harold

Allen bedankt hier op dit forum voor het waardevolle meedenken. Toch heb ik, gezien de vele problemen en de hardnekkigheid hiervan, recent een volledige herinstallatie van Windows uitgevoerd. Ook had ik een externe hard disk te leen, zodat ik eenvoudig alle gewenste bestanden van mijn HD eerst heb kunnen overzetten. PC loopt (tot nu toe ) als een zonnetje!!! Groeten, Harold

Nee, mijn computer is volledig stand alone en is niet aangesloten op netwerk of iets anders. Ik heb alleen (al jaren) een HP printer die is aangesloten op mijn computer.

Iets gekoppeld aan een andere computer: waar denk je dan bijvoorbeeld aan? Wat is een NAS?

Hoe bedoel je dat: met een externe computer?

Dat heb ik juist gedaan, maar dat geeft de WMI Diag output zoals eerder vermeld (zie boven).

De opdracht sfc / scnannow uitgevoerd. Problemen echter nog precies dezelfde, zie log WMIDiag.

Stegisoft, Ik snap niet helemaal wat je bedoelt of wilt met bovenstaand. Als ik hierop klik, wordt een bestand gedownloaded en vervolgens start mijn computer Sonic DigitalMedia LE v7 op en vraagt of ik een image wil branden. En wat moet ik daar dan mee doen?

Heb sfc / scannow uitgevoerd. Paar bestanden overgeslagen, omdat ik de windows cd niet heb. Waren allemaal Windows Media Player bestanden. Problemen blijven hetzelfde. Ik kan (ivm WMI foutmeldingen) de configuratie v/d computer met geen enkele mogelijkheid herstellen naar een punt in het verleden. Hier nog een nieuwe run van HijackThis: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:36:45, on 18-10-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\tcpsvcs.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\eHome\ehmsas.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Tele2 Webmail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Global Provider of Innovative Graphics, Processors and Media Solutions | AMD R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-3173767491-1033059411-1657883583-1005\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe (User '?') O4 - HKUS\S-1-5-21-3173767491-1033059411-1657883583-1005\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?') O4 - HKUS\S-1-5-21-3173767491-1033059411-1657883583-1005\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://fotoalbum.fotoquelle.nl/ips-opdata/objects/jordan.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/51.23/uploader2.cab O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h20264.www2.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://fotoservice.fotoquelle.nl/FOTOQUELLE/UserControls/Part/Upload/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fotoservice.fotoquelle.nl/FOTOQUELLE/UserControls/Part/Upload/ImageUploader4.cab O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 10308 bytes ---------- Post toegevoegd om 18:48 ---------- Vorige post was om 18:40 ---------- WMI diag geeft volgende resultaten. Zijn nogal wat problemen. Wat is jullie advies? Hoe oplossen? .1602 20:46:00 (0) ** WMIDiag v2.0 started on maandag 18 oktober 2010 at 20:45. .1603 20:46:00 (0) ** .1604 20:46:00 (0) ** Copyright © Microsoft Corporation. All rights reserved - January 2007. .1605 20:46:00 (0) ** .1606 20:46:00 (0) ** This script is not supported under any Microsoft standard support program or service. .1607 20:46:00 (0) ** The script is provided AS IS without warranty of any kind. Microsoft further disclaims all .1608 20:46:00 (0) ** implied warranties including, without limitation, any implied warranties of merchantability .1609 20:46:00 (0) ** or of fitness for a particular purpose. The entire risk arising out of the use or performance .1610 20:46:00 (0) ** of the scripts and documentation remains with you. In no event shall Microsoft, its authors, .1611 20:46:00 (0) ** or anyone else involved in the creation, production, or delivery of the script be liable for .1612 20:46:00 (0) ** any damages whatsoever (including, without limitation, damages for loss of business profits, .1613 20:46:00 (0) ** business interruption, loss of business information, or other pecuniary loss) arising out of .1614 20:46:00 (0) ** the use of or inability to use the script or documentation, even if Microsoft has been advised .1615 20:46:00 (0) ** of the possibility