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x13 /remove

(Creative MediaSource 5)

(Creative MediaSource CD-ROM Burner Plugin Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0013

(Creative MediaSource Net Content Plugin Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0013

(Creative MediaSource Online Store Plugin)
uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0013

(Creative MediaSource Player Skin Pack Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0013

(Creative MediaSource Plugin for PlaysForSure Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MTP_U\Setup.exe" /remove /l0x0013

(Creative MediaSource Unicode)
uninstall cmd: "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0013

Creative Beheer van verwijderbare schijf (Creative Removable Disk Manager)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x13 /remove

(Creative SmartFill)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x13 /remove

(Creative Sync Manager (Unicode))
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x13 /remove

(Creative Video Converter)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x13 /remove

(Creative ZEN V Series (R2))

3.0.1.1 (Davi-Tuin 3D)
publisher: Davilex Software

Davi-Tuin 3D 3 (Davi-Tuin 3D 3 NL)
uninstall cmd: C:\Program Files\Davilex\Shared\UNINST32.EXE C:\PROGRA~1\Davilex\DAVI-T~1\Install.log

(DirectAnimation)

(DirectDrawEx)

DivX Content Uploader 1.1.0 (DivX Content Uploader)
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
publisher: DivX, Inc.

(DXM_Runtime)

1.0.0.11 (Easy Beheer - Cd-collectie)
publisher: Davilex Software

Easy Beheer - Cd-collectie 1 (Easy Beheer - Cd-collectie 1 NL)
uninstall cmd: C:\Program Files\Davilex\Shared\UNINST32.EXE C:\PROGRA~1\Davilex\EASYBE~1\Install.log

Microsoft Office Enterprise 2007 12.0.4518.1014 (ENTERPRISE)
install location: C:\Program Files\Microsoft Office
uninstall cmd: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
publisher: Microsoft Corporation

FM Scout 3.30b5 (FMScout)
uninstall cmd: C:\Program Files\nygreen.net\FMScout\Uninstall.exe
publisher: nygreen.net

(Fontcore)

HijackThis 1.99.1 1.99.1 (HijackThis)
uninstall cmd: C:\Program Files\HijackThis\HijackThis.exe /uninstall
publisher: Soeperman Enterprises Ltd.

(ICW)

Microsoft Internationalized Domain Names Mitigation APIs (IDNMitigationAPIs)
install date: 20070129
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

(IE40)

(IE4Data)

(IE5BAKEX)

Windows Internet Explorer 7 20061107.210142 (ie7)
install date: 20070129
uninstall cmd: "C:\WINDOWS\ie7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://www.microsoft.com/ie

(IEData)

(InstallShield Uninstall Information)

Age of Empires III 1.00.0000 (InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97})
version: 16777216
version (major): 1
estimated size: 2181844
install date: 20061227
install location: C:\Program Files\Microsoft Games\Age of Empires III\
install source: E:\
uninstall cmd: C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
publisher: Microsoft Game Studios
help link: http://www.microsoft.com/games/age3/support.asp

Kaspersky Online Scanner 5.0 (Kaspersky Online Scanner)
install location: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner
uninstall cmd: C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
publisher: Kaspersky Lab
contact: Customer Support Department
help link: http://support.kaspersky.com/helpdesk.html?LANG=en

Windows XP Hotfix - KB834707 20040929.110854 (KB834707)
uninstall cmd: C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=834707

High Definition Audio Driver Package - KB835221 20040219.000000 (KB835221WXP)
uninstall cmd: C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB835221

Windows XP Hotfix - KB867282 20050127.090417 (KB867282)
uninstall cmd: C:\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=867282

Windows XP Hotfix - KB873333 20050114.005213 (KB873333)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873333

Windows XP Hotfix - KB873339 20041117.092459 (KB873339)
uninstall cmd: C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=873339

Beveiligingsupdate voor Windows XP (KB883939) 1 (KB883939)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=883939

(KB884016)

(KB884267)

Windows XP Hotfix - KB885250 20050118.202711 (KB885250)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885250

(KB885353)

Windows XP Hotfix - KB885835 20041027.181713 (KB885835)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885835

Windows XP Hotfix - KB885836 20041028.173203 (KB885836)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885836

Windows XP Hotfix - KB885884 20040924.025457 (KB885884)
uninstall cmd: C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=885884

Windows XP Hotfix - KB886185 20041021.090540 (KB886185)
uninstall cmd: C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=886185

(KB886612)

(KB887078)

Windows XP Hotfix - KB887472 20041014.162858 (KB887472)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887472

(KB887626)

Windows XP Hotfix - KB887742 20041103.095002 (KB887742)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887742

Windows XP Hotfix - KB887797 20041018.133824 (KB887797)
uninstall cmd: C:\WINDOWS\$NtUninstallKB887797$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=887797

High Definition Audio Driver Package - KB888111 20040219.000000 (KB888111WXPSP2)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=KB888111

Windows XP Hotfix - KB888113 20041116.131036 (KB888113)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888113

Windows XP Hotfix - KB888302 20041207.111426 (KB888302)
uninstall cmd: C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=888302

(KB888656)

(KB889858)

Beveiligingsupdate voor Windows XP (KB890046) 1 (KB890046)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890046

Windows XP Hotfix - KB890047 20041221.124506 (KB890047)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890047

Windows XP Hotfix - KB890175 20041201.233338 (KB890175)
uninstall cmd: C:\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890175

Windows XP Hotfix - KB890859 1 (KB890859)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=890859

Windows Media Format SDK Hotfix - KB891122 (KB891122)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891122

Windows XP Hotfix - KB891781 20050110.165439 (KB891781)
uninstall cmd: C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=891781

(KB892313)

Beveiligingsupdate voor Windows XP (KB893066) 2 (KB893066)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893066

(KB893240)

(KB893241)

Beveiligingsupdate voor Windows XP (KB893756) 1 (KB893756)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=893756

(KB893803)

Windows Installer 3.1 (KB893803) 3.1 (KB893803v2)
uninstall cmd: "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=42467

Update voor Windows XP (KB894391) 1 (KB894391)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=894391

janhooijen
2007-06-19, 21:37
part 5

(KB895181)

(KB895316)

(KB895572)

Hotfix voor Windows XP (KB896256) 3 (KB896256)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896256

Beveiligingsupdate voor Windows XP (KB896358) 1 (KB896358)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896358

Beveiligingsupdate voor Windows XP (KB896422) 1 (KB896422)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896422

Beveiligingsupdate voor Windows XP (KB896423) 1 (KB896423)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896423

Beveiligingsupdate voor Windows XP (KB896424) 1 (KB896424)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896424

Beveiligingsupdate voor Windows XP (KB896428) 1 (KB896428)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896428

Beveiligingsupdate voor Windows XP (KB896688) 1 (KB896688)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=896688

(KB897586)

KB898458: Beveiligingsupdate voor Step by Step Interactive Training 20050502.101010 (KB898458)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/898458

Update voor Windows XP (KB898461) 1 (KB898461)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=898461

(KB898549)

Beveiligingsupdate voor Windows XP (KB899587) 1 (KB899587)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899587

Beveiligingsupdate voor Windows XP (KB899589) 1 (KB899589)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899589$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899589

Beveiligingsupdate voor Windows XP (KB899591) 1 (KB899591)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=899591

(KB900399)

Update voor Windows XP (KB900485) 2 (KB900485)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900485

Beveiligingsupdate voor Windows XP (KB900725) 1 (KB900725)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900725

Update voor Windows XP (KB900930) 1 (KB900930)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB900930$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=900930

Beveiligingsupdate voor Windows XP (KB901017) 1 (KB901017)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901017

Beveiligingsupdate voor Windows XP (KB901214) 1 (KB901214)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=901214

Hotfix for Windows Media Format SDK (KB902344) (KB902344)
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902344

Beveiligingsupdate voor Windows XP (KB902400) 1 (KB902400)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=902400

Beveiligingsupdate voor Windows XP (KB904706) 1 (KB904706)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904706

Update voor Windows XP (KB904942) 2 (KB904942)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=904942

Beveiligingsupdate voor Windows XP (KB905414) 1 (KB905414)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905414

Beveiligingsupdate voor Windows XP (KB905749) 1 (KB905749)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905749

(KB907658)

Beveiligingsupdate voor Windows XP (KB908519) 1 (KB908519)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908519

Update voor Windows XP (KB908531) 2 (KB908531)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=908531

Pakket voor de provider van Microsoft Base-smartcardcryptografieservice (KB909520)
uninstall cmd: "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

Update voor Windows XP (KB910437) 1 (KB910437)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=910437

Update voor Windows XP (KB911280) 2 (KB911280)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911280

Beveiligingsupdate voor Windows XP (KB911562) 1 (KB911562)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911562

Beveiligingsupdate voor Windows Media Player (KB911564) (KB911564)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911564

Beveiligingsupdate for Windows Media Player 10 (KB911565) (KB911565)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=911565

Beveiligingsupdate voor Windows XP (KB911567) 1 (KB911567)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911567

(KB911854)

Beveiligingsupdate voor Windows XP (KB911927) 1 (KB911927)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=911927

Beveiligingsupdate voor Windows XP (KB912812) 1 (KB912812)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912812

Beveiligingsupdate voor Windows XP (KB912919) 1 (KB912919)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=912919

Beveiligingsupdate voor Windows XP (KB913433) (KB913433)
uninstall cmd: C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB913433.inf
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913433

Beveiligingsupdate voor Windows XP (KB913446) 1 (KB913446)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913446

Beveiligingsupdate voor Windows XP (KB913580) 1 (KB913580)
install date: 20060904
uninstall cmd: "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=913580

Beveiligingsupdate voor Windows XP (KB914388) 1 (KB914388)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914388

Beveiligingsupdate voor Windows XP (KB914389) 1 (KB914389)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914389

Hotfix voor Windows XP (KB914440) 12 (KB914440)
install date: 20070129
uninstall cmd: "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=914440

Hotfix for Windows XP (KB915865) 10 (KB915865)
install date: 20070129
uninstall cmd: "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=915865

Update voor Windows XP (KB916595) 1 (KB916595)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=916595

Beveiligingsupdate voor Windows XP (KB917159) 1 (KB917159)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917159

Security Update voor Microsoft .NET Framework 2.0 (KB917283) 1 (KB917283.T1_1ToU93_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/917283

Beveiligingsupdate voor Windows XP (KB917344) 1 (KB917344)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917344

Beveiligingsupdate voor Windows XP (KB917422) 1 (KB917422)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917422

Beveiligingsupdate for Windows Media Player 10 (KB917734) (KB917734_WMP10)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=917734

Beveiligingsupdate voor Windows XP (KB917953) 1 (KB917953)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=917953

Beveiligingsupdate voor Windows XP (KB918118) 1 (KB918118)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918118

Beveiligingsupdate voor Windows XP (KB918439) 1 (KB918439)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918439

Beveiligingsupdate voor Windows XP (KB918899) 1 (KB918899)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=918899

Beveiligingsupdate voor Windows XP (KB919007) 1 (KB919007)
install date: 20060912
uninstall cmd: "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=919007

janhooijen
2007-06-19, 21:40
part 6

Beveiligingsupdate voor Windows XP (KB920213) 1 (KB920213)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920213

Beveiligingsupdate voor Windows XP (KB920214) 1 (KB920214)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920214

Beveiligingsupdate voor Windows XP (KB920670) 1 (KB920670)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920670

Beveiligingsupdate voor Windows XP (KB920683) 1 (KB920683)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920683

Beveiligingsupdate voor Windows XP (KB920685) 1 (KB920685)
install date: 20060912
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920685

Update voor Windows XP (KB920872) 1 (KB920872)
install date: 20060912
uninstall cmd: "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=920872

Beveiligingsupdate voor Windows XP (KB921398) 1 (KB921398)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921398

Beveiligingsupdate voor Windows XP (KB921883) 1 (KB921883)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=921883

Update voor Windows XP (KB922582) 1 (KB922582)
install date: 20060912
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922582

Beveiligingsupdate voor Windows XP (KB922616) 1 (KB922616)
install date: 20060908
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922616

Beveiligingsupdate voor Windows XP (KB922760) 1 (KB922760)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922760

Security Update for Microsoft .NET Framework 2.0 (KB922770) 1 (KB922770.T1_1ToU168_1)
uninstall cmd: C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/922770

Beveiligingsupdate voor Windows XP (KB922819) 1 (KB922819)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=922819

Beveiligingsupdate voor Windows XP (KB923191) 1 (KB923191)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923191

Beveiligingsupdate voor Windows XP (KB923414) 1 (KB923414)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923414

Beveiligingsupdate for Windows XP (KB923689) (KB923689)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923689

Beveiligingsupdate voor Windows XP (KB923694) 1 (KB923694)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923694

Beveiligingsupdate voor Windows XP (KB923980) 1 (KB923980)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=923980

Beveiligingsupdate voor Windows XP (KB924191) 1 (KB924191)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924191

Beveiligingsupdate voor Windows XP (KB924270) 1 (KB924270)
install date: 20061118
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924270

Beveiligingsupdate voor Windows XP (KB924496) 1 (KB924496)
install date: 20061014
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924496

Beveiligingsupdate voor Windows XP (KB924667) 1 (KB924667)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=924667

Beveiligingsupdate voor Windows Media Player 6.4 (KB925398) (KB925398_WMP64)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=925398

Beveiligingsupdate voor Windows XP (KB925454) 1 (KB925454)
install date: 20070129
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925454

Beveiligingsupdate voor Windows XP (KB925486) 1 (KB925486)
install date: 20060927
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925486

Beveiligingsupdate voor Windows XP (KB925902) 1 (KB925902)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=925902

Hotfix for Windows XP (KB926239) 2 (KB926239)
install date: 20070209
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926239

Beveiligingsupdate voor Windows XP (KB926255) 1 (KB926255)
install date: 20061215
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926255

Beveiligingsupdate voor Windows XP (KB926436) 1 (KB926436)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=926436

Beveiligingsupdate voor Windows XP (KB927779) 1 (KB927779)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927779

Beveiligingsupdate voor Windows XP (KB927802) 1 (KB927802)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927802

Update voor Windows XP (KB927891) 3 (KB927891)
install date: 20070523
uninstall cmd: "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=927891

Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090) 20070117.120000 (KB928090-IE7)
install date: 20070216
uninstall cmd: "C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928090

Beveiligingsupdate voor Windows XP (KB928255) 1 (KB928255)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928255

Beveiligingsupdate voor Windows XP (KB928843) 1 (KB928843)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=928843

Beveiligingsupdate voor Windows XP (KB929123) 1 (KB929123)
install date: 20070612
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929123

Update voor Windows XP (KB929338) 1 (KB929338)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929338

Hotfix for Windows Media Format 11 SDK (KB929399) (KB929399)
install date: 20070315
uninstall cmd: "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com/?kbid=929399

Beveiligingsupdate voor Windows Internet Explorer 7 (KB929969) 20061222.120000 (KB929969)
install date: 20070131
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=929969

Beveiligingsupdate voor Windows XP (KB930178) 1 (KB930178)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=930178

Update voor Windows XP (KB930916) 1 (KB930916)
install date: 20070508
uninstall cmd: "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=930916

Beveiligingsupdate voor Windows XP (KB931261) 1 (KB931261)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931261

Beveiligingsupdate voor Windows Internet Explorer 7 (KB931768) 1 (KB931768-IE7)
install date: 20070508
uninstall cmd: "C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931768

Beveiligingsupdate voor Windows XP (KB931784) 1 (KB931784)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931784

Update voor Windows XP (KB931836) 1 (KB931836)
install date: 20070217
uninstall cmd: "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=931836

Beveiligingsupdate voor Windows XP (KB932168) 1 (KB932168)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=932168

Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566) 1 (KB933566-IE7)
install date: 20070612
uninstall cmd: "C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=933566

Hotfix voor Windows XP (KB935448) 1 (KB935448)
install date: 20070415
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935448$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935448

Beveiligingsupdate voor Windows XP (KB935839) 1 (KB935839)
install date: 20070612
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935839