of such damages. .1616 20:46:00 (0) ** .1617 20:46:00 (0) ** .1618 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1619 20:46:00 (0) ** ----------------------------------------------------- WMI REPORT: BEGIN ---------------------------------------------------------- .1620 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1621 20:46:00 (0) ** .1622 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1623 20:46:00 (0) ** Windows XP - No service pack - 32-bit (2600) - User '119821580317\H&M' on computer '119821580317'. .1624 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1625 20:46:00 (0) ** Environment: ........................................................................................................ OK.. .1626 20:46:00 (0) ** There are no missing WMI system files: .............................................................................. OK. .1627 20:46:00 (0) ** There are no missing WMI repository files: .......................................................................... OK. .1628 20:46:00 (0) ** WMI repository state: ............................................................................................... N/A. .1629 20:46:00 (0) ** BEFORE running WMIDiag: .1630 20:46:00 (0) ** The WMI repository has a size of: ................................................................................... 25 MB. .1631 20:46:00 (0) ** - Disk free space on 'C:': .......................................................................................... 155493 MB. .1632 20:46:00 (0) ** - INDEX.BTR, 1998848 bytes, 18-10-2010 20:32:40 .1633 20:46:00 (0) ** - INDEX.MAP, 1012 bytes, 18-10-2010 20:32:40 .1634 20:46:00 (0) ** - OBJECTS.DATA, 23838720 bytes, 18-10-2010 20:32:40 .1635 20:46:00 (0) ** - OBJECTS.MAP, 11672 bytes, 18-10-2010 20:32:40 .1636 20:46:00 (0) ** AFTER running WMIDiag: .1637 20:46:00 (0) ** The WMI repository has a size of: ................................................................................... 25 MB. .1638 20:46:00 (0) ** - Disk free space on 'C:': .......................................................................................... 155493 MB. .1639 20:46:00 (0) ** - INDEX.BTR, 1998848 bytes, 18-10-2010 20:32:40 .1640 20:46:00 (0) ** - INDEX.MAP, 1012 bytes, 18-10-2010 20:32:40 .1641 20:46:00 (0) ** - OBJECTS.DATA, 23838720 bytes, 18-10-2010 20:32:40 .1642 20:46:00 (0) ** - OBJECTS.MAP, 11672 bytes, 18-10-2010 20:32:40 .1643 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1644 20:46:00 (0) ** Windows Firewall: ................................................................................................... NOT INSTALLED. .1645 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1646 20:46:00 (0) ** DCOM Status: ........................................................................................................ OK. .1647 20:46:00 (2) !! WARNING: WMI registry setup: ........................................................................................ SERVICE SETUP ISSUES! .1648 20:46:00 (0) ** => If the WMI service is RUNNING and if registry settings are not correct, .1649 20:46:00 (0) ** you should check which registry key is subject to modifications (below in this report). .1650 20:46:00 (0) ** You can eventually repair the registry: .1651 20:46:00 (0) ** - manually with REGEDIT.EXE. .1652 20:46:00 (0) ** - by importing the missing registry keys from a working system (same Windows version, same SP level). .1653 20:46:00 (0) ** - You can also repair the WMI Service registry setup by re-creating the WMI service .1654 20:46:00 (0) ** setup with the following command: .1655 20:46:00 (0) ** i.e. 'SC.EXE CREATE WINMGMT BINPATH= C:\WINDOWS\SYSTEM32\WBEM\WINMGMT.EXE START= AUTO' .1656 20:46:00 (0) ** Note: The SC.EXE command is available in the Windows Resource Kit. .1657 20:46:00 (0) ** If the command fails because the WMI service name already exists, .1658 20:46:00 (0) ** you can delete the existing definition with the following command: .1659 20:46:00 (0) ** i.e. 