Beveiligingsupdate voor Windows XP (KB935840) 1 (KB935840)
install date: 20070612
uninstall cmd: "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=935840

K-Lite Codec Pack 2.81 Basic 2.81 (KLiteCodecPack_is1)
install date: 20061228
install location: C:\Program Files\K-Lite Codec Pack\
uninstall cmd: "C:\Program Files\K-Lite Codec Pack\unins000.exe"

LimeWire 4.12.11 4.12.11 (LimeWire)
uninstall cmd: "C:\Program Files\LimeWire\uninstall.exe"
publisher: Lime Wire, LLC
help link: http://www.limewire.com/support

janhooijen
2007-06-19, 21:41
part 7

Microsoft .NET Framework 1.1 Hotfix (KB886903) (M886903)
uninstall cmd: "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M886903\M886903Uninstall.msp"

MagicDisc 2.5.71 (MagicDisc 2.5.71)
uninstall cmd: C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG

McAfee Wizard Installatie ongedaan maken (McAfee Uninstall Utility)
uninstall cmd: C:\PROGRA~1\McAfee.com\Shared\mcappins.exe /v=3 /uninstall=1 /interact=1 /script_proactive=0 /start=c:\PROGRA~1\mcafee.com\agent\uninst\comrem.dll::uninstall.htm

Microsoft .NET Framework 1.1 (Microsoft .NET Framework 1.1 (1033))
uninstall cmd: msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Microsoft .NET Framework 2.0 (Microsoft .NET Framework 2.0)
install location: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\
uninstall cmd: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=45396

(MobileOptionPack)

Mozilla Firefox (1.5.0.11) 1.5.0.11 (en-US) (Mozilla Firefox (1.5.0.11))
install location: C:\Program Files\Mozilla Firefox
uninstall cmd: C:\Program Files\Mozilla Firefox\uninstall\uninstall.exe /ua "1.5.0.11 (en-US)"
publisher: Mozilla

(MPlayer2)

McAfee SecurityCenter (MSC)
uninstall cmd: C:\Program Files\McAfee\MSC\mcuninst.exe

Microsoft Compression Client Pack 1.0 for Windows XP 1 (MSCompPackV1)
install date: 20070209
uninstall cmd: "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http://go.microsoft.com/fwlink/?LinkId=74087

(MSI30-Beta1)

(MSI30-Beta2)

(MSI30-KB884016)

(MSI30-RC1)

(MSI30-RC2)

(MSI30a-KB884016)

(MSI31-Beta)

(MSI31-RC1)

Nero OEM (Nero - Burning Rom!UninstallKey)
uninstall cmd: C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

Nero Digital (NeroVision!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNeroVision.exe /UNINSTALL

(NetMeeting)

Microsoft National Language Support Downlevel APIs (NLSDownlevelMapping)
install date: 20070129
uninstall cmd: "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
publisher: Microsoft Corporation

NeroVision Express Content (NVEContent!UninstallKey)
uninstall cmd: C:\WINDOWS\UNNVEContent.exe /UNINSTALL

NVIDIA Drivers (NVIDIA Drivers)
uninstall cmd: C:\WINDOWS\system32\nvudisp.exe UninstallGUI

(OutlookExpress)

(PCHealth)
uninstall cmd: rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

(SchedulingAgent)

Adobe Flash Player 9 ActiveX 9 (ShockwaveFlash)
uninstall cmd: C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
publisher: Adobe Systems Incorporated
help link: http://www.adobe.com/go/flashplayer_support/

Spybot - Search & Destroy 1.4 1.4 (Spybot - Search & Destroy_is1)
install location: C:\Program Files\Spybot - Search & Destroy\
uninstall cmd: "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
publisher: Safer Networking Limited

Creative-systeeminformatie (SysInfo)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x13 /remove

Windows Genuine Advantage Notifications (KB905474) 1.7.0018.5 (WgaNotify)
install date: 20070423
publisher: Microsoft Corporation
help link: http://support.microsoft.com?kbid=905474

Windows Media Format 11 runtime (Windows Media Format Runtime)
uninstall cmd: "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
help link: http://go.microsoft.com/fwlink/?LinkId=62768

Windows Media Player 11 (Windows Media Player)
uninstall cmd: "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

WinRAR archiver (WinRAR archiver)
uninstall cmd: C:\Program Files\WinRAR\uninstall.exe

(WMCSetup)

Windows Media Format 11 runtime (WMFDist11)
install date: 20070209
uninstall cmd: "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Windows Media Player 11 (wmp11)
install date: 20070209
uninstall cmd: "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
help link: http:

Microsoft User-Mode Driver Framework Feature Pack 1.0 (Wudf01000)
install date: 20070209
uninstall cmd: "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
publisher: Microsoft Corporation
comments: Build Number 5716

(Zen V Series Media Explorer)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x13 /remove

ZENcast Organizer (ZENcast Organizer)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x13 /remove

MySQL Connector/ODBC 3.51 3.51.12 ({0CB3C535-1171-4A20-B549-E2CB5DEB9723})
version: 53673996
version (major): 3
version (minor): 51
estimated size: 4072
install date: 20061017
install source: C:\DOCUME~1\JANHOO~1\LOCALS~1\Temp\{D02C7FBE-5EC8-4039-B514-4B9D0B0E1871}\{B7666229-351B-47D9-AA6F-DF777CF04BBF}\
uninstall cmd: MsiExec.exe /I{0CB3C535-1171-4A20-B549-E2CB5DEB9723}
publisher: MySQL AB

Sagem - 802.11g Wi-Fi USB Dongle LAN Utility ({0E691604-B328-4B4A-8F17-C9D6395075C5})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E691604-B328-4B4A-8F17-C9D6395075C5}\Setup.exe" -l0x9

Microsoft .NET Framework 1.1 Dutch Language Pack 1.1.4322 ({168F8BAC-A269-48E9-BB7A-A51B594CF6FF})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 3226
install date: 20060904
install source: C:\WINDOWS\TEMP\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1043\RepairRedist.htm

AutoUpdate 1.1 ({18D10072035C4515918F7E37EAFAACFC})
install location: C:\Program Files\DivX

2.00 ({19822917-61F6-4221-B1D0-1C3B8A06BE60})
version: 33554432
install location: C:\Program Files\Creative\SmartFill Wizard
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{19822917-61F6-4221-B1D0-1C3B8A06BE60}\setup.exe" -l0x13

Google Toolbar for Internet Explorer ({2318C2B1-4965-11d4-9B18-009027A5CD4F})
uninstall cmd: regsvr32 /u /s "c:\program files\google\googletoolbar4.dll"

Championship Manager 2007 7.0.0 ({25FED2B8-57D5-4A0D-98BF-973411E0D43E})
version: 117440512
install date: 20061127
install location: C:\Program Files\Championship Manager 2007
install source: E:\Setup\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{25FED2B8-57D5-4A0D-98BF-973411E0D43E}\Setup.exe" -l0x9 -removeonly
publisher: Eidos
help link: http://www.eidos.com/support.html
readme: C:\Program Files\Championship Manager 2007\Readme.rtf

Google Toolbar for Firefox 2.1.20060807 ({2CCBABCB-6427-4A55-B091-49864623C43F})
version: 20060807
version (major): 2
version (minor): 1
estimated size: 860
install date: 20070131
install source: C:\DOCUME~1\JANHOO~1\LOCALS~1\Temp\GGS12.tmp\
uninstall cmd: MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
publisher: Google

J2SE Runtime Environment 5.0 Update 6 1.5.0.60 ({3248F0A8-6813-11D6-A77B-00B0D0150060})
version: 17104896
version (major): 1
version (minor): 5
estimated size: 122273
install date: 20060908
install source: http://jdl.sun.com/webapps/download/GetFile/1.5.0_06plus-b05/windows-i586//
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.5.0_06\README.txt

Java(TM) SE Runtime Environment 6 Update 1 1.6.0.10 ({3248F0A8-6813-11D6-A77B-00B0D0160010})
version: 17170432
version (major): 1
version (minor): 6
estimated size: 137306
install date: 20070512
install source: http://javadl.sun.com/webapps/download/GetFile/1.6.0_01-b06/windows-i586/
uninstall cmd: MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
publisher: Sun Microsystems, Inc.
contact: http://java.com
help link: http://java.com
readme: C:\Program Files\Java\jre1.6.0_01\README.txt

WebFldrs XP 9.50.7523 ({350C9413-3D7C-4EE8-BAA9-00BCB3D54227})
version: 154279267
version (major): 9
version (minor): 50
estimated size: 2600
install date: 20050916
install source: C:\WINDOWS\system32\
publisher: Microsoft Corporation
help link: http://www.microsoft.com/windows

MSXML 4.0 SP2 (KB927978) 4.20.9841.0 ({37477865-A3F1-4772-AD43-AAFC6BCFF99F})
version: 68429425
version (major): 4
version (minor): 20
estimated size: 2625
install date: 20061118
install source: d:\9f5cd11db5fe0c5e962971d115f36ffd\
uninstall cmd: MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
publisher: Microsoft Corporation
help link: http://support.microsoft.com/kb/927978

Sid Meier's Civilization 4 - Warlords 1.00.0000 ({3E4B349F-10B5-4586-9D99-489A90A8B228})
version: 16777216
install date: 20060910
install location: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords
install source: E:\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3E4B349F-10B5-4586-9D99-489A90A8B228}\setup.exe" -l0x9 -removeonly
publisher: Firaxis Games
help link: http://www.2kgames.com/civ4/support.htm
readme: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Warlords\Readme.htm

Sid Meier's Civilization 4 1.00.0000 ({4377F918-E6C9-4ECA-A7F5-754B310B7ED8})
version: 16777216
version (major): 1
estimated size: 808
install date: 20060910
install location: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\
install source: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}\
publisher: Firaxis Games
contact: Customer Support Department
help link: http://www.2kgames.com/civ4/

Football Manager 2006 6.0.0 ({49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5})
version: 100663296
version (major): 6
estimated size: 501904
install date: 20060911
install location: C:\Program Files\Sports Interactive\Football Manager 2006\
install source: K:\PC\
uninstall cmd: MsiExec.exe /X{49CFD5D9-0556-4037-B7D6-E13ED4BEA4C5}
publisher: SEGA
help link: http://www.sega.com/support/
help telephone: 08700108002
readme: C:\Program Files\Sports Interactive\Football Manager 2006\readme_English.txt

1.0 ({57FA4E0F-82C9-417D-87BC-0186D6CB7A44})
version: 16777216
install location: C:\Program Files\Creative\DiskManager
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{57FA4E0F-82C9-417D-87BC-0186D6CB7A44}\setup.exe" -l0x13

Europa Universalis III ({59C80C5E-8C92-40FF-B910-2BB5C7281F61})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59C80C5E-8C92-40FF-B910-2BB5C7281F61}\setup.exe" -l0x9

({62369F2F77534556AEF4C58152E3BDE5})

1.0 ({63A317D0-60A6-43FC-848A-9FE4A53B29CE})
version: 16777216
install location: C:\Program Files\Creative\Support\System Information
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x13

PowerDVD ({6811CAA0-BF12-11D4-9EA1-0050BAE317E1})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall

1.10 ({700932B3-A964-4878-82A2-96054622A1F7})
version: 17432576
install location: C:\Program Files\Creative\ShareDLL\CADI
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x13

Microsoft .NET Framework 2.0 2.0.50727 ({7131646D-CD3C-40F4-97B9-CD9E4E6262EF})
version: 33605159
version (major): 2
estimated size: 218171
install date: 20061018
install source: C:\DOCUME~1\JANHOO~1\LOCALS~1\Temp\IXP000.TMP\
publisher: Microsoft Corporation

6.2.1 ({7585478E9D9B42108671C12F8714CEFE})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

DivX Codec 6.5.0 ({7B63B2922B174135AFC0E1377DD81EC2})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
publisher: DivX, Inc.

Age of Empires III 1.00.0000 ({7B9CC60A-9B81-46A3-A953-76B6BF9EEC97})
version: 16777216
version (major): 1
estimated size: 2181844
install date: 20061227
install location: C:\Program Files\Microsoft Games\Age of Empires III\
install source: E:\
publisher: Microsoft Game Studios
help link: http://www.microsoft.com/games/age3/support.asp

5.41 ({7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410})
version: 86573056
install location: C:\Program Files\Creative\Creative ZEN V Series (R2)\ZEN V Series Media Explorer
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7C9F6AF4-E9D9-47FE-BE4B-E637C2FCB410}\setup.exe" -l0x13

DivX Player 6.4.2 ({8ADFC4160D694100B5B8A22DE9DCABD9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
publisher: DivXNetworks, Inc.

Microsoft Software Update for Web Folders (Dutch) 12 12.0.4518.1017 ({90120000-0010-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 2223
install date: 20070313
install source: C:\MSOCache\All Users\{90120000-0010-0413-0000-0000000FF1CE}-C\
publisher: Microsoft Corporation

Microsoft Office Access MUI (Dutch) 2007 12.0.4518.1017 ({90120000-0015-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 32752
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0015-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Excel MUI (Dutch) 2007 12.0.4518.1017 ({90120000-0016-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 16891
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0016-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office PowerPoint MUI (Dutch) 2007 12.0.4518.1017 ({90120000-0018-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 15969
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0018-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Publisher MUI (Dutch) 2007 12.0.4518.1017 ({90120000-0019-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 24574
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0019-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Outlook MUI (Dutch) 2007 12.0.4518.1017 ({90120000-001A-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 24012
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001A-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Word MUI (Dutch) 2007 12.0.4518.1017 ({90120000-001B-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 20465
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-001B-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Proof (German) 2007 12.0.4518.1014 ({90120000-001F-0407-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 48365
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0413-0000-0000000FF1CE}-C\Proof.de\
uninstall cmd: MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Proof (English) 2007 12.0.4518.1014 ({90120000-001F-0409-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 51191
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0413-0000-0000000FF1CE}-C\Proof.en\
uninstall cmd: MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
publisher: Microsoft Corporation

janhooijen
2007-06-19, 21:42
part 8

Microsoft Office Proof (French) 2007 12.0.4518.1014 ({90120000-001F-040C-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 23416
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0413-0000-0000000FF1CE}-C\Proof.fr\
uninstall cmd: MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Proof (Dutch) 2007 12.0.4518.1017 ({90120000-001F-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 10540
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0413-0000-0000000FF1CE}-C\Proof.nl\
uninstall cmd: MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Proofing (Dutch) 2007 12.0.4518.1017 ({90120000-002C-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 482
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-002C-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Enterprise 2007 12.0.4518.1014 ({90120000-0030-0000-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 708491
install date: 20070612
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0030-0000-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
publisher: Microsoft Corporation

Update for Outlook 2007 (KB933493) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{23F2FF76-ABCD-421D-9860-0D0B2999D028})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {23F2FF76-ABCD-421D-9860-0D0B2999D028}

Security Update for Office 2007 (KB934062) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{305D509B-F194-4638-9F0F-D9E4C05F9D33})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}

Update for Office 2007 (KB934393) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}

Update for Office 2007 (KB934391) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B3091818-7C56-4C45-BE7D-CA23027A5EA5})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}

Update for Word 2007 (KB934173) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C6A89125-5473-45E3-B413-ED8186437475})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}

Security Update for Excel 2007 (KB934670) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD098537-8857-4065-B4B6-AC023CB2C48E})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD098537-8857-4065-B4B6-AC023CB2C48E}

Update for Office 2007 (KB932080) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EDC9CA29-6BC1-471C-828C-7A36109005D7})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}

Update for Office 2007 (KB933688) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F6E692F1-63C2-4760-94C6-C689DCD053F1})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6E692F1-63C2-4760-94C6-C689DCD053F1}

Update for Outlook 2007 Junk Email Filter (KB934655) ({90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F7185592-E40D-476E-9BC4-38DF96EE176B})
uninstall cmd: msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7185592-E40D-476E-9BC4-38DF96EE176B}

Microsoft Office InfoPath MUI (Dutch) 2007 12.0.4518.1017 ({90120000-0044-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 8738
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-0044-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Shared MUI (Dutch) 2007 12.0.4518.1017 ({90120000-006E-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 36998
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-006E-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office OneNote MUI (Dutch) 2007 12.0.4518.1017 ({90120000-00A1-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 31550
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-00A1-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-00A1-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

Microsoft Office Groove MUI (Dutch) 2007 12.0.4518.1017 ({90120000-00BA-0413-0000-0000000FF1CE})
version: 201331110
version (major): 12
estimated size: 4366
install date: 20070313
install location: C:\Program Files\Microsoft Office\
install source: C:\MSOCache\All Users\{90120000-00BA-0413-0000-0000000FF1CE}-C\
uninstall cmd: MsiExec.exe /X{90120000-00BA-0413-0000-0000000FF1CE}
publisher: Microsoft Corporation

5.00 ({98181885-5B28-4280-9B56-452FF877D5B9})
version: 83886080
install location: C:\Program Files\Creative\Video Converter
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{98181885-5B28-4280-9B56-452FF877D5B9}\setup.exe" -l0x13

Creative ZEN V Series (R2) 1.0 ({9862E0CB-4727-4FFC-963A-E22A9E9EC10C})
version: 16777216
install location: C:\Program Files\Creative\Creative ZEN V Series (R2)
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}\SETUP.EXE" -l0x13 /remove

5.10 ({9A0B5225-B59B-4D72-B3FE-71AAA693A8E2})
version: 84541440
install location: C:\Program Files\Creative\CD Ripping Wizard Unicode 2
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A0B5225-B59B-4D72-B3FE-71AAA693A8E2}\setup.exe" -l0x13

Microsoft Works 08.05.0822 ({A2A0A82F-025F-458d-A0CD-9BB2320804B5})
version: 134546230
version (major): 8
version (minor): 5
estimated size: 266021
install date: 20060904
install source: J:\I386\APPS\APP08016\
uninstall cmd: MsiExec.exe /I{A2A0A82F-025F-458d-A0CD-9BB2320804B5}
publisher: Microsoft Corporation
comments: Microsoft Works 8.0-installatie.
help link: http://go.microsoft.com/fwlink/?LinkId=6831
help telephone:

6.00 ({A9BB081B-C020-4D02-A763-D32204D2563D})
version: 100663296
install location: C:\Program Files\Creative\Sync Manager Unicode
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A9BB081B-C020-4D02-A763-D32204D2563D}\setup.exe" -l0x13

Adobe Reader 7.0.9 7.0.9 ({AC76BA86-7AD7-1033-7B44-A70900000002})
version: 117440521
version (major): 7
estimated size: 66715
install date: 20070209
install source: C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig709\ENU\
uninstall cmd: MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70900000002}
publisher: Adobe Systems Incorporated
comments:
contact:
help link: http://www.adobe.com/support/main.html
help telephone:
readme: C:\Program Files\Adobe\Acrobat 7.0\Reader\Readme.htm

DivX Converter 6.2.1 ({B13A7C41581B411290FBC0395694E2A9})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
publisher: DivX, Inc.

DivX Web Player 1.3.0 ({B7050CBDB2504B34BC2A9CA0A692CC29})
install location: C:\Program Files\DivX
uninstall cmd: C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
publisher: DivX,Inc.

Caesar IV 1.1 ({B7666229-351B-47D9-AA6F-DF777CF04BBF})
version: 16842752
install date: 20061017
install location: C:\Program Files\Sierra\Caesar IV\
install source: J:\
uninstall cmd: C:\Program Files\InstallShield Installation Information\{B7666229-351B-47D9-AA6F-DF777CF04BBF}\setup.exe -runfromtemp -l0x0009 -removeonly
publisher: Tilted Mill Entertainment

Creative MediaSource 5 5.00 ({BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD})
version: 83886080
install location: C:\Program Files\Creative\MediaSource5
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x13 /remove
help link: http://www.creative.com/support

1.02 ({C029DB0E-C59F-417A-90F8-88FD5B2C4AE7})
version: 16908288
install location: C:\Program Files\Creative\ZENcast Organizer
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C029DB0E-C59F-417A-90F8-88FD5B2C4AE7}\setup.exe" -l0x13

PC Inspector smart recovery 4.50 ({C9A87D86-FDFD-418B-BF96-EF09320973B3})
version: 70385664
install location: C:\Program Files\Convar\SmartRecovery
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C9A87D86-FDFD-418B-BF96-EF09320973B3}\Setup.exe" -l0x13

Microsoft .NET Framework 1.1 1.1.4322 ({CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1})
version: 16847074
version (major): 1
version (minor): 1
estimated size: 60751
install date: 20060904
install source: C:\WINDOWS\TEMP\IXP000.TMP\
uninstall cmd: MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
publisher: Microsoft
readme: file://C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\RepairRedist.htm

Sid Meier's Civilization 4 1.61 ({CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8})
version: 20774912
install date: 20060910
install location: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4
install source: C:\DOCUME~1\JANHOO~1\LOCALS~1\Temp\bye1F.tmp\Disk1\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}\setup.exe" -l0x9 -removeonly
publisher: Firaxis Games
help link: http://www.2kgames.com/civ4/support.htm
readme: C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Readme.htm

Recovery Media Creator Library Update 1.0.0 ({DE10E61F-AAC7-477A-AC6B-6EA77F9F466F})
version: 16777216
version (major): 1
estimated size: 888
install date: 20060904
install source: C:\Program Files\Common Files\Wise Installation Wizard\
uninstall cmd: MsiExec.exe /I{DE10E61F-AAC7-477A-AC6B-6EA77F9F466F}
publisher: <no manufacturer>

Realtek High Definition Audio Driver 2.00 ({F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC})
version: 33554432
install date: 20060904
install location: C:\Program Files\Realtek\InstallShield\
install source: J:\I386\APPS\APP17660\
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x13 -removeonly
publisher: Realtek Semiconductor Corp.

Family Tree Maker 2006 ({F2F4C144-7D1A-47C4-9D53-395A57B0CD64})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2F4C144-7D1A-47C4-9D53-395A57B0CD64}\setup.exe" -l0x9

Wanadoo Livebox B.0.16 ({FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E})
uninstall cmd: RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x13
contact: http://help.wanadoo.nl/
help link: http://help.wanadoo.nl/
help telephone: 0800-8048 (Nederland)

HighMAT-uitbreiding voor de wizard Cd branden van Microsoft Windows XP 1.1.1905.1 ({FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F})
version: 16844657
version (major): 1
version (minor): 1
estimated size: 2190
install date: 20060904
install location: C:\Program Files\HighMAT CD Writing Wizard\
install source: C:\WINDOWS\Downloaded Installations\{4055F991-7B47-4C71-8E67-8319C480D19A}\
uninstall cmd: MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
publisher: Microsoft Corporation
readme: C:\Program Files\HighMAT CD Writing Wizard\1043\\HighMAT_readme.htm

janhooijen
2007-06-19, 21:43
part 9

--- System Services ---
Service (registry key): .NET CLR Data
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET CLR Networking
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for Oracle
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NET Data Provider for SqlServer
Start: 0
Type: 0
Error Control: 0

Service (registry key): .NETFramework
Start: 0
Type: 0
Error Control: 0

Service (registry key): Abiosdsk
Start: 4
Type: 1
Error Control: 0

Service (registry key): abp480n5
Image path: system32\DRIVERS\ABP480N5.SYS
Image size: 23552
Image MD5: 6ABB91494FE6C59089B9336452AB2EA3
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPI
Display name: Microsoft ACPI-stuurprogramma
Image path: system32\DRIVERS\ACPI.sys
Image size: 188544
Image MD5: 12139C5B5D7366E54EF3029C65B8CA97
Start: 0
Type: 1
Error Control: 1

Service (registry key): ACPIEC
Start: 4
Type: 1
Error Control: 1

Service (registry key): adpu160m
Image path: system32\DRIVERS\adpu160m.sys
Image size: 101888
Image MD5: 9A11864873DA202C996558B2106B0BBC
Start: 0
Type: 1
Error Control: 1

Service (registry key): aec
Display name: Microsoft Kernel akoestische echo-opheffing
Image path: system32\drivers\aec.sys
Image size: 142464
Image MD5: 1EE7B434BA961EF845DE136224C30FEC
Start: 3
Type: 1
Error Control: 1

Service (registry key): AFD
Display name: AFD
Description: Omgeving voor AFD-netwerkondersteuning
Image path: \SystemRoot\System32\drivers\afd.sys
Start: 1
Type: 1
Error Control: 1

Service (registry key): agp440
Display name: Intel AGP Bus Filter
Image path: system32\DRIVERS\agp440.sys
Image size: 42368
Image MD5: 2C428FA0C3E3A01ED93C9B2A27D8D4BB
Start: 0
Type: 1
Error Control: 1

Service (registry key): agpCPQ
Display name: Compaq AGP Bus Filter
Image path: system32\DRIVERS\agpCPQ.sys
Image size: 44928
Image MD5: 67288B07D6ABA6C1267B626E67BC56FD
Start: 0
Type: 1
Error Control: 1

Service (registry key): Aha154x
Image path: system32\DRIVERS\aha154x.sys
Image size: 12800
Image MD5: C23EA9B5F46C7F7910DB3EAB648FF013
Start: 0
Type: 1
Error Control: 1

Service (registry key): aic78u2
Image path: system32\DRIVERS\aic78u2.sys
Image size: 55168
Image MD5: 19DD0FB48B0C18892F70E2E7D61A1529
Start: 0
Type: 1
Error Control: 1

Service (registry key): aic78xx
Image path: system32\DRIVERS\aic78xx.sys
Image size: 56960
Image MD5: B7FE594A7468AA0132DEB03FB8E34326
Start: 0
Type: 1
Error Control: 1

Service (registry key): Alerter
Display name: Alerter
Description: Hiermee kunnen geselecteerde gebruikers en computers bij beheerderssignalen worden gewaarschuwd. Als de service wordt gestopt, zullen programma's die gebruikmaken van beheerderssignalen deze niet ontvangen. Als deze service is uitgeschakeld, zullen alle services die van deze voorziening afhankelijk zijn niet kunnen worden gestart.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): ALG
Display name: Application Layer Gateway-service
Description: Hiermee wordt ondersteuning geboden voor protocolinvoegtoepassingen van derden voor Internet-verbinding delen en Windows Firewall.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\alg.exe
Image size: 44544
Image MD5: 15CFF49392F765356EBBF05D87FFB6B2
Start: 3
Type: 16
Error Control: 1

Service (registry key): AliIde
Image path: system32\DRIVERS\aliide.sys
Image size: 5248
Image MD5: 1140AB9938809700B46BB88E46D72A96
Start: 0
Type: 1
Error Control: 1

Service (registry key): alim1541
Display name: ALI AGP Bus Filter
Image path: system32\DRIVERS\alim1541.sys
Image size: 42752
Image MD5: F312B7CEF21EFF52FA23056B9D815FAD
Start: 0
Type: 1
Error Control: 1

Service (registry key): amdagp
Display name: AMD AGP Bus Filter Driver
Image path: system32\DRIVERS\amdagp.sys
Image size: 43008
Image MD5: 675C16A3C1F8482F85EE4A97FC0DDE3D
Start: 0
Type: 1
Error Control: 1

Service (registry key): amsint
Image path: system32\DRIVERS\amsint.sys
Image size: 12032
Image MD5: 79F5ADD8D24BD6893F2903A3E2F3FAD6
Start: 0
Type: 1
Error Control: 1

Service (registry key): AppMgmt
Display name: Application Management
Description: Hiermee worden services voor installatie van software geboden, zoals Toewijzen, Uitgeven en Verwijderen.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1

Service (registry key): Arp1394
Display name: 1394 ARP-clientprotocol
Description: 1394 ARP-clientprotocol
Image path: system32\DRIVERS\arp1394.sys
Image size: 60800
Image MD5: F0D692B0BFFB46E30EB3CEA168BBC49F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): asc
Image path: system32\DRIVERS\asc.sys
Image size: 26496
Image MD5: 62D318E9A0C8FC9B780008E724283707
Start: 0
Type: 1
Error Control: 1

Service (registry key): asc3350p
Image path: system32\DRIVERS\asc3350p.sys
Image size: 22400
Image MD5: 69EB0CC7714B32896CCBFD5EDCBEA447
Start: 0
Type: 1
Error Control: 1

Service (registry key): asc3550
Image path: system32\DRIVERS\asc3550.sys
Image size: 14848
Image MD5: 5D8DE112AA0254B907861E9E9C31D597
Start: 0
Type: 1
Error Control: 1

Service (registry key): ASP.NET
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_1.1.4322
Start: 0
Type: 0
Error Control: 0

Service (registry key): ASP.NET_2.0.50727
Start: 0
Type: 0
Error Control: 0

Service (registry key): aspnet_state
Display name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
Image size: 29896
Image MD5: D33C507942299753868204CC7642FA27
Start: 3
Type: 16
Error Control: 1

Service (registry key): AsyncMac
Display name: Stuurprogramma voor RAS asyncrone media
Description: Stuurprogramma voor RAS asyncrone media
Image path: system32\DRIVERS\asyncmac.sys
Image size: 14336
Image MD5: 02000ABF34AF4C218C35D257024807D6
Start: 3
Type: 1
Error Control: 1

Service (registry key): atapi
Display name: Standaard IDE/ESDI-vasteschijfcontroller
Image path: system32\DRIVERS\atapi.sys
Image size: 95360
Image MD5: CDFE4411A69C224BD1D11B2DA92DAC51
Start: 0
Type: 1
Error Control: 1

Service (registry key): Atdisk
Start: 4
Type: 1
Error Control: 0

Service (registry key): atksgt
Display name: atksgt
Image path: system32\DRIVERS\atksgt.sys
Image size: 271360
Image MD5: 6E996CF8459A2594E0E9609D0E34D41F
Start: 2
Type: 1
Error Control: 1

Service (registry key): Atmarpc
Display name: ATM ARP-client-protocol
Description: ATM ARP-client-protocol
Image path: system32\DRIVERS\atmarpc.sys
Image size: 59904
Image MD5: EC88DA854AB7D7752EC8BE11A741BB7F
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): AudioSrv
Display name: Windows Audio
Description: Hiermee worden audioapparaten voor op Windows-gebaseerde programma's beheerd. Als deze service wordt gestopt, functioneren audioapparaten en geluidseffecten niet juist. Als deze service wordt uitgeschakeld, kunnen de services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): audstub
Display name: Audiostub-stuurprogramma
Image path: system32\DRIVERS\audstub.sys
Image size: 3072
Image MD5: D9F724AA26C010A217C97606B160ED68
Start: 3
Type: 1
Error Control: 1

Service (registry key): BattC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Beep
Start: 1
Type: 1
Error Control: 1

Service (registry key): BITS
Display name: Intelligente achtergrondsoverdrachtservice
Description: Hiermee worden op de achtergrond gegevens tussen clients en servers overgezet. Als BITS is uitgeschakeld, werken toepassingen zoals Windows Update niet juist.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Browser
Display name: Computer Browser
Description: Hiermee wordt een bijgewerkte lijst met computers op het netwerk bijgehouden. De lijst wordt aan browsercomputers aangeboden. Als deze service is gestopt, wordt de lijst niet meer bijgehouden of bijgewerkt. Als deze service is uitgeschakeld, zullen alle services die van deze voorziening afhankelijk zijn niet kunnen worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,LanmanServer

Service (registry key): cbidf
Image path: system32\DRIVERS\cbidf2k.sys
Image size: 13952
Image MD5: 90A673FC8E12A79AFBED2576F6A7AAF9
Start: 0
Type: 1
Error Control: 1

Service (registry key): cbidf2k
Start: 4
Type: 1
Error Control: 1

Service (registry key): cd20xrnt
Image path: system32\DRIVERS\cd20xrnt.sys
Image size: 7680
Image MD5: F3EC03299634490E97BBCE94CD2954C7
Start: 0
Type: 1
Error Control: 1

Service (registry key): Cdaudio
Start: 1
Type: 1
Error Control: 0

Service (registry key): Cdfs
Start: 4
Type: 2
Error Control: 1
Depends On group: "SCSI CDROM Class"