'SC.EXE DELETE WINMGMT' .1660 20:46:00 (0) ** If the SC.EXE command does not work, you can delete with REGEDIT.EXE the registry hive at: .1661 20:46:00 (0) ** 'HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt' .1662 20:46:00 (0) ** and re-execute the 'SC.EXE CREATE' command above. .1663 20:46:00 (0) ** Note: It could be required to reboot the system to refresh the Service Control Manager configuration. .1664 20:46:00 (0) ** - Once the WMI service is re-created: .1665 20:46:00 (0) ** - Make sure there is no other registry keys missing or wrongly configured. .1666 20:46:00 (0) ** You can manually add the missing keys with REGEDIT. .1667 20:46:00 (0) ** - After re-creating the registry, and fixing ALL missing entries, you must configure .1668 20:46:00 (0) ** the WMI service to run as a STANDALONE service host or as a SHARED service host (SvcHost) .1669 20:46:00 (0) ** You can achieve this by running ONE of the following commands (case sensitive): .1670 20:46:00 (0) ** - to configure the service to run as a SHARED service host (recommended): .1671 20:46:00 (0) ** i.e. 'RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL,MoveToShared' .1672 20:46:00 (0) ** - if you have issue to get the WMI service running as a SHARED service host, it .1673 20:46:00 (0) ** can be configured to run as a STANDALONE service host: .1674 20:46:00 (0) ** i.e. 'RUNDLL32.EXE C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL,MoveToAlone' .1675 20:46:00 (0) ** => Reboot the system. .1676 20:46:00 (0) ** .1677 20:46:00 (0) ** WMI Service has no dependents: ...................................................................................... OK. .1678 20:46:00 (0) ** RPCSS service: ...................................................................................................... OK (Already started). .1679 20:46:00 (0) ** WINMGMT service: .................................................................................................... OK (Already started). .1680 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1681 20:46:00 (0) ** WMI service DCOM setup: ............................................................................................. OK. .1682 20:46:00 (2) !! WARNING: WMI DCOM components registration is missing for the following EXE/DLLs: .................................... 6 WARNING(S)! .1683 20:46:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{7A0227F6-7108-11D1-AD90-00C04FD8FDFF}\InProcServer32) .1684 20:46:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{D71EE747-F455-4804-9DF6-2ED81025F2C1}\InProcServer32) .1685 20:46:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL (\CLSID\{ED51D12E-511F-4999-8DCD-C2BAC91BE86E}\InProcServer32) .1686 20:46:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{4C6055D8-84B9-4111-A7D3-6623894EEDB3}\InProcServer32) .1687 20:46:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{A1044801-8F7E-11D1-9E7C-00C04FC324A8}\InProcServer32) .1688 20:46:00 (0) ** - C:\WINDOWS\SYSTEM32\WBEM\WBEMPROX.DLL (\CLSID\{F7CE2E13-8C90-11D1-9E7B-00C04FC324A8}\InProcServer32) .1689 20:46:00 (0) ** => WMI System components are not properly registered as COM objects, which could make WMI to .1690 20:46:00 (0) ** fail depending on the operation requested. .1691 20:46:00 (0) ** => For a .DLL, you can correct the DCOM configuration by executing the 'REGSVR32.EXE <Filename.DLL>' command. .1692 20:46:00 (0) ** .1693 20:46:00 (0) ** WMI ProgID registrations: ........................................................................................... OK. .1694 20:46:00 (0) ** WMI provider DCOM registrations: .................................................................................... OK. .1695 20:46:00 (0) ** WMI provider CIM registrations: ..................................................................................... OK. .1696 20:46:00 (0) ** WMI provider CLSIDs: ................................................................................................ OK. .1697 20:46:00 (0) ** WMI providers EXE/DLL availability: ................................................................................. OK. .1698 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1699 20:46:00 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. .1700 20:46:00 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! .1701 20:46:00 (0) ** - REMOVED ACE: .1702 20:46:00 (0) ** ACEType: &h0 .1703 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1704 20:46:00 (0) ** ACEFlags: &h0 .1705 20:46:00 (0) ** ACEMask: &h1 .1706 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1707 20:46:00 (0) ** .1708 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1709 20:46:00 (0) ** Removing default security will cause some operations to fail! .1710 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1711 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1712 20:46:00 (0) ** .1713 20:46:00 (0) ** DCOM security for 'My Computer' (Launch & Activation Permissions/Edit Default): ..................................... MODIFIED. .1714 20:46:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! .1715 20:46:00 (0) ** - REMOVED ACE: .1716 20:46:00 (0) ** ACEType: &h0 .1717 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1718 20:46:00 (0) ** ACEFlags: &h0 .1719 20:46:00 (0) ** ACEMask: &h1 .1720 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1721 20:46:00 (0) ** .1722 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1723 20:46:00 (0) ** Removing default security will cause some operations to fail! .1724 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1725 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1726 20:46:00 (0) ** .1727 20:46:00 (0) ** DCOM security for 'Windows Management Instrumentation' (Launch & Activation Permissions): ........................... MODIFIED. .1728 20:46:00 (1) !! ERROR: Default trustee 'EVERYONE' has been REMOVED! .1729 20:46:00 (0) ** - REMOVED ACE: .1730 20:46:00 (0) ** ACEType: &h0 .1731 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1732 20:46:00 (0) ** ACEFlags: &h0 .1733 20:46:00 (0) ** ACEMask: &h1 .1734 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1735 20:46:00 (0) ** .1736 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1737 20:46:00 (0) ** Removing default security will cause some operations to fail! .1738 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1739 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1740 20:46:00 (0) ** .1741 20:46:00 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. .1742 20:46:00 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! .1743 20:46:00 (0) ** - REMOVED ACE: .1744 20:46:00 (0) ** ACEType: &h0 .1745 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1746 20:46:00 (0) ** ACEFlags: &h0 .1747 20:46:00 (0) ** ACEMask: &h1 .1748 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1749 20:46:00 (0) ** .1750 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1751 20:46:00 (0) ** Removing default security will cause some operations to fail! .1752 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1753 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1754 20:46:00 (0) ** .1755 20:46:00 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. .1756 20:46:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! .1757 20:46:00 (0) ** - REMOVED ACE: .1758 20:46:00 (0) ** ACEType: &h0 .1759 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1760 20:46:00 (0) ** ACEFlags: &h0 .1761 20:46:00 (0) ** ACEMask: &h1 .1762 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1763 20:46:00 (0) ** .1764 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1765 20:46:00 (0) ** Removing default security will cause some operations to fail! .1766 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1767 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1768 20:46:00 (0) ** .1769 20:46:00 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. .1770 20:46:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\NETWORK SERVICE' has been REMOVED! .1771 20:46:00 (0) ** - REMOVED ACE: .1772 20:46:00 (0) ** ACEType: &h0 .1773 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1774 20:46:00 (0) ** ACEFlags: &h0 .1775 20:46:00 (0) ** ACEMask: &h1 .1776 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1777 20:46:00 (0) ** .1778 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1779 20:46:00 (0) ** Removing default security will cause some operations to fail! .1780 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1781 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1782 20:46:00 (0) ** .1783 20:46:00 (0) ** DCOM security for 'Microsoft WMI Provider Subsystem Host' (Launch & Activation Permissions): ........................ MODIFIED. .1784 20:46:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\LOCAL SERVICE' has been REMOVED! .1785 20:46:00 (0) ** - REMOVED ACE: .1786 20:46:00 (0) ** ACEType: &h0 .1787 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1788 20:46:00 (0) ** ACEFlags: &h0 .1789 20:46:00 (0) ** ACEMask: &h1 .1790 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1791 20:46:00 (0) ** .1792 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1793 20:46:00 (0) ** Removing default security will cause some operations to fail! .1794 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1795 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1796 20:46:00 (0) ** .1797 20:46:00 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED. .1798 20:46:00 (1) !! ERROR: Default trustee 'BUILTIN\ADMINISTRATORS' has been REMOVED! .1799 20:46:00 (0) ** - REMOVED ACE: .1800 20:46:00 (0) ** ACEType: &h0 .1801 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1802 20:46:00 (0) ** ACEFlags: &h0 .1803 20:46:00 (0) ** ACEMask: &h1 .1804 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1805 20:46:00 (0) ** .1806 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1807 20:46:00 (0) ** Removing default security will cause some operations to fail! .1808 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1809 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1810 20:46:00 (0) ** .1811 20:46:00 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED. .1812 20:46:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\INTERACTIVE' has been REMOVED! .1813 20:46:00 (0) ** - REMOVED ACE: .1814 20:46:00 (0) ** ACEType: &h0 .1815 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1816 20:46:00 (0) ** ACEFlags: &h0 .1817 20:46:00 (0) ** ACEMask: &h1 .1818 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1819 20:46:00 (0) ** .1820 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1821 20:46:00 (0) ** Removing default security will cause some operations to fail! .1822 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1823 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1824 20:46:00 (0) ** .1825 20:46:00 (0) ** DCOM security for 'Microsoft WBEM UnSecured Apartment' (Launch & Activation Permissions): ........................... MODIFIED. .1826 20:46:00 (1) !! ERROR: Default trustee 'NT AUTHORITY\SYSTEM' has been REMOVED! .1827 20:46:00 (0) ** - REMOVED ACE: .1828 20:46:00 (0) ** ACEType: &h0 .1829 20:46:00 (0) ** ACCESS_ALLOWED_ACE_TYPE .1830 20:46:00 (0) ** ACEFlags: &h0 .1831 20:46:00 (0) ** ACEMask: &h1 .1832 20:46:00 (0) ** DCOM_RIGHT_EXECUTE .1833 20:46:00 (0) ** .1834 20:46:00 (0) ** => The REMOVED ACE was part of the DEFAULT setup for the trustee. .1835 20:46:00 (0) ** Removing default security will cause some operations to fail! .1836 20:46:00 (0) ** It is possible to fix this issue by editing the security descriptor and adding the ACE. .1837 20:46:00 (0) ** For DCOM objects, this can be done with 'DCOMCNFG.EXE'. .1838 20:46:00 (0) ** .1839 20:46:00 (0) ** .1840 20:46:00 (0) ** DCOM security warning(s) detected: .................................................................................. 0. .1841 20:46:00 (0) ** DCOM security error(s) detected: .................................................................................... 10. .1842 20:46:00 (0) ** WMI security warning(s) detected: ................................................................................... 0. .1843 20:46:00 (0) ** WMI security error(s) detected: ..................................................................................... 0. .1844 20:46:00 (0) ** .1845 20:46:00 (1) !! ERROR: Overall DCOM security status: ................................................................................ ERROR! .1846 20:46:00 (0) ** Overall WMI security status: ........................................................................................ OK. .1847 20:46:00 (0) ** - Started at 'Root' -------------------------------------------------------------------------------------------------------------- .1848 20:46:00 (0) ** WMI permanent SUBSCRIPTION(S): ...................................................................................... NONE. .1849 20:46:00 (0) ** WMI TIMER instruction(s): ........................................................................................... NONE. .1850 20:46:00 (1) !! ERROR: WMI ADAP status: ............................................................................................. NOT AVAILABLE. .1851 20:46:00 (0) ** You can start the WMI AutoDiscovery/AutoPurge (ADAP) process to resynchronize .1852 20:46:00 (0) ** the performance counters with the WMI performance classes with the following commands: .1853 20:46:00 (0) ** i.e. 'WINMGMT.EXE /CLEARADAP' .1854 20:46:00 (0) ** i.e. 'WINMGMT.EXE /RESYNCPERF' .1855 20:46:00 (0) ** The ADAP process logs informative events in the Windows NT event log. .1856 20:46:00 (0) ** More information can be found on MSDN at: .1857 20:46:00 (0) ** Content not found .1858 20:46:00 (1) !! ERROR: WMI MONIKER CONNECTION errors occured for the following namespaces: .......................................... 1 ERROR(S)! .1859 20:46:00 (0) ** - Root, 0x1AD - ActiveX-onderdeel kan geen object maken. .1860 20:46:00 (0) ** .1861 20:46:00 (1) !! ERROR: WMI CONNECTION errors occured for the following namespaces: .................................................. 5 ERROR(S)! .1862 20:46:00 (0) ** - Root, 0x80040154 - Klasse is niet geregistreerd. .1863 20:46:00 (0) ** - Root, 0x80040154 - Klasse is niet geregistreerd. .1864 20:46:00 (0) ** - Root/Default, 0x80040154 - Klasse is niet geregistreerd. .1865 20:46:00 (0) ** - Root/CIMv2, 0x80040154 - Klasse is niet geregistreerd. .1866 20:46:00 (0) ** - Root/WMI, 0x80040154 - Klasse is niet geregistreerd. .1867 20:46:00 (0) ** .1868 20:46:00 (0) ** WMI GET operations: ................................................................................................. OK. .1869 20:46:00 (0) ** WMI MOF representations: ............................................................................................ OK. .1870 20:46:00 (0) ** WMI QUALIFIER access operations: .................................................................................... OK. .1871 20:46:00 (0) ** WMI ENUMERATION operations: ......................................................................................... OK. .1872 20:46:00 (0) ** WMI EXECQUERY operations: ........................................................................................... OK. .1873 20:46:00 (0) ** WMI GET VALUE operations: ........................................................................................... OK. .1874 20:46:00 (0) ** WMI WRITE operations: ............................................................................................... NOT TESTED. .1875 20:46:00 (0) ** WMI PUT operations: ................................................................................................. NOT TESTED. .1876 20:46:00 (0) ** WMI DELETE operations: .............................................................................................. NOT TESTED. .1877 20:46:00 (0) ** WMI static instances retrieved: ..................................................................................... 0. .1878 20:46:00 (0) ** WMI dynamic instances retrieved: .................................................................................... 0. .1879 20:46:00 (0) ** WMI instance request cancellations (to limit performance impact): ................................................... 0. .1880 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1881 20:46:00 (0) ** .1882 20:46:00 (0) ** 1 error(s) 0x1AD - (WBEM_UNKNOWN) This error code is external to WMI. .1883 20:46:00 (0) ** .1884 20:46:00 (0) ** 5 error(s) 0x80040154 - (WBEM_UNKNOWN) This error code is external to WMI. .1885 20:46:00 (0) ** => This error is not a WMI error. This error is a DCOM component registration error. .1886 20:46:00 (0) ** The registry information for DCOM to initialize a DCOM object is missing or wrongly configured. .1887 20:46:00 (0) ** - An application has changed the COM/DCOM settings of OLE32.DLL and/or OLEAUT32.DLL. .1888 20:46:00 (0) ** - The registry settings of COM/DCOM has been damage or wrongly modified. .1889 20:46:00 (0) ** - The registry security settings of COM/DCOM has been damage or wrongly modified. .1890 20:46:00 (0) ** => To correct this situation, you must re-register the original COM/DCOM DLLs with REGSVR32.EXE .1891 20:46:00 (0) ** i.e. 