Service (registry key): Cdrom
Display name: Cd-rom-stuurprogramma
Image path: system32\DRIVERS\cdrom.sys
Image size: 49536
Image MD5: AF9C19B3100FE010496B1A27181FBF72
Start: 1
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): Changer
Start: 1
Type: 1
Error Control: 0

janhooijen
2007-06-19, 21:44
part 10

Service (registry key): CiSvc
Display name: Indexing-service
Description: Hiermee kunt u een index maken van de inhoud en eigenschappen van bestanden op lokale en externe computers. Een flexibele zoektaal zorgt ervoor dat u snel toegang tot bestanden krijgt.
Object name: LocalSystem
Image path: %SystemRoot%\system32\cisvc.exe
Image size: 5632
Image MD5: 81700207389CBE1911A5EAEE9FC812CE
Start: 3
Type: 288
Error Control: 1
Depends On services: RPCSS

Service (registry key): ClipSrv
Display name: ClipBook
Description: Hiermee kan Plakboeken gegevens opslaan en deze delen met externe computers. Als de service wordt gestopt kan Plakboeken geen gegevens met externe computers delen. Als de service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\clipsrv.exe
Image size: 33280
Image MD5: 64D5673C075DD40E2F55387EE9B0CAD7
Start: 4
Type: 16
Error Control: 1
Depends On services: NetDDE

Service (registry key): clr_optimization_v2.0.50727_32
Display name: .NET Runtime Optimization Service v2.0.50727_X86
Description: Microsoft .NET Framework NGEN
Object name: LocalSystem
Image path: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Image size: 66240
Image MD5: 3C4D595E7F9B747325AEF28B4ADCAAE5
Start: 3
Type: 16
Error Control: 0

Service (registry key): CmdIde
Image path: system32\DRIVERS\cmdide.sys
Image size: 6656
Image MD5: 026BA1F2D9C9F742EC3823D0214CD67C
Start: 0
Type: 1
Error Control: 1

Service (registry key): COMSysApp
Display name: COM+-systeemtoepassing
Description: De configuratie en tracering van COM+-onderdelen beheren. Als de service wordt gestopt, functioneren de meeste COM+-onderdelen niet goed. Als deze service wordt uitgeschakeld, kunnen services die expliciet hiervan afhankelijk zijn, niet worden gestart.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Image size: 5120
Image MD5: DAC52B0D256E0D48ED589DDA9133EC79
Start: 3
Type: 16
Error Control: 1
Depends On services: rpcss

Service (registry key): ContentFilter
Start: 0
Type: 0
Error Control: 0

Service (registry key): ContentIndex
Start: 0
Type: 0
Error Control: 0

Service (registry key): Cpqarray
Image path: system32\DRIVERS\cpqarray.sys
Image size: 14976
Image MD5: 3EE529119EED34CD212A215E8C40D4B6
Start: 0
Type: 1
Error Control: 1

Service (registry key): Creative Service for CDROM Access
Display name: Creative Service for CDROM Access
Object name: LocalSystem
Image path: C:\WINDOWS\system32\CTsvcCDA.exe
Image size: 44032
Image MD5: 3C8B6609712F4FF78E521F6DCFC4032B
Start: 2
Type: 16
Error Control: 1

Service (registry key): CryptSvc
Display name: Services voor cryptografie
Description: Hiermee worden drie beheersservices geboden: de Catalog Database-service, die de handtekeningen van Windows-bestanden bevestigt, de Protected Root-service, die op deze computer certificaten van vertrouwde basiscertificeringsinstanties toevoegt en verwijdert, en de Key-service, die helpt bij het inschrijven van deze computer voor certificaten. Als deze service wordt uitgeschakeld, kunnen services die afhankelijk zijn van deze service niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): dac2w2k
Image path: system32\DRIVERS\dac2w2k.sys
Image size: 179584
Image MD5: E550E7418984B65A78299D248F0A7F36
Start: 0
Type: 1
Error Control: 1

Service (registry key): dac960nt
Image path: system32\DRIVERS\dac960nt.sys
Image size: 14720
Image MD5: 683789CAA3864EB46125AE86FF677D34
Start: 0
Type: 1
Error Control: 1

Service (registry key): DcomLaunch
Display name: DCOM Server Process Launcher
Description: Hiermee wordt opstartfunctionaliteit voor DCOM-services geboden
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost -k DcomLaunch
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): Dhcp
Display name: DHCP Client
Description: Hiermee wordt de netwerkconfiguratie beheerd via het registreren en bijwerken van IP-adressen en DNS-namen.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd,NetBT

Service (registry key): Disk
Display name: Stuurprogramma voor schijfstations
Image path: system32\DRIVERS\disk.sys
Image size: 36352
Image MD5: 00CA44E4534865F8A3B64F7C0984BFF0
Start: 0
Type: 1
Error Control: 1
Depends On group: "SCSI miniport"

Service (registry key): dmadmin
Display name: Logical Disk Manager Administrative-service
Description: Hiermee worden vaste schijven en volumes geconfigureerd. De service is alleen actief tijdens de configuratie en wordt daarna gestopt.
Object name: LocalSystem
Image path: %SystemRoot%\System32\dmadmin.exe /com
Image size: 225280
Image MD5: 97BEBE57053254D565DA19D558EFF626
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay,DmServer

Service (registry key): dmboot
Image path: System32\drivers\dmboot.sys
Image size: 800000
Image MD5: D9542B70560CDA5C4F5E62B1EED412CD
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmio
Image path: System32\drivers\dmio.sys
Image size: 153856
Image MD5: B5F7AC6BB9445E9C59E0686FE52A47E8
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmload
Image path: System32\drivers\dmload.sys
Image size: 5888
Image MD5: E9317282A63CA4D188C0DF5E09C6AC5F
Start: 4
Type: 1
Error Control: 1

Service (registry key): dmserver
Display name: Logical Disk Manager
Description: Hiermee worden voor configuratie nieuwe vaste schijven gedetecteerd en gegevens van het schijfvolume verzonden naar de Logical Disk Manager Administrative-service. Als deze service wordt gestopt, is het mogelijk dat de status van de dynamische schijf en de configuratiegegevens verouderen. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet starten.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs,PlugPlay

Service (registry key): DMusic
Display name: Microsoft Kernel DLS-synthesizer
Image path: system32\drivers\DMusic.sys
Image size: 52864
Image MD5: A6F881284AC1150E37D9AE47FF601267
Start: 3
Type: 1
Error Control: 1

Service (registry key): Dnscache
Display name: DNS Client
Description: Hiermee worden DNS-namen voor deze computer omgezet en in cache opgeslagen. Als deze service is gestopt, kan deze computer geen DNS-namen omzetten en domeincontrollers in Active Directory vinden. Als deze service is uitgeschakeld, zullen alle services die van deze voorziening afhankelijk zijn niet kunnen worden gestart.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost.exe -k NetworkService
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: Tcpip

Service (registry key): dpti2o
Image path: system32\DRIVERS\dpti2o.sys
Image size: 20192
Image MD5: 40F3B93B4E5B0126F2F5C0A7A5E22660
Start: 0
Type: 1
Error Control: 1

Service (registry key): drmkaud
Display name: Microsoft Kernel DRM-audiodecoder
Image path: system32\drivers\drmkaud.sys
Image size: 2944
Image MD5: 1ED4DBBAE9F5D558DBBA4CC450E3EB2E
Start: 3
Type: 1
Error Control: 1

Service (registry key): dtscsi
Image path: \SystemRoot\System32\Drivers\dtscsi.sys
Start: 3
Type: 1
Error Control: 1

Service (registry key): Emproxy
Display name: McAfee E-mail Proxy
Description: Hiermee scant u inkomende (POP3) en uitgaande (SMTP) e-mailberichten en bijlagen op virussen en andere bedreigingen.
Object name: LocalSystem
Image path: C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
Image size: 341584
Image MD5: DB415BB143CD8AE0BCD62E3448667C43
Start: 3
Type: 16
Error Control: 1

Service (registry key): ERSvc
Display name: Service voor het rapporteren van fouten
Description: Hiermee kunnen services en toepassingen die worden uitgevoerd in omgevingen die niet standaard zijn, fouten rapporteren.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Eventlog
Display name: Event Log
Description: Hiermee kunnen gebeurtenisberichten die worden uitgegeven door programma's en onderdelen van Windows worden weergegeven in Logboeken. Deze service kan niet worden gestopt.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108544
Image MD5: 39991CD3C17B7529D039151A88E84499
Start: 2
Type: 32
Error Control: 1

Service (registry key): EventSystem
Display name: COM+-gebeurtenissysteem
Description: Ondersteunt SENS (System Event Notification Service), waarbij automatische distributie van gegevens voor het abonneren op COM-componenten (Component Object Model) mogelijk wordt gemaakt. Als de service wordt stopgezet, wordt SENS afgesloten en kan deze service geen aan- en afmeldingsberichten bieden. Als deze service wordt uitgeschakeld, kunnen services die expliciet hiervan afhankelijk zijn, niet worden gestart.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Fastfat
Start: 4
Type: 2
Error Control: 1

Service (registry key): FastUserSwitchingCompatibility
Display name: Compatibiliteit voor Snelle gebruikerswisseling
Description: Hiermee beschikt u over een voorziening waarmee het mogelijk is toepassingen te beheren in een omgeving met meerdere gebruikers.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: TermService

Service (registry key): Fdc
Display name: Stuurprogramma voor diskettestationcontroller
Image path: system32\DRIVERS\fdc.sys
Image size: 27392
Image MD5: CED2E8396A8838E59D8FD529C680E02C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Fips
Start: 1
Type: 1
Error Control: 1

Service (registry key): Flpydisk
Display name: Stuurprogramma voor diskettestation
Image path: system32\DRIVERS\flpydisk.sys
Image size: 20480
Image MD5: 0DD1DE43115B93F4D85E889D7A86F548
Start: 3
Type: 1
Error Control: 1

Service (registry key): FltMgr
Display name: FltMgr
Description: Stuurprogramma voor filterbeheer van het bestandssysteem
Image path: system32\DRIVERS\fltMgr.sys
Image size: 128896
Image MD5: 3D234FB6D6EE875EB009864A299BEA29
Start: 0
Type: 2
Error Control: 1

Service (registry key): Fs_Rec
Start: 1
Type: 8
Error Control: 0

Service (registry key): Ftdisk
Display name: Stuurprogramma voor Volumebeheer
Image path: system32\DRIVERS\ftdisk.sys
Image size: 125696
Image MD5: FA8CA22E70245C81FF29C36AF56292FC
Start: 0
Type: 1
Error Control: 1

Service (registry key): Gpc
Display name: Algemene pakketclassificeerder
Description: Algemene pakketclassificeerder
Image path: system32\DRIVERS\msgpc.sys
Image size: 35072
Image MD5: C0F1D4A21DE5A415DF8170616703DEBF
Start: 3
Type: 1
Error Control: 1

Service (registry key): gusvc
Display name: Google Updater Service
Object name: LocalSystem
Image path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Image size: 138168
Image MD5: 751C1D2CA2ABF4A9F5A6B8D7D45B907C
Start: 3
Type: 16
Error Control: 0
Depends On services: RPCSS

Service (registry key): HDAudBus
Display name: Microsoft UAA Bus Driver for High Definition Audio
Image path: system32\DRIVERS\HDAudBus.sys
Image size: 138752
Image MD5: 3FCC124B6E08EE0E9351F717DD136939
Start: 3
Type: 1
Error Control: 1

Service (registry key): helpsvc
Display name: Help en ondersteuning
Description: Hiermee kan Help en ondersteuning op deze computer worden uitgevoerd. Als de service wordt gestopt, is Help en ondersteuning niet beschikbaar. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): HidServ
Display name: HID Input Service
Description: Toegang voor generieke invoer voor apparaten met een speciale gebruikersinterface, die het gebruik van voorgedefinieerde toetsen op toetsenborden, afstandsbedieningen en andere multimedia-apparaten activeert en onderhoudt. Als deze service wordt gestopt, functioneren de toetsen die door deze service worden beheerd niet. Als deze service wordt uitgeschakeld, kunnen de services die van deze service afhankelijk zijn niet worde gestart.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): HidUsb
Display name: Microsoft HID Class-stuurprogramma
Image path: system32\DRIVERS\hidusb.sys
Image size: 9600
Image MD5: 1DE6783B918F540149AA69943BDFEBA8
Start: 3
Type: 1
Error Control: 0

Service (registry key): hpn
Image path: system32\DRIVERS\hpn.sys
Image size: 25952
Image MD5: B028377DEA0546A5FCFBA928A8AEFAE0
Start: 0
Type: 1
Error Control: 1

Service (registry key): HTTP
Display name: HTTP
Description: Met deze service wordt HTTP (Hypertext Transfer Protocol) geïmplementeerd. Als deze service is uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Image path: System32\Drivers\HTTP.sys
Image size: 262784
Image MD5: CB77BB47E67E84DEB17BA29632501730
Start: 3
Type: 1
Error Control: 1

Service (registry key): HTTPFilter
Display name: HTTP SSL
Description: Met deze service wordt HTTPS (Secure Hypertext Transfer Protocol) voor de HTTP-service geïmplementeerd, hiervoor wordt gebruik gemaakt van SSL (Secure Socket Layer). Als deze service is uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k HTTPFilter
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): i2omgmt
Start: 1
Type: 1
Error Control: 1

Service (registry key): i2omp
Image path: system32\DRIVERS\i2omp.sys
Image size: 18560
Image MD5: ED6BF9E441FDEA13292A6D30A64A24C3
Start: 0
Type: 1
Error Control: 1

Service (registry key): i8042prt
Display name: Stuurprogramma voor i8042-toetsenbord en PS/2-muispoort
Image path: system32\DRIVERS\i8042prt.sys
Image size: 53760
Image MD5: DDB567B5FE32D917A34B98DE50B3C923
Start: 1
Type: 1
Error Control: 1

Service (registry key): IDriverT
Display name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Image size: 69632
Image MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Start: 3
Type: 16
Error Control: 0

Service (registry key): Imapi
Display name: Filterstuurprogramma voor het branden van cd's
Image path: system32\DRIVERS\imapi.sys
Image size: 41856
Image MD5: F8AA320C6A0409C0380E5D8A99D76EC6
Start: 1
Type: 1
Error Control: 1

Service (registry key): ImapiService
Display name: COM-service voor IMAPI cd-branders
Description: Deze service beheert het beschrijven van cd's via de IMAPI-interface. Als deze service wordt gestopt, kunnen er met deze computer geen cd worden gebrand. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\imapi.exe
Image size: 150016
Image MD5: F85149AA4AFEA9200484715CF15F568D
Start: 3
Type: 16
Error Control: 1

Service (registry key): inetaccs
Start: 0
Type: 0
Error Control: 0

Service (registry key): ini910u
Image path: system32\DRIVERS\ini910u.sys
Image size: 16000
Image MD5: 4A40E045FAEE58631FD8D91AFC620719
Start: 0
Type: 1
Error Control: 1

Service (registry key): Inport
Start: 0
Type: 0
Error Control: 0

Service (registry key): IntcAzAudAddService
Display name: Service for Realtek HD Audio (WDM)
Image path: system32\drivers\RtkHDAud.sys
Image size: 4034048
Image MD5: 27B220620A480E54BF57E4750CA9B65F
Start: 3
Type: 1
Error Control: 1

janhooijen
2007-06-19, 21:45
part 11

Service (registry key): IntelIde
Image path: system32\DRIVERS\intelide.sys
Image size: 5632
Image MD5: 133B243EE5CCC607686A5648B807542D
Start: 0
Type: 1
Error Control: 1

Service (registry key): intelppm
Display name: Intel GV3-processorstuurprogramma
Image path: system32\DRIVERS\intelppm.sys
Image size: 40192
Image MD5: 17F6AE3CB6B478C6054E2E894A6D89BF
Start: 1
Type: 1
Error Control: 1

Service (registry key): Ip6Fw
Display name: IPv6 Windows Firewall Driver
Description: Hiermee wordt een service geboden om een thuisnetwerk of klein bedrijfsnetwerk te beschermen tegen indringers.
Image path: system32\DRIVERS\Ip6Fw.sys
Image size: 29056
Image MD5: 4448006B6BC60E6C027932CFC38D6855
Start: 3
Type: 1
Error Control: 1

Service (registry key): IpFilterDriver
Display name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Image path: System32\DRIVERS\ipfltdrv.sys
Image size: 32896
Image MD5: 731F22BA402EE4B62748ADAF6363C182
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpInIp
Display name: IP in IP Tunnel Driver
Description: IP in IP Tunnel Driver
Image path: system32\DRIVERS\ipinip.sys
Image size: 20992
Image MD5: E1EC7F5DA720B640CD8FB8424F1B14BB
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IpNat
Display name: IP Network Address Translator
Description: IP Network Address Translator
Image path: system32\DRIVERS\ipnat.sys
Image size: 134912
Image MD5: E2168CBC7098FFE963C6F23F472A3593
Start: 3
Type: 1
Error Control: 1
Depends On services: Tcpip

Service (registry key): IPSec
Display name: IPSEC-stuurprogramma
Description: IPSEC-stuurprogramma
Image path: system32\DRIVERS\ipsec.sys
Image size: 74752
Image MD5: 64537AA5C003A6AFEEE1DF819062D0D1
Start: 1
Type: 1
Error Control: 1

Service (registry key): IRENUM
Display name: IR Enumerator-service
Image path: system32\DRIVERS\irenum.sys
Image size: 11264
Image MD5: 50708DAA1B1CBB7D6AC1CF8F56A24410
Start: 3
Type: 1
Error Control: 1

Service (registry key): ISAPISearch
Start: 0
Type: 0
Error Control: 0

Service (registry key): isapnp
Display name: PnP ISA/EISA Bus-stuurprogramma
Image path: system32\DRIVERS\isapnp.sys
Image size: 36352
Image MD5: FD298AD13ACB19FC43B627ACA0806231
Start: 0
Type: 1
Error Control: 3

Service (registry key): Kbdclass
Display name: Stuurprogramma voor verschillende toetsenbordtypen
Image path: system32\DRIVERS\kbdclass.sys
Image size: 25216
Image MD5: 59549E9180CE29D832289E1A1D9E3C60
Start: 1
Type: 1
Error Control: 1

Service (registry key): kbdhid
Display name: Stuurprogramma voor toetsenbord-HID
Image path: system32\DRIVERS\kbdhid.sys
Image size: 14848
Image MD5: 6B97674104B15A2DD135F7B365223194
Start: 1
Type: 1
Error Control: 0

Service (registry key): kmixer
Display name: Microsoft Kernel Wave-audiomixer
Image path: system32\drivers\kmixer.sys
Image size: 172416
Image MD5: BA5DEDA4D934E6288C2F66CAF58D2562
Start: 3
Type: 1
Error Control: 1

Service (registry key): KSecDD
Start: 0
Type: 1
Error Control: 1

Service (registry key): lanmanserver
Display name: Server
Description: Hiermee wordt ondersteuning geboden voor het via het netwerk delen van bestanden, printers en named pipes voor deze computer. Als deze service is gestopt, zijn deze functies niet beschikbaar. Als deze service is uitgeschakeld, zullen alle services die van deze voorziening afhankelijk zijn niet kunnen worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): lanmanworkstation
Display name: Workstation
Description: Hiermee worden netwerkverbindingen van clients naar externe servers tot stand gebracht en in stand gehouden. Als deze service is gestopt, zijn deze verbindingen niet beschikbaar. Als deze service is uitgeschakeld, zullen alle services die van deze voorziening afhankelijk zijn niet kunnen worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): lbrtfdc
Start: 1
Type: 1
Error Control: 0

Service (registry key): ldap
Start: 0
Type: 0
Error Control: 0

Service (registry key): LicenseService
Start: 0
Type: 0
Error Control: 0

Service (registry key): lirsgt
Display name: lirsgt
Image path: system32\DRIVERS\lirsgt.sys
Image size: 18048
Image MD5: 975B6CF65F44E95883F3855BAE8CECAF
Start: 2
Type: 1
Error Control: 1

Service (registry key): LmHosts
Display name: TCP/IP NetBIOS Helper
Description: Hiermee wordt ondersteuning geboden voor NetBIOS via TCP/IP (NetBT) en NetBIOS-naamomzetting inschakelen.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: NetBT,Afd

Service (registry key): McAfee HackerWatch Service
Display name: McAfee HackerWatch Service
Description: McAfee HackerWatch Service
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe"
Image size: 540776
Image MD5: 359B5C5CAB0CA31061506E51CCBAF4B1
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): mcdbus
Display name: Driver for MagicISO SCSI Host Controller
Image path: system32\DRIVERS\mcdbus.sys
Image size: 92288
Image MD5: 8596C21878B73AD78A222811115FED9E
Start: 3
Type: 1
Error Control: 1

Service (registry key): mcmispupdmgr
Display name: McAfee Update Manager
Description: Hiermee downloadt en installeert u updates voor McAfee-programma's.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
Image size: 689752
Image MD5: 993582EC1CF765206CF9D4D5CA22589F
Start: 3
Type: 272
Error Control: 1

Service (registry key): mcmscsvc
Display name: McAfee Services
Description: Hiermee beheert u McAfee-gebruikers.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
Image size: 361560
Image MD5: BB8A45E65BE310996A201F8A75646A8D
Start: 2
Type: 16
Error Control: 1

Service (registry key): McNASvc
Display name: McAfee Network Agent
Description: Allows McAfee applications to communicate securely on the local network.
Object name: LocalSystem
Image path: "c:\program files\common files\mcafee\mna\mcnasvc.exe"
Image size: 2209320
Image MD5: 4C5B97B76C13D9154AA91D0C754E79E3
Start: 2
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): McODS
Display name: McAfee Scanner
Description: Hiermee worden opgegeven locaties op deze computer gescand op virussen en andere bedreigingen. De service wordt uitgevoerd runs voor geplande en handmatige scans.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
Image size: 362064
Image MD5: D984FAF698966AA360C1702EF623C3F9
Start: 2
Type: 16
Error Control: 1

Service (registry key): mcpromgr
Display name: McAfee Protection Manager
Description: Hiermee beheert u beveiligingsproblemen op deze computer voor McAfee-programma's.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
Image size: 493144
Image MD5: 14313FF5203DF7CB53E8D2F18F59D4D2
Start: 2
Type: 16
Error Control: 1

Service (registry key): McRedirector
Display name: McAfee Redirector Service
Description: McAfee Redirector Service
Object name: LocalSystem
Image path: c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
Image size: 248416
Image MD5: 825040724CA09837719022D7181C555C
Start: 2
Type: 16
Error Control: 1

Service (registry key): McShield
Display name: McAfee Real-time Scanner
Description: Hiermee wordt gescand op virussen en andere bedreigingen zodra deze door de computer worden gebruikt.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
Image size: 144960
Image MD5: B74CEBEF7F2126F68CDC060C855E5AAB
Start: 2
Type: 16
Error Control: 1

Service (registry key): McSysmon
Display name: McAfee SystemGuards
Description: Hiermee wordt gecontroleerd op ongeoorloofde wijzigingen op deze computer.
Object name: LocalSystem
Image path: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
Image size: 643664
Image MD5: 9770A8706BBA3C4CBEA998D2A6BF2D08
Start: 2
Type: 16
Error Control: 1

Service (registry key): MDC8021X
Display name: AEGIS Protocol (IEEE 802.1x) v2.3.1.9
Description: AEGIS Protocol (IEEE 802.1x) v2.3.1.9
Image path: system32\DRIVERS\mdc8021x.sys
Image size: 15781
Image MD5: D7010580BF4E45D5E793A1FE75758C69
Start: 2
Type: 1
Error Control: 1

Service (registry key): Messenger
Display name: Messenger
Description: Hiermee worden berichten tussen clients en servers uitgewisseld die met behulp van de opdracht net send of de Alerter-service zijn gestart. Deze service is niet gerelateerd aan Windows Messenger. Als deze service is gestopt, zal de Alerter-service geen berichten verzenden. Als deze service is uitgeschakeld, zullen alle services die van deze voorziening afhankelijk zijn niet kunnen worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 4
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation,NetBIOS,PlugPlay,RpcSS

Service (registry key): mfeavfk
Display name: McAfee Inc.
Image path: system32\drivers\mfeavfk.sys
Image size: 71496
Image MD5: F5250976C1334C1E4FECEDDCDF02353E
Start: 3
Type: 1
Error Control: 1

Service (registry key): mfebopk
Display name: McAfee Inc.
Image path: system32\drivers\mfebopk.sys
Image size: 34184
Image MD5: 787702627CC0770F45206F4034390580
Start: 3
Type: 1
Error Control: 1

Service (registry key): mfehidk
Display name: McAfee Inc.
Image path: system32\drivers\mfehidk.sys
Image size: 170408
Image MD5: 241C09C7D8C589EA1D72A36E6578E42C
Start: 3
Type: 1
Error Control: 1

Service (registry key): mferkdk
Display name: McAfee Inc.
Image path: system32\drivers\mferkdk.sys
Image size: 32008
Image MD5: A321C17FADAD2665C455C6D39E465FE0
Start: 3
Type: 1
Error Control: 1

Service (registry key): mfesmfk
Display name: McAfee Inc.
Image path: system32\drivers\mfesmfk.sys
Image size: 37480
Image MD5: 1FBDD2EB37CE910D6CEE60140C400B6A
Start: 3
Type: 1
Error Control: 1

Service (registry key): Microsoft Office Groove Audit Service
Display name: Microsoft Office Groove Audit Service
Object name: NT AUTHORITY\LocalService
Image path: "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe"
Image size: 65824
Image MD5: FAFE367D032ED82E9332B4C741A20216
Start: 3
Type: 16
Error Control: 1

Service (registry key): mnmdd
Start: 1
Type: 1
Error Control: 0

Service (registry key): mnmsrvc
Display name: Delen van Extern bureaublad met NetMeeting
Description: Hiermee kunnen gemachtigde personen dit Windows-bureaublad extern benaderen via NetMeeting.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\mnmsrvc.exe
Image size: 32768
Image MD5: 8CA3298EE96D6B75F28C991518DC2DD9
Start: 3
Type: 272
Error Control: 1

Service (registry key): Modem
Start: 3
Type: 1
Error Control: 0

Service (registry key): Mouclass
Display name: Stuurprogramma voor muistypen
Image path: system32\DRIVERS\mouclass.sys
Image size: 23552
Image MD5: 0FF36CA1AC0B7D2E46C291D30B516DF1
Start: 1
Type: 1
Error Control: 1

Service (registry key): mouhid
Display name: Stuurprogramma voor muis-HID
Image path: system32\DRIVERS\mouhid.sys
Image size: 12288
Image MD5: 18017899254E01371E1A39754D6BF98C
Start: 3
Type: 1
Error Control: 0

Service (registry key): MountMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): MPFP
Display name: MPFP
Image path: System32\Drivers\Mpfp.sys
Image size: 107608
Image MD5: 8C5842DE130C8920050EA80DBE8F746B
Start: 1
Type: 1
Error Control: 1
Depends On services: TcpIp

Service (registry key): MpfService
Display name: McAfee Personal Firewall Service
Description: MpfService
Object name: LocalSystem
Image path: "C:\Program Files\McAfee\MPF\MPFSrv.exe"
Image size: 839720
Image MD5: 0928B5DBBF198340D5FF7EDA01922791
Start: 2
Type: 272
Error Control: 1

Service (registry key): mraid35x
Image path: system32\DRIVERS\mraid35x.sys
Image size: 17280
Image MD5: 3F4BB95E5A44F3BE34824E8E7CAF0737
Start: 0
Type: 1
Error Control: 1

Service (registry key): MRxDAV
Display name: WebDav-client-redirector
Description: WebDav-client-redirector
Image path: system32\DRIVERS\mrxdav.sys
Image size: 181248
Image MD5: 46EDCC8F2DB2F322C24F48785CB46366
Start: 3
Type: 2
Error Control: 1

Service (registry key): MRxSmb
Display name: MRXSMB
Description: MRXSMB
Image path: system32\DRIVERS\mrxsmb.sys
Image size: 453120
Image MD5: 025AF03CE51645C62F3B6907A7E2BE5E
Start: 1
Type: 2
Error Control: 1

Service (registry key): MSDTC
Display name: Distributed Transaction Coordinator
Description: Coördineert transacties die meerdere bronbeheermethoden omvatten, zoals databases, wachtrijen en bestandssystemen. Als deze service wordt stopgezet, worden deze transacties niet uitgevoerd. Als deze service wordt uitgeschakeld, kunnen services die expliciet hiervan afhankelijk zijn, niet worden gestart.
Object name: NT AUTHORITY\NetworkService
Image path: C:\WINDOWS\system32\msdtc.exe
Image size: 6144
Image MD5: AEFD24AA5703407480527C395EE07565
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS,SamSS

Service (registry key): Msfs
Start: 1
Type: 2
Error Control: 1

janhooijen
2007-06-19, 21:46
part 12

Service (registry key): MSIServer
Display name: Windows Installer
Description: Hiermee worden toepassingen die als een Windows Installer-pakket (*.msi) worden aangeboden, toegevoegd, aangepast en verwijderd. Als deze service is uitgeschakeld, kunnen services die van deze service afhankelijk zijn, niet worden gestart.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\msiexec.exe /V
Image size: 78848
Image MD5: F5F0146580E7023ADB963879840777F8
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): MSKSSRV
Display name: Microsoft Streaming Service-proxy
Image path: system32\drivers\MSKSSRV.sys
Image size: 7552
Image MD5: AE431A8DD3C1D0D0610CDBAC16057AD0
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPCLOCK
Display name: Microsoft Streaming Clock-proxy
Image path: system32\drivers\MSPCLOCK.sys
Image size: 5376
Image MD5: 13E75FEF9DFEB08EEDED9D0246E1F448
Start: 3
Type: 1
Error Control: 1

Service (registry key): MSPQM
Display name: Microsoft Streaming Kwaliteitsbeheer Proxy
Image path: system32\drivers\MSPQM.sys
Image size: 4992
Image MD5: 1988A33FF19242576C3D0EF9CE785DA7
Start: 3
Type: 1
Error Control: 1

Service (registry key): mssmbios
Display name: BIOS-stuurprogramma voor Microsoft Systeembeheer
Image path: system32\DRIVERS\mssmbios.sys
Image size: 15488
Image MD5: 469541F8BFD2B32659D5D463A6714BCE
Start: 3
Type: 1
Error Control: 1

Service (registry key): Mup
Display name: Mup
Start: 0
Type: 2
Error Control: 1

Service (registry key): NDIS
Display name: NDIS-systeemstuurprogramma
Start: 0
Type: 1
Error Control: 1

Service (registry key): NdisTapi
Display name: RAS NDIS TAPI-stuurprogramma
Description: RAS NDIS TAPI-stuurprogramma
Image path: system32\DRIVERS\ndistapi.sys
Image size: 9600
Image MD5: 08D43BBDACDF23F34D79E44ED35C1B4C
Start: 3
Type: 1
Error Control: 1

Service (registry key): Ndisuio
Display name: I/O-protocol van NDIS-gebruikermodus
Description: I/O-protocol van NDIS-gebruikermodus
Image path: system32\DRIVERS\ndisuio.sys
Image size: 12928
Image MD5: 34D6CD56409DA9A7ED573E1C90A308BF
Start: 3
Type: 1
Error Control: 1

Service (registry key): NdisWan
Display name: RAS NDIS WAN-stuurprogramma
Description: RAS NDIS WAN-stuurprogramma
Image path: system32\DRIVERS\ndiswan.sys
Image size: 91776
Image MD5: 0B90E255A9490166AB368CD55A529893
Start: 3
Type: 1
Error Control: 1