'REGSVR32.EXE OLE32.DLL' .1892 20:46:00 (0) ** i.e. 'REGSVR32.EXE OLEAUT32.DLL' .1893 20:46:00 (0) ** => Verify WMIDiag report if ERRORS or WARNINGS are reported about the DCOM security for .1894 20:46:00 (0) ** the following DCOM objects: .1895 20:46:00 (0) ** - 'My Computer' .1896 20:46:00 (0) ** - 'Windows Management Instrumentation' .1897 20:46:00 (0) ** - 'Microsoft WMI Provider Subsystem Host' .1898 20:46:00 (0) ** - 'Microsoft WBEM UnSecured Apartment' .1899 20:46:00 (0) ** => You must also verify with 'REGEDIT.EXE', if the 'Users' builtin group is granted read access for .1900 20:46:00 (0) ** the following registry hives: .1901 20:46:00 (0) ** - HKCR\APPID .1902 20:46:00 (0) ** - HKCR\CLSID .1903 20:46:00 (0) ** - HKCR\APPID\{1BE1F766-5536-11D1-B726-00C04FB926AF} (WinMgmt EventSystem APPID keys) .1904 20:46:00 (0) ** - HKCR\CLSID\{1BE1F766-5536-11D1-B726-00C04FB926AF} (WinMgmt EventSystem CLSID keys) .1905 20:46:00 (0) ** - HKCR\APPID\{8BC3F05E-D86B-11D0-A075-00C04FB68820} (WinMgmt APPID keys) .1906 20:46:00 (0) ** - HKCR\CLSID\{8BC3F05E-D86B-11D0-A075-00C04FB68820} (WinMgmt CLSID keys) .1907 20:46:00 (0) ** .1908 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1909 20:46:00 (0) ** Unexpected, wrong or missing registry key values: ................................................................... 1 KEY(S)! .1910 20:46:00 (1) !! ERROR: Unexpected registry key value: .1911 20:46:00 (0) ** - Current: HKLM\SYSTEM\CurrentControlSet\Services\winmgmt\Type (REG_DWORD) -> &h120 .1912 20:46:00 (0) ** - Expected: HKLM\SYSTEM\CurrentControlSet\Services\winmgmt\Type (REG_DWORD) -> &h20 .1913 20:46:00 (0) ** From the command line, the registry configuration can be corrected with the following command: .1914 20:46:00 (0) ** i.e. 'REG.EXE Add "HKLM\SYSTEM\CurrentControlSet\Services\winmgmt" /v "Type" /t "REG_DWORD" /d "32" /f' .1915 20:46:00 (0) ** .1916 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1917 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1918 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1919 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1920 20:46:00 (0) ** .1921 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1922 20:46:00 (0) ** ------------------------------------------------------ WMI REPORT: END ----------------------------------------------------------- .1923 20:46:00 (0) ** ---------------------------------------------------------------------------------------------------------------------------------- .1924 20:46:00 (0) ** .1925 20:46:00 (0) ** ERROR: WMIDiag detected issues that could prevent WMI to work properly!. Check 'C:\DOCUMENTS AND SETTINGS\H&M\LOCAL SETTINGS\TEMP\WMIDIAG-V2.0_XP___.CLI.RTM.32_119821580317_2010.10.18_20.45.40.LOG' for details. .1926 20:46:00 (0) ** .1927 20:46:00 (0) ** WMIDiag v2.0 ended on maandag 18 oktober 2010 at 20:46 (W:51 E:41 S:1). ---------- Post toegevoegd om 18:52 ---------- Vorige post was om 18:48 ---------- Zou herinstallatie van windows XP beste optie zijn? Ik zit dan nog te denken om eerst de laatste updat van Windows XP = Service Pack 3 te deinstalleren en dan deze SP3 opnieuw te installeren? Zou dit probleem kunnen oplossen? Zo niet en stel dat ik volledige herinstallatie moet doen, hoe doe ik dat dan met mijn voorgeïnstalleerde versie van Windows XP? Ik heb nu alleen maar master/recovery CD's.

Probleem is echter dat ik niemand ken die ook Windows XP op CD's heeft staan, dus lenen is niet mogelijk.

Ik zit nu eigenlijk met 2 zaken: 1) Ik heb in het weekend ontdekt dat ik WMI foutmeldingen krijg. Zou dit de oorzaak van de problemen kunnen zijn en zo ja, hoe kan ik WMI fouten het beste oplossen? 2) De opdracht sfc / scannow heb ik vrij recent nog uitgevoerd (wel vóór uitvoeren ComboFix) Ik heb echter een Packard Bell met voorgeïnstalleerde Windows XP. Ik heb dus géén originele Windows CD's. Wel heb ik een aantal Master/Recovery CD's. Is dit dan een probleem bij het uivoeren van de opdracht? Een aantal van de bij het uitvoeren van de opdracht sfc / scannow gevraagde bestanden heb ik dus moeten overslaan, omdat gevraagd werd naar een Windows CD die ik niet heb (en nooit heb gehad).

Ja, precies met dezelfde problemen nog.

Hier de logfile na runnen combofix. Morgen (zondag) ben ik trouwens niet online. Het kan ook even duren voor ik reageer. ComboFix 10-10-15.04 - H&M 16-10-2010 19:56:08.1.2 - x86 Gestart vanuit: c:\documents and settings\H&M\Bureaublad\ComboFix.exe * Nieuw herstelpunt werd aangemaakt . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Menu Start\HP Image Zone .lnk C:\PSK103.tmp c:\windows\system32\Thumbs.db . (((((((((((((((((((( Bestanden Gemaakt van 2010-09-16 to 2010-10-16 )))))))))))))))))))))))))))))) . 2010-10-14 18:00 . 2010-10-14 18:08 -------- d-----w- c:\program files\Eusing Free Registry Cleaner 2010-10-12 19:36 . 2008-04-14 17:02 116736 ----a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2010-10-12 19:36 . 2001-09-06 19:27 23040 ----a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2010-10-12 19:36 . 2008-04-14 17:02 18944 ----a-w- c:\windows\system32\dllcache\xrxscnui.dll 2010-10-12 19:36 . 2001-09-06 19:27 27648 ----a-w- c:\windows\system32\dllcache\xrxftplt.exe 2010-10-12 19:36 . 2001-09-06 19:27 4608 ----a-w- c:\windows\system32\dllcache\xrxflnch.exe 2010-10-12 19:36 . 2001-09-06 19:27 99865 ----a-w- c:\windows\system32\dllcache\xlog.exe 2010-10-12 19:36 . 2001-08-17 18:11 16970 ----a-w- c:\windows\system32\dllcache\xem336n5.sys 2010-10-12 19:36 . 2004-08-03 20:29 19455 ----a-w- c:\windows\system32\dllcache\wvchntxx.sys 2010-10-12 19:36 . 2004-08-03 20:29 12063 ----a-w- c:\windows\system32\dllcache\wsiintxx.sys 2010-10-12 19:34 . 2001-08-17 18:13 19016 ----a-w- c:\windows\system32\dllcache\w926nd.sys 2010-10-12 19:33 . 2001-08-17 19:28 793598 ----a-w- c:\windows\system32\dllcache\usr1806.sys 2010-10-12 19:32 . 2001-08-17 18:51 166784 ----a-w- c:\windows\system32\dllcache\tridxpm.sys 2010-10-12 19:31 . 2001-08-17 18:13 17129 ----a-w- c:\windows\system32\dllcache\tdkcd31.sys 2010-10-12 19:30 . 2001-09-06 19:27 53248 ----a-w- c:\windows\system32\dllcache\stlncoin.dll 2010-10-12 19:29 . 2004-09-02 12:00 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll 2010-10-12 19:28 . 2001-09-06 19:26 157696 ----a-w- c:\windows\system32\dllcache\sisv256.dll 2010-10-12 19:27 . 2001-09-06 19:27 26112 ----a-w- c:\windows\system32\dllcache\EXCH_seos.dll 2010-10-12 19:26 . 2001-09-06 19:26 62496 ----a-w- c:\windows\system32\dllcache\s3mtrio.dll 2010-10-12 19:25 . 2001-09-06 18:29 715210 ----a-w- c:\windows\system32\dllcache\r2mdmkxx.sys 2010-10-12 19:24 . 2001-08-17 20:04 92416 ----a-w- c:\windows\system32\dllcache\phildec.sys 2010-10-12 19:23 . 2001-09-06 19:27 20480 ----a-w- c:\windows\system32\dllcache\ovcomc.dll 2010-10-12 19:22 . 2001-08-17 18:20 87040 ----a-w- c:\windows\system32\dllcache\nm6wdm.sys 2010-10-12 19:21 . 2001-09-06 17:31 53279 ----a-w- c:\windows\system32\dllcache\n1000nt5.sys 2010-10-12 19:20 . 2001-08-17 19:57 16128 ----a-w- c:\windows\system32\dllcache\modemcsa.sys 2010-10-12 19:19 . 2001-09-06 16:39 577194 ----a-w- c:\windows\system32\dllcache\ltmdmntl.sys 2010-10-12 19:18 . 2001-08-17 18:12 45632 ----a-w- c:\windows\system32\dllcache\ip5515.sys 2010-10-12 19:17 . 2001-08-17 18:12 100936 ----a-w- c:\windows\system32\dllcache\ibmtok.sys 2010-10-12 19:16 . 2001-09-06 19:26 324608 ----a-w- c:\windows\system32\dllcache\hpojwia.dll 2010-10-12 19:15 . 2001-09-06 19:26 470144 ----a-w- c:\windows\system32\dllcache\g200d.dll 2010-10-12 19:14 . 2001-09-06 19:26 34