Service (registry key): NDProxy
Start: 3
Type: 1
Error Control: 1

Service (registry key): NetBIOS
Display name: NetBIOS-interface
Description: NetBIOS-interface
Image path: system32\DRIVERS\netbios.sys
Image size: 34560
Image MD5: 3A2ACA8FC1D7786902CA434998D7CEB4
Start: 1
Type: 2
Error Control: 1

Service (registry key): NetBT
Display name: NetBios over Tcpip
Description: NetBios over Tcpip
Image path: system32\DRIVERS\netbt.sys
Image size: 162816
Image MD5: 0C80E410CD2F47134407EE7DD19CC86B
Start: 1
Type: 1
Error Control: 1
Depends On services: Tcpip,MPFP

Service (registry key): NetDDE
Display name: Network DDE
Description: Hiermee wordt netwerktransport en netwerkbeveiliging geboden voor dynamische gegevensuitwisseling (DDE) voor programma's die op dezelfde computer of verschillende computers worden uitgevoerd. Als de service wordt gestopt, zijn DDE-transport en -beveiliging niet beschikbaar. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 113664
Image MD5: 7E61D52D2D9259C63DFB6C156719D3B4
Start: 4
Type: 32
Error Control: 1
Depends On services: NetDDEDSDM

Service (registry key): NetDDEdsdm
Display name: Network DDE DSDM
Description: Hiermee worden gedeelde netwerkshares voor dynamische gegevensuitwisseling (DDE) beheerd. Als deze service wordt gestopt, zijn de DDE-netwerkshares niet beschikbaar. Als de service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\netdde.exe
Image size: 113664
Image MD5: 7E61D52D2D9259C63DFB6C156719D3B4
Start: 4
Type: 32
Error Control: 1

Service (registry key): Netlogon
Display name: Net Logon
Description: Hiermee wordt ondersteuning geboden voor indirecte verificatie van accountaanmeldingsgebeurtenissen voor computers in een domein.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 34A82DEBEFB057FCCCBE15F619FC98A7
Start: 3
Type: 32
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): Netman
Display name: Network Connections
Description: Hiermee worden objecten beheerd in de map Netwerk- en inbelverbindingen, waarin u zowel LAN- als externe verbindingen kunt weergeven
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): NIC1394
Display name: 1394-stuurprogramma
Image path: system32\DRIVERS\nic1394.sys
Image size: 61824
Image MD5: 5C5C53DB4FEF16CF87B9911C7E8C6FBC
Start: 3
Type: 1
Error Control: 1

Service (registry key): Nla
Display name: Network Location Awareness (NLA)
Description: Hiermee worden de configuratie- en locatiegegevens van het netwerk verzameld en opgeslagen en worden toepassingen ingelicht als deze gegevens worden gewijzigd.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: Tcpip,Afd

Service (registry key): Npfs
Start: 1
Type: 2
Error Control: 1

Service (registry key): Ntfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): NtLmSsp
Display name: NT LM Security Support Provider
Description: Hiermee wordt beveiliging geboden voor RPC-programma's (Remote procedure call) die andere transporten gebruiken dan named pipes.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 34A82DEBEFB057FCCCBE15F619FC98A7
Start: 3
Type: 32
Error Control: 1

Service (registry key): NtmsSvc
Display name: Verwisselbare opslag
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Null
Start: 1
Type: 1
Error Control: 1

Service (registry key): nv
Image path: system32\DRIVERS\nv4_mini.sys
Image size: 3650368
Image MD5: 29B9163A6D9C486DCAEFED190130ACB0
Start: 3
Type: 1
Error Control: 0

Service (registry key): NVSvc
Display name: NVIDIA Display Driver Service
Description: Provides system and desktop level support to the NVIDIA display driver
Object name: LocalSystem
Image path: %SystemRoot%\system32\nvsvc32.exe
Image size: 143436
Image MD5: AA78C4677E06CFD4FE048718EE7F6332
Start: 2
Type: 16
Error Control: 1

Service (registry key): NwlnkFlt
Display name: IPX Traffic Filter Driver
Description: IPX Traffic Filter Driver
Image path: system32\DRIVERS\nwlnkflt.sys
Image size: 12416
Image MD5: B305F3FAD35083837EF46A0BBCE2FC57
Start: 3
Type: 1
Error Control: 1
Depends On services: NwlnkFwd

Service (registry key): NwlnkFwd
Display name: IPX Traffic Forwarder Driver
Description: IPX Traffic Forwarder Driver
Image path: system32\DRIVERS\nwlnkfwd.sys
Image size: 32512
Image MD5: C99B3415198D1AAB7227F2C88FD664B9
Start: 3
Type: 1
Error Control: 1

Service (registry key): odserv
Display name: Microsoft Office Diagnostics Service
Description: Microsoft Office Diagnostische gegevens gedeeltelijk uitvoeren.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Image size: 441136
Image MD5: 84DE1DD996B48B05ACE31AD015FA108A
Start: 3
Type: 16
Error Control: 1

Service (registry key): ohci1394
Display name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Image path: system32\DRIVERS\ohci1394.sys
Image size: 61056
Image MD5: 0951DB8E5823EA366B0E408D71E1BA2A
Start: 0
Type: 1
Error Control: 1

Service (registry key): ose
Display name: Office Source Engine
Description: Hiermee worden de installatiebestanden opgeslagen die worden gebruikt voor het bijwerken en herstellen. Dit is vereist voor het downloaden van updates van Setup en van Watson-foutrapporten.
Object name: LocalSystem
Image path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Image size: 145184
Image MD5: 5A432A042DAE460ABE7199B758E8606C
Start: 3
Type: 16
Error Control: 1

Service (registry key): Outlook
Start: 0
Type: 0
Error Control: 0

Service (registry key): Parport
Display name: Stuurprogramma voor parallelle poort
Image path: system32\DRIVERS\parport.sys
Image size: 80384
Image MD5: 83A120F43A1424D9C51701FD91D3BC8E
Start: 3
Type: 1
Error Control: 1

Service (registry key): PartMgr
Start: 0
Type: 1
Error Control: 1

Service (registry key): ParVdm
Start: 4
Type: 1
Error Control: 0
Depends On services: Parport
Depends On group: "Parallel arbitrator"

Service (registry key): PCANDIS5
Display name: PCANDIS5 NDIS Protocol Driver
Image path: \??\C:\WINDOWS\system32\PCANDIS5.SYS
Image size: 17134
Image MD5: 2F9806B52CB3748B1E49222744B28E3C
Start: 3
Type: 1
Error Control: 1

Service (registry key): PCI
Display name: PCI Bus-stuurprogramma
Image path: system32\DRIVERS\pci.sys
Image size: 68224
Image MD5: 3060407163C2DAF8B0DBC878C3052CF0
Start: 0
Type: 1
Error Control: 3

Service (registry key): PCIDump
Start: 1
Type: 1
Error Control: 0

Service (registry key): PCIIde
Image path: system32\DRIVERS\pciide.sys
Image size: 3328
Image MD5: B31EDEBA4DA28283F6B8DC4756FB9585
Start: 0
Type: 1
Error Control: 1

Service (registry key): Pcmcia
Start: 4
Type: 1
Error Control: 1

Service (registry key): PDCOMP
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRELI
Start: 3
Type: 1
Error Control: 0

Service (registry key): PDRFRAME
Start: 3
Type: 1
Error Control: 0

Service (registry key): perc2
Image path: system32\DRIVERS\perc2.sys
Image size: 27296
Image MD5: 6C14B9C19BA84F73D3A86DBA11133101
Start: 0
Type: 1
Error Control: 1

Service (registry key): perc2hib
Image path: system32\DRIVERS\perc2hib.sys
Image size: 5504
Image MD5: F50F7C27F131AFE7BEBA13E14A3B9416
Start: 0
Type: 1
Error Control: 1

Service (registry key): PerfDisk
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfNet
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfOS
Start: 0
Type: 0
Error Control: 0

Service (registry key): PerfProc
Start: 0
Type: 0
Error Control: 0

Service (registry key): PlugPlay
Display name: Plug and Play
Description: Hiermee kan een computer wijzigingen in de hardwareconfiguratie herkennen en zich aanpassen zonder of met weinig invoer van de gebruiker. Als de service wordt gestopt of uitgeschakeld wordt de computer instabiel.
Object name: LocalSystem
Image path: %SystemRoot%\system32\services.exe
Image size: 108544
Image MD5: 39991CD3C17B7529D039151A88E84499
Start: 2
Type: 32
Error Control: 1

Service (registry key): PolicyAgent
Display name: IPSEC-services
Description: Hiermee wordt het IP-beveiligingsbeleid beheerd en de stuurprogramma's voor ISAKMP/Oakley (IKE) en IP-beveiliging gestart.
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 34A82DEBEFB057FCCCBE15F619FC98A7
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS,Tcpip,IPSec

Service (registry key): PptpMiniport
Display name: WAN-minipoort (PPTP)
Description: WAN-minipoort (PPTP)
Image path: system32\DRIVERS\raspptp.sys
Image size: 48384
Image MD5: 1C5CC65AAC0783C344F16353E60B72AC
Start: 3
Type: 1
Error Control: 1

Service (registry key): ProtectedStorage
Display name: Protected Storage
Description: Hiermee wordt beveiligde opslag voor vertrouwelijke gegevens, zoals persoonlijke sleutels, geboden om toegang door niet-gemachtigde services, processen of gebruikers te voorkomen
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 34A82DEBEFB057FCCCBE15F619FC98A7
Start: 2
Type: 288
Error Control: 1
Depends On services: RpcSs

Service (registry key): PSched
Display name: QoS-pakketplanner
Description: QoS-pakketplanner
Image path: system32\DRIVERS\psched.sys
Image size: 69120
Image MD5: 48671F327553DCF1D27F6197F622A668
Start: 3
Type: 1
Error Control: 1
Depends On services: Gpc

Service (registry key): Ptilink
Display name: Stuurprogramma voor Directe parallelle verbinding
Description: Stuurprogramma voor Directe parallelle verbinding
Image path: system32\DRIVERS\ptilink.sys
Image size: 17792
Image MD5: 80D317BD1C3DBC5D4FE7B1678C60CADD
Start: 3
Type: 1
Error Control: 1

Service (registry key): PxHelp20
Display name: PxHelp20
Image path: System32\Drivers\PxHelp20.sys
Image size: 36624
Image MD5: 1962166E0CEB740704F30FA55AD3D509
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1080
Image path: system32\DRIVERS\ql1080.sys
Image size: 40320
Image MD5: 0A63FB54039EB5662433CABA3B26DBA7
Start: 0
Type: 1
Error Control: 1

Service (registry key): Ql10wnt
Image path: system32\DRIVERS\ql10wnt.sys
Image size: 33152
Image MD5: 6503449E1D43A0FF0201AD5CB1B8C706
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql12160
Image path: system32\DRIVERS\ql12160.sys
Image size: 45312
Image MD5: 156ED0EF20C15114CA097A34A30D8A01
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1240
Image path: system32\DRIVERS\ql1240.sys
Image size: 40448
Image MD5: 70F016BEBDE6D29E864C1230A07CC5E6
Start: 0
Type: 1
Error Control: 1

Service (registry key): ql1280
Image path: system32\DRIVERS\ql1280.sys
Image size: 49024
Image MD5: 907F0AEEA6BC451011611E732BD31FCF
Start: 0
Type: 1
Error Control: 1

Service (registry key): RasAcd
Display name: Stuurprogramma voor Automatische verbinding voor RAS
Description: Stuurprogramma voor Automatische verbinding voor RAS
Image path: system32\DRIVERS\rasacd.sys
Image size: 8832
Image MD5: FE0D99D6F31E4FAD8159F690D68DED9C
Start: 1
Type: 1
Error Control: 1

janhooijen
2007-06-19, 21:47
part 14

Service (registry key): RasAuto
Display name: Remote Access Auto Connection Manager
Description: Hiermee wordt een verbinding gemaakt met een extern netwerk als een programma verwijst naar een extern(e) DNS- of NetBIOS-naam of -adres.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RasMan,Tapisrv

Service (registry key): Rasl2tp
Display name: WAN-minipoort (L2TP)
Description: WAN-minipoort (L2TP)
Image path: system32\DRIVERS\rasl2tp.sys
Image size: 51328
Image MD5: 98FAEB4A4DCF812BA1C6FCA4AA3E115C
Start: 3
Type: 1
Error Control: 1

Service (registry key): RasMan
Display name: Verbindingsbeheer voor RAS
Description: Hiermee kunnen netwerkverbindingen worden gemaakt.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: Tapisrv

Service (registry key): RasPppoe
Display name: PPPOE-RAS-stuurprogramma
Description: PPPOE-RAS-stuurprogramma
Image path: system32\DRIVERS\raspppoe.sys
Image size: 41472
Image MD5: 7306EEED8895454CBED4669BE9F79FAA
Start: 3
Type: 1
Error Control: 1

Service (registry key): Raspti
Display name: Direct Parallel
Description: Direct Parallel
Image path: system32\DRIVERS\raspti.sys
Image size: 16512
Image MD5: FDBB1D60066FCFBB7452FD8F9829B242
Start: 3
Type: 1
Error Control: 1

Service (registry key): Rdbss
Display name: Rdbss
Description: Rdbss
Image path: system32\DRIVERS\rdbss.sys
Image size: 174592
Image MD5: 03B965B1CA47F6EF60EB5E51CB50E0AF
Start: 1
Type: 2
Error Control: 1

Service (registry key): RDPCDD
Image path: System32\DRIVERS\RDPCDD.sys
Image size: 4224
Image MD5: 4912D5B403614CE99C28420F75353332
Start: 1
Type: 1
Error Control: 0

Service (registry key): RDPDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): rdpdr
Display name: Stuurprogramma voor Terminal-serverapparaatredirector
Image path: system32\DRIVERS\rdpdr.sys
Image size: 196864
Image MD5: A2CAE2C60BC37E0751EF9DDA7CEAF4AD
Start: 3
Type: 1
Error Control: 1

Service (registry key): RDPNP
Start: 0
Type: 0
Error Control: 0

Service (registry key): RDPWD
Start: 3
Type: 1
Error Control: 0

Service (registry key): RDSessMgr
Display name: Helpsessiebeheer voor Extern bureaublad
Description: Hiermee wordt de voorziening Hulp op afstand aangestuurd. Als deze service is gestopt, is Hulp op afstand niet beschikbaar. Raadpleeg alvorens deze service te stoppen eerst het tabblad Afhankelijkheden van het dialoogvenster met eigenschappen.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\sessmgr.exe
Image size: 142336
Image MD5: A81B92D6AE9F0433B14A54DBF63A1FF3
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): redbook
Display name: Stuurprogramma voor afspeelfilter van digitale cd-audio
Image path: system32\DRIVERS\redbook.sys
Image size: 57856
Image MD5: 7BB9C58A13323F5EDC89C88F98C80CBA
Start: 1
Type: 1
Error Control: 1

Service (registry key): RemoteAccess
Display name: Routing and Remote Access
Description: Hiermee worden routeringsservices aangeboden aan bedrijven in LAN- en WAN-omgevingen.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 4
Type: 32
Error Control: 1
Depends On services: RpcSS
Depends On group: NetBIOSGroup

Service (registry key): RpcLocator
Display name: Remote Procedure Call (RPC) Locator
Description: Hiermee wordt de database van de RPC Name-service beheerd.
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\locator.exe
Image size: 75264
Image MD5: 69B970645E78C1ED5FA7CAF34A1A13E6
Start: 3
Type: 16
Error Control: 1
Depends On services: LanmanWorkstation

Service (registry key): RpcSs
Display name: Remote Procedure Call (RPC)
Description: Hiermee worden endpoint-toewijzing en andere RPC-services geboden
Object name: NT AUTHORITY\NetworkService
Image path: %SystemRoot%\system32\svchost -k rpcss
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): RSVP
Display name: QoS RSVP
Description: Hiermee wordt functionaliteit voor de configuratie van netwerksignalen en besturings van lokaal verkeer verkregen voor programma's en besturingshulpprogramma's die geschikt zijn voor QoS
Object name: LocalSystem
Image path: %SystemRoot%\system32\rsvp.exe
Image size: 132608
Image MD5: AD1B5F1B99FFF08C99F443D784711A81
Start: 3
Type: 16
Error Control: 1
Depends On services: TcpIp,Afd,RpcSs

Service (registry key): SamSs
Display name: Security Accounts Manager
Description: Hiermee worden beveiligingsgegevens voor lokale gebruikersaccounts opgeslagen
Object name: LocalSystem
Image path: %SystemRoot%\system32\lsass.exe
Image size: 13312
Image MD5: 34A82DEBEFB057FCCCBE15F619FC98A7
Start: 2
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): SCardSvr
Display name: Smart Card
Description: Hiermee wordt de toegang tot een smartcard beheerd die in een smartcardlezer is geplaatst die aan de computer is gekoppeld. Als de service wordt gestopt, kunnen er geen smartcards worden gelezen. Als de service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\SCardSvr.exe
Image size: 98304
Image MD5: 11344A685293C0A5D228DE5381CD9E5D
Start: 3
Type: 32
Error Control: 0
Depends On services: PlugPlay

Service (registry key): ScFBPNT3
Display name: CanoScan FBP3 Port Driver
Image path: \??\C:\WINDOWS\system32\drivers\ScFBPNT3.SYS
Image size: 16032
Image MD5: 9609FC0BE28FA535EF582FC7E596F561
Start: 2
Type: 1
Error Control: 1

Service (registry key): Schedule
Display name: Task Scheduler
Description: Hiermee kan een gebruiker geautomatiseerde taken configureren en plannen op deze computer. Als deze service wordt gestopt, kunnen deze taken niet op de geplande tijd worden uitgevoerd. Als de service wordt uitgeschakeld, kunnen de services die afhankelijk van deze service niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Secdrv
Display name: Secdrv
Description: SafeDisc driver
Image path: system32\DRIVERS\secdrv.sys
Image size: 163644
Image MD5: 07F7F501AD50DE2BA2D5842D9B6D6155
Start: 2
Type: 1
Error Control: 1

Service (registry key): seclogon
Display name: Secondary Logon
Description: Hiermee kunnen processen met alternatieve referenties worden gestart. Als deze service wordt gestopt, is dit type aanmelding niet beschikbaar. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 288
Error Control: 0

Service (registry key): SENS
Display name: System Event Notification
Description: Hiermee worden systeemgebeurtenissen, zoals Windows-aanmelding, netwerk- en energiegebeurtenissen getraceerd en worden abonnees van het COM+-gebeurtenissysteem gewaarschuwd als deze gebeurtenissen optreden
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: EventSystem

Service (registry key): serenum
Display name: Serenum Filter-stuurprogramma
Image path: system32\DRIVERS\serenum.sys
Image size: 15488
Image MD5: A2D868AEEFF612E70E213C451A70CAFB
Start: 3
Type: 1
Error Control: 1

Service (registry key): Serial
Display name: Stuurprogramma voor seriële poort
Image path: system32\DRIVERS\serial.sys
Image size: 65920
Image MD5: 97E86D03D082D369CB025113B4B7B781
Start: 1
Type: 1
Error Control: 0

Service (registry key): Sfloppy
Start: 1
Type: 1
Error Control: 0
Depends On group: "SCSI miniport"

Service (registry key): SharedAccess
Display name: Windows Firewall (WF) / Internet-verbinding delen (ICS)
Description: Hiermee worden services ten behoeve van netwerkadresomzetting, adressering, naamomzetting en/of preventie van onrechtmatige toegang geboden voor computers in thuis- of bedrijfsnetwerken.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: Netman,WinMgmt

Service (registry key): ShellHWDetection
Display name: Shell Hardware Detection
Description: Deze service verzorgt meldingen bij AutoPlay-hardwaregebeurtenissen
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 0
Depends On services: RpcSs

Service (registry key): Simbad
Start: 4
Type: 1
Error Control: 1

Service (registry key): sisagp
Display name: SIS AGP Bus Filter
Image path: system32\DRIVERS\sisagp.sys
Image size: 41088
Image MD5: 732D859B286DA692119F286B21A2A114
Start: 0
Type: 1
Error Control: 1

Service (registry key): Sparrow
Image path: system32\DRIVERS\sparrow.sys
Image size: 19072
Image MD5: 83C0F71F86D3BDAF915685F3D568B20E
Start: 0
Type: 1
Error Control: 1

Service (registry key): splitter
Display name: Microsoft Kernel-audiosplitsing
Image path: system32\drivers\splitter.sys
Image size: 6400
Image MD5: 0CE218578FFF5F4F7E4201539C45C78F
Start: 3
Type: 1
Error Control: 1

Service (registry key): Spooler
Display name: Print Spooler
Description: Hiermee worden bestanden in het geheugen geladen om later te worden afgedrukt
Object name: LocalSystem
Image path: %SystemRoot%\system32\spoolsv.exe
Image size: 57856
Image MD5: DA81EC57ACD4CDC3D4C51CF3D409AF9F
Start: 2
Type: 272
Error Control: 1
Depends On services: RPCSS

Service (registry key): sptd
Image path: System32\Drivers\sptd.sys
Start: 0
Type: 1
Error Control: 1

Service (registry key): sr
Display name: Stuurprogramma voor systeemherstelfilter
Image path: system32\DRIVERS\sr.sys
Image size: 73472
Image MD5: A859C2DA6B06024C9B4D995B90FE8175
Start: 0
Type: 2
Error Control: 1

Service (registry key): srservice
Display name: System Restore-service
Description: Hiermee worden herstelfuncties voor het apparaat uitgevoerd. Als u de service wilt stoppen, kunt u Systeemherstel uitschakelen in het tabblad Systeemherstel in Deze computer->Eigenschappen
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): Srv
Display name: SRV
Description: SRV
Image path: system32\DRIVERS\srv.sys
Image size: 332928
Image MD5: EA554A3FFC3F536FE8320EB38F5E4843
Start: 3
Type: 2
Error Control: 1

Service (registry key): SSDPSRV
Display name: SSDP Discovery-service
Description: Maakt de detectie van universele Plug en Play-apparaten op het eigen netwerk mogelijk.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: HTTP

Service (registry key): stisvc
Display name: Windows Image Acquisition (WIA)
Description: Hiermee kunnen scanners en camera's afbeeldingen opnemen
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k imgsvc
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): swenum
Display name: Software Bus-stuurprogramma
Image path: system32\DRIVERS\swenum.sys
Image size: 4352
Image MD5: 03C1BAE4766E2450219D20B993D6E046
Start: 3
Type: 1
Error Control: 1

Service (registry key): swmidi
Display name: Microsoft Kernel GS Wavetable-synthesizer
Image path: system32\drivers\swmidi.sys
Image size: 54272
Image MD5: 94ABC808FC4B6D7D2BBF42B85E25BB4D
Start: 3
Type: 1
Error Control: 1

Service (registry key): SwPrv
Display name: MS Software Shadow Copy Provider
Description: Beheert schaduwkopieën op basis van software, die door de Volume Shadow Copy-service zijn gemaakt. Als deze service is gestopt, kunnen schaduwkopieën op basis van software niet worden beheerd. Als de service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\dllhost.exe /Processid:{30A618A7-FAB1-447C-982F-C0E209DFF967}
Image size: 5120
Image MD5: DAC52B0D256E0D48ED589DDA9133EC79
Start: 3
Type: 16
Error Control: 0
Depends On services: rpcss

Service (registry key): symc810
Image path: system32\DRIVERS\symc810.sys
Image size: 16256
Image MD5: 1FF3217614018630D0A6758630FC698C
Start: 0
Type: 1
Error Control: 1

Service (registry key): symc8xx
Image path: system32\DRIVERS\symc8xx.sys
Image size: 32640
Image MD5: 070E001D95CF725186EF8B20335F933C
Start: 0
Type: 1
Error Control: 1

Service (registry key): sym_hi
Image path: system32\DRIVERS\sym_hi.sys
Image size: 28384
Image MD5: 80AC1C4ABBE2DF3B738BF15517A51F2C
Start: 0
Type: 1
Error Control: 1

Service (registry key): sym_u3
Image path: system32\DRIVERS\sym_u3.sys
Image size: 30688
Image MD5: BF4FAB949A382A8E105F46EBB4937058
Start: 0
Type: 1
Error Control: 1

Service (registry key): sysaudio
Display name: Microsoft Kernel-systeemaudioapparaat
Image path: system32\drivers\sysaudio.sys
Image size: 60800
Image MD5: 650AD082D46BAC0E64C9C0E0928492FD
Start: 3
Type: 1
Error Control: 1

Service (registry key): SysmonLog
Display name: Performance Logs and Alerts
Description: Hiermee worden prestatiegegevens verzameld die zijn gebaseerd op voorgeconfigureerde schemaparameters. Vervolgens worden de gegevens naar een logboek geschreven of wordt een alarm geactiveerd. Als deze service wordt gestopt, worden er geen prestatiegegevens verzameld. Als deze service wordt uitgeschakeld, kunnen de services die expliciet van deze service afhankelijk zijn, niet starten.
Object name: NT Authority\NetworkService
Image path: %SystemRoot%\system32\smlogsvc.exe
Image size: 92160
Image MD5: C4D7D00C5EA67A557C95C44E3A226BAD
Start: 3
Type: 16
Error Control: 1

Service (registry key): TapiSrv
Display name: Telephony
Description: Hiermee wordt ondersteuning geboden voor Telefoon-API (TAPI) voor programma's die telefoonapparaten en op IP gebaseerde spraakverbindingen bestuurd op de lokale computer en, via het LAN, op servers die de service ook uitvoeren
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: PlugPlay,RpcSs

Service (registry key): Tcpip
Display name: Stuurprogramma voor TCP/IP-protocol
Description: Stuurprogramma voor TCP/IP-protocol
Image path: system32\DRIVERS\tcpip.sys
Image size: 359808
Image MD5: 1DBF125862891817F374F407626967F4
Start: 1
Type: 1
Error Control: 1
Depends On services: IPSec

janhooijen
2007-06-19, 21:48
part 15

Service (registry key): TDPIPE
Start: 3
Type: 1
Error Control: 0

Service (registry key): TDTCP
Start: 3
Type: 1
Error Control: 0

Service (registry key): TermDD
Display name: Stuurprogramma voor terminal-apparaat
Image path: system32\DRIVERS\termdd.sys
Image size: 40840
Image MD5: A540A99C281D933F3D69D55E48727F47
Start: 1
Type: 1
Error Control: 1

Service (registry key): TermService
Display name: Terminal Services
Description: Hiermee kunnen meerdere gebruikers interactief met een bepaalde computer of het bureaublad en toepassingen van een andere computer worden verbonden. De basis voor Extern bureaublad (waaronder Extern bureaublad voor Administrators), Snelle gebruikerswisseling, Hulp op afstand en Terminal Server.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost -k DComLaunch
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RPCSS

Service (registry key): Themes
Display name: Thema's
Description: Hiermee beschikt u over een voorziening waarmee u de gebruikerservaring kunt beheren.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): TosIde
Image path: system32\DRIVERS\toside.sys
Image size: 4992
Image MD5: 5BC2144AB4F6090F12E49E9648B5A702
Start: 0
Type: 1
Error Control: 1

Service (registry key): TrkWks
Display name: Distributed Link Tracking Client
Description: Hiermee worden koppelingen tussen NTFS-bestanden op een computer of tussen computers in een netwerkdomein onderhouden.
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): TSDDD
Start: 0
Type: 0
Error Control: 0

Service (registry key): uagp35
Display name: Microsoft AGPv3.5 Filter
Image path: system32\DRIVERS\uagp35.sys
Image size: 44672
Image MD5: 49C805D42D75EDDC9B6A7130999C9054
Start: 0
Type: 1
Error Control: 1

Service (registry key): Udfs
Start: 4
Type: 2
Error Control: 1

Service (registry key): ultra
Image path: system32\DRIVERS\ultra.sys
Image size: 36736
Image MD5: 1B698A51CD528D8DA4FFAED66DFC51B9
Start: 0
Type: 1
Error Control: 1

Service (registry key): Update
Display name: Microcode Update-stuurprogramma
Image path: system32\DRIVERS\update.sys
Image size: 209408
Image MD5: AFF2E5045961BBC0A602BB6F95EB1345
Start: 3
Type: 1
Error Control: 1

Service (registry key): upnphost
Display name: Universele Plug en Play-apparaathost
Description: Ondersteunt hosting van universele Plug en Play-apparaten.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: SSDPSRV,HTTP

Service (registry key): UPS
Display name: Uninterruptible Power Supply
Description: Hiermee wordt een noodvoeding (UPS) beheerd die op de computer is aangesloten
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\System32\ups.exe
Image size: 18432
Image MD5: 5124D4054C62991A65D616F202965740
Start: 3
Type: 16
Error Control: 1

Service (registry key): usbccgp
Display name: Microsoft generiek hoofd-USB-stuurprogramma
Image path: system32\DRIVERS\usbccgp.sys
Image size: 31616
Image MD5: BFFD9F120CC63BCBAA3D840F3EEF9F79
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbehci
Display name: Microsoft USB 2.0 Enhanced Host Controller Miniport Driver
Image path: system32\DRIVERS\usbehci.sys
Image size: 26624
Image MD5: 15E993BA2F6946B2BFBBFCD30398621E
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbhub
Display name: USB2 Enabled Hub
Image path: system32\DRIVERS\usbhub.sys
Image size: 57600
Image MD5: C72F40947F92CEA56A8FB532EDF025F1
Start: 3
Type: 1
Error Control: 1

Service (registry key): USBSTOR
Display name: Stuurprogramma voor USB-massaopslag
Image path: system32\DRIVERS\USBSTOR.SYS
Image size: 26496
Image MD5: 6CD7B22193718F1D17A47A1CD6D37E75
Start: 3
Type: 1
Error Control: 1

Service (registry key): usbuhci
Display name: Microsoft USB Universal Host Controller Miniport Driver
Image path: system32\DRIVERS\usbuhci.sys
Image size: 20480
Image MD5: F8FD1400092E23C8F2F31406EF06167B
Start: 3
Type: 1
Error Control: 1

Service (registry key): VgaSave
Image path: \SystemRoot\System32\drivers\vga.sys
Start: 1
Type: 1
Error Control: 0

Service (registry key): viaagp
Display name: VIA AGP Bus Filter
Image path: system32\DRIVERS\viaagp.sys
Image size: 42240
Image MD5: D92E7C8A30CFD14D8E15B5F7F032151B
Start: 0
Type: 1
Error Control: 1

Service (registry key): ViaIde
Image path: system32\DRIVERS\viaide.sys
Image size: 5376
Image MD5: 59CB1338AD3654417BEA49636457F65D
Start: 0
Type: 1
Error Control: 1

Service (registry key): VolSnap
Start: 0
Type: 1
Error Control: 1

Service (registry key): VSS
Display name: Volume Shadow Copy
Description: Hiermee kunnen schaduwkopieën van volumes die door back-uptoepassingen en voor andere doeleinden worden gebruikt, worden beheerd en geïmplementeerd. Als deze service wordt gestopt, zijn de schaduwkopieën niet beschikbaar voor het maken van een back-up en de back-up kan mogelijk mislukken. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet starten.
Object name: LocalSystem
Image path: %SystemRoot%\System32\vssvc.exe
Image size: 292864
Image MD5: FAEC7A09C545A16B7534FF57CC8E2A4A
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): W32Time
Display name: Windows Time
Description: Zorgt voor de datum- en tijdsynchronisatie van alle clients en servers binnen het netwerk. Als de service is gestopt, is de datum- en tijdsynchronisatie onbeschikbaar. Als de service wordt uitgeschakeld, kunnen de services die afhankelijk van deze service niet worden gestart.

Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): W3SVC
Start: 0
Type: 0
Error Control: 0

Service (registry key): Wanarp
Display name: RAS IP ARP-stuurprogramma
Description: RAS IP ARP-stuurprogramma
Image path: system32\DRIVERS\wanarp.sys
Image size: 34560
Image MD5: 984EF0B9788ABF89974CFED4BFBAACBC
Start: 3
Type: 1
Error Control: 1

Service (registry key): WDICA
Start: 3
Type: 1
Error Control: 0

Service (registry key): wdmaud
Display name: Stuurprogramma voor Microsoft WINMM WDM-audiocompatibiliteit
Image path: system32\drivers\wdmaud.sys
Image size: 82944
Image MD5: EFD235CA22B57C81118C1AEB4798F1C1
Start: 3
Type: 1
Error Control: 1

Service (registry key): WebClient
Display name: WebClient
Description: Hiermee kunnen Windows-programma's bestanden op het Internet maken, lezen en wijzigen. Als deze service wordt gestopt, zijn deze functies niet beschikbaar. Als deze service wordt uitgeschakeld, kunnen services die van deze service afhankelijk zijn niet starten.
Object name: NT AUTHORITY\LocalService
Image path: %SystemRoot%\system32\svchost.exe -k LocalService
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: MRxDAV

Service (registry key): winmgmt
Display name: Windows Management Instrumentation
Description: Dit is een gemeenschappelijke interface en objectmodel voor toegang tot beheergegevens over besturingssystemen, apparaten, toepassingen en services. Als deze service wordt gestopt zal de meeste windows-software niet juist werken. Als deze service wordt uitgeschakeld, kunnen services die van de service afhankelijk zijn niet worden gestart.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 0
Depends On services: RPCSS

Service (registry key): Winsock
Start: 3
Type: 4
Error Control: 1

Service (registry key): WinSock2
Start: 0
Type: 0
Error Control: 0

Service (registry key): WinTrust
Start: 0
Type: 0
Error Control: 0

Service (registry key): WlanUIG
Display name: Sagem 802.11g Wireless LAN USB Adapter Driver
Image path: system32\DRIVERS\WlanUIG.sys
Image size: 379456
Image MD5: C383926D4BA41AFBCA592B2AD1FE4109
Start: 3
Type: 1
Error Control: 1

Service (registry key): WmdmPmSN
Display name: Serienummerservice voor draagbare media
Description: Geeft het serienummer van elke draagbare mediaspeler die is aangesloten op deze computer. Als deze service wordt beëindigd, wordt beveiligde inhoud mogelijk niet meer naar het apparaat gedownload.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1

Service (registry key): WmiApRpl
Start: 0
Type: 0
Error Control: 0

Service (registry key): WmiApSrv
Display name: WMI-prestatieadapter
Description: Biedt informatie over het DLL-prestatiebestand van WMI High Performance-providers.
Object name: LocalSystem
Image path: C:\WINDOWS\system32\wbem\wmiapsrv.exe
Image size: 126464
Image MD5: 2398E9F520DF78A96FCD577F3A261E98
Start: 3
Type: 16
Error Control: 1
Depends On services: RPCSS

Service (registry key): WMPNetworkSvc
Display name: Windows Media Player Network Sharing-service
Description: Hiermee worden media-bestanden met behulp van UPnP (Universal Plug and Play) op media-apparaten beschikbaar gemaakt
Object name: NT AUTHORITY\NetworkService
Image path: "C:\Program Files\Windows Media Player\WMPNetwk.exe"
Image size: 917504
Image MD5: 79A01ACD485687EE602411A06B63A9A5
Start: 3
Type: 16
Error Control: 1
Depends On services: upnphost,http,HTTPFilter

Service (registry key): WpdUsb
Display name: WpdUsb
Image path: system32\DRIVERS\wpdusb.sys
Image size: 38528
Image MD5: CF4DEF1BF66F06964DC0D91844239104
Start: 3
Type: 1
Error Control: 1

Service (registry key): WS2IFSL
Start: 1
Type: 0
Error Control: 0

Service (registry key): wscsvc
Display name: Security Center
Description: Hiermee kunt u instellingen en configuraties van systeembeveiliging controleren.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,winmgmt

Service (registry key): wuauserv
Display name: Automatische updates
Description: Hiermee wordt het downloaden en de installatie van updates voor Windows ingeschakeld. Als deze service is uitgeschakeld, kan het onderdeel Automatische updates of de website van Windows Update niet op deze computer worden gebruikt.
Object name: LocalSystem
Image path: %systemroot%\system32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1

Service (registry key): WudfPf
Display name: Windows Driver Foundation - User-mode Driver Framework Platform Driver
Description: Provide communciation services for UMDF components.
Image path: system32\DRIVERS\WudfPf.sys
Image size: 77568
Image MD5: F15FEAFFFBB3644CCC80C5DA584E6311
Start: 0
Type: 1
Error Control: 1

Service (registry key): WudfRd
Display name: Windows Driver Foundation - User-mode Driver Framework Reflector
Description: Reflect device requests to user-mode driver drivers
Image path: system32\DRIVERS\wudfrd.sys
Image size: 82944
Image MD5: 28B524262BCE6DE1F7EF9F510BA3985B
Start: 3
Type: 1
Error Control: 1

Service (registry key): WudfSvc
Display name: Windows Driver Foundation - User-mode Driver Framework
Description: Manages user-mode driver host processes
Object name: LocalSystem
Image path: %SystemRoot%\system32\svchost.exe -k WudfServiceGroup
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: PlugPlay

Service (registry key): WZCSVC
Display name: Wireless Zero Configuration-service
Description: Configureert de 802.11-adapters automatisch.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 2
Type: 32
Error Control: 1
Depends On services: RpcSs,Ndisuio

Service (registry key): xmlprov
Display name: Network Provisioning Service
Description: Hiermee worden XML-configuratiebestanden per domein beheerd voor automatische netwerkvoorziening.
Object name: LocalSystem
Image path: %SystemRoot%\System32\svchost.exe -k netsvcs
Image size: 14336
Image MD5: AB8C6D89A897BACBA4657FDF00E344A6
Start: 3
Type: 32
Error Control: 1
Depends On services: RpcSs

Service (registry key): yukonwxp
Display name: NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller
Image path: system32\DRIVERS\yk51x86.sys
Image size: 243328
Image MD5: C25BFCA4B997859F4857E396507838D9
Start: 3
Type: 1
Error Control: 1

Service (registry key): {6C7F58BD-1598-4846-B688-02FC21734336}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {8CCDBF8C-9FA2-42E2-9EBF-62E6C1998AD0}
Start: 0
Type: 0
Error Control: 0

Service (registry key): {CA00C4E8-18BC-47F5-9F56-27153CD5748F}
Start: 0
Type: 0
Error Control: 0

< END OF LOG SPYBOT>

Shaba
2007-06-20, 11:47
Hi

Open HijackThis, click do a system scan only and checkmark these:

O2 - BHO: (no name) - {81B78E86-460A-488A-A4AC-FFDBFB846E26} - C:\WINDOWS\system32\awtqq.dll (file missing)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

Close all windows including browser and press fix checked.

Reboot.

Please do an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/downloads/kws/kavwebscan.html). You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings
In the scan settings make sure that the following are selected:

o Scan using the following Anti-Virus database:

+ Extended (If available otherwise Standard)

o Scan Options:

+ Scan Archives
+ Scan Mail Bases

Click OK
Now under select a target to scan select My Computer
The scan will take a while so be patient and let it run. Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button
Save the file to your desktop.
Copy and paste that information in your next post.

Post:

- a fresh HijackThis log
- kaspersky report

janhooijen
2007-06-22, 20:08
Hello,

I've run Kaspersky (2 viruses identified) --> I don't see a Smitfraud detection. And I send you a HijackThis log.

Thanks in advance.

HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 19:04:50, on 22-6-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Azureus\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Azureus\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - 802.11g Wi-Fi USB Dongle LAN Utility.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v902/Navigram.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/site/xupload/XUpload.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Kaspersky
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, June 22, 2007 7:03:38 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 22/06/2007
Kaspersky Anti-Virus database records: 350974
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan Statistics:
Total number of scanned objects: 112162
Number of viruses found: 2
Number of infected objects: 3
Number of suspicious objects: 0
Duration of the scan process: 01:33:06

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\cert8.db Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\history.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\key3.db Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\parent.lock Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Geschiedenis\History.IE5\MSHist012007062220070623\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Cindy Kortum\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\HijackThis\backups\backup-20070616-163319-399.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Downloaded Program Files\UERSM_0001_N68M1602NetInstaller.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd8989.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\yenjllng.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\WINDOWS\Temp\mcmsc_CguA6frkUSRr37v Object is locked skipped
C:\WINDOWS\Temp\mcmsc_hIeYFNpPNmNYOy4 Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.

Shaba
2007-06-22, 20:15
Hi

"I've run Kaspersky (2 viruses identified) --> I don't see a Smitfraud detection"

Vundo and smitfraud-toolbar888 are almost the same thing. Same with Winfixer. All same "family".

Please download the Killbox (http://download.bleepingcomputer.com/spyware/KillBox.exe).
Save it to the desktop.

Please run Killbox.

Select "Delete on Reboot" and "All files"

Copy the file names below to the clipboard by highlighting them and pressing Control-C:

C:\WINDOWS\Downloaded Program Files\UERSM_0001_N68M1602NetInstaller.exe
C:\WINDOWS\system32\yenjllng.dll

Go to the File menu, and choose "Paste from Clipboard".

Click the red-and-white "Delete File" button. Click "Yes" at the Delete on Reboot prompt. Click "No" at the Pending Operations prompt.

If you receive a message such as: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run TheKillbox, click here (http://www.eudaemonia.me.uk/downloads/Files/missingfilesetup.exe) to download and run missingfilesetup.exe. Then try TheKillbox again..

Empty this folder:

C:\!KillBox

Empty Recycle Bin

Re-scan with kaspersky

Post:

- a fresh HijackThis log
- kaspersky report

If your computer does not restart automatically, please restart it manually.

janhooijen
2007-06-23, 16:54
Hello,

Thanks again: I did what you asked me (I ran Killbox), I send you now a HijackThis log and a fresh Kaspersky log.

Grtz

Logfile of HijackThis v1.99.1
Scan saved at 15:51:50, on 23-6-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\common files\mcafee\mna\mcnasvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Azureus\DAEMON Tools\daemon.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "D:\Azureus\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Sagem - 802.11g Wi-Fi USB Dongle LAN Utility.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v902/Navigram.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/site/xupload/XUpload.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Saturday, June 23, 2007 3:45:40 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 23/06/2007
Kaspersky Anti-Virus database records: 351382
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\

Scan Statistics:
Total number of scanned objects: 112193
Number of viruses found: 2
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 01:34:03

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\McAfee\MNA\NAData Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\MSC\McUsers.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Data\TFR1.tmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\McAfee\VirusScan\Logs\OAS.Log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\cert8.db Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\googlesafebrowsing.db Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\history.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\key3.db Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\parent.lock Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Application Data\Mozilla\Firefox\Profiles\3btwo8jj.default\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Geschiedenis\History.IE5\MSHist012007062320070624\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Cindy Kortum\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Cindy Kortum\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\HijackThis\backups\backup-20070616-163319-399.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065574.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065580.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065581.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{6BF72F0A-D738-4BFD-8AA9-7D52D19037BC}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\ODiag.evt Object is locked skipped
C:\WINDOWS\system32\config\OSession.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\drivers\sptd8989.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\mcmsc_a4P7aS6htKLVWgL Object is locked skipped
C:\WINDOWS\Temp\mcmsc_DlTW6WdoHeYqf99 Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\change.log Object is locked skipped

Scan process completed.

Shaba
2007-06-23, 17:25
Hi

Logs look good :)

Still problems?

janhooijen
2007-06-24, 11:57
Hello,

My computer is allright again? Are the 4 objects Kaspersky had found (see below) not a problem?

If not, Shaba thanks for helping me out!

C:\Program Files\HijackThis\backups\backup-20070616-163319-399.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065574.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065580.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065581.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped

Shaba
2007-06-24, 13:05
Hi

This is in HijackThis backups, feel free to delete:

C:\Program Files\HijackThis\backups\backup-20070616-163319-399.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped

These are in system restore and inactive at the moment:

C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065574.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065580.exe Infected: not-a-virus:Downloader.Win32.WinFixer.d skipped
C:\System Volume Information\_restore{E57C3CFF-0C70-4A5C-A867-EEEC9895148D}\RP182\A0065581.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped

I give you later instructions how to empty system restore.

Other than that, any problems left?

janhooijen
2007-06-25, 00:14
Hello,

No more problems, I guess. :bigthumb:

Also McAfee reveals no viruses (only cookies).

grtz,
Jan

Shaba
2007-06-25, 12:27
Hi

Then you're clean!

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore. - If you are using Windows XP then you should disable and re-enable system restore to make sure there are no infected files found in a restore point.

You can find instructions on how to enable and reenable system restore here:

Windows XP System Restore Guide (http://www.bleepingcomputer.com/forums/tutorial56.html)

Reenable system restore with instructions from tutorial above

Make your Internet Explorer more secure - This can be done by following these simple instructions:
From within Internet Explorer click on the Tools menu and then click on Options.
Click once on the Security tab
Click once on the Internet icon so it becomes highlighted.
Click once on the Custom Level button.
Change the Download signed ActiveX controls to Prompt

Change the Download unsigned ActiveX controls to Disable

Change the Initialize and script ActiveX controls not marked as safe to Disable

Change the Installation of desktop items to Prompt

Change the Launching programs and files in an IFRAME to Prompt

Change the Navigate sub-frames across different domains to Prompt

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
Use an AntiVirus Software - It is very important that your computer has an anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

See this link for a listing of some online & their stand-alone antivirus programs:

Virus, Spyware, and Malware Protection and Removal Resources (http://www.bleepingcomputer.com/forums/topic405.html)


Update your AntiVirus Software - It is imperitive that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.


Use a Firewall - I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is succeptible to being hacked and taken over. I am very serious about this and see it happen almost every day with my clients. Simply using a Firewall in its default configuration can lower your risk greatly.

For a tutorial on Firewalls and a listing of some available ones see the link below:

Understanding and Using Firewalls (http://www.bleepingcomputer.com/tutorials/tutorial60.html)


Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com (http://www.windowsupdate.com) regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.


Install Ad-Aware - Install and download Ad-Aware. ou should also scan your computer with program on a regular basis just as you would an antivirus software in conjunction with Spybot.

A tutorial on installing & using this product can be found here:

Using Ad-aware to remove Spyware, Malware, & Hijackers from Your Computer (http://www.bleepingcomputer.com/forums/?showtutorial=48)


Install Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option.

This will provide real-time spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here:

Instructions for - Spybot S & D and Ad-aware (http://www.bleepingcomputer.com/forums/?showtutorial=43)


Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs.

A tutorial on installing & using this product can be found here:

Using SpywareBlaster to protect your computer from Spyware and Malware (http://www.bleepingcomputer.com/tutorials/tutorial49.html)


Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.
Follow this list and your potential for being infected again will reduce dramatically.

Here are some additional utilities that will enhance your safety

IE/Spyad (http://www.spywarewarrior.com/uiuc/resource.htm) <= IE/Spyad places over 4000 websites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
MVPS Hosts file (http://mvps.org/winhelp2002/hosts.htm) <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your coputer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer
Comodo BOCLEAN (http://www.comodo.com/boclean/boclean.html) <= Stop identity thieves from getting personal information. Instantly detects well over 1,000,000 unique, variant and repack malware in total. And it's free.
Winpatrol (http://www.winpatrol.com/) <= Download and install the free version of Winpatrol. a tutorial for this product is located here:
Using Winpatrol to protect your computer from malicious software (http://www.winpatrol.com/features.html)

Stand Up and Be Counted ---> Malware Complaints (http://www.malwarecomplaints.info/index.php) <--- where you can make difference!

The site offers people who have been (or are) victims of malware the opportunity to document their story and, in that way, launch a complaint against the malware and the makers of the malware.

Also, please read this great article by Tony Klein So How Did I Get Infected In First Place (http://castlecops.com/postlite7736-.html)

Happy surfing and stay clean!

Shaba
2007-06-27, 12:58
Since this issue appears resolved ... this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team
a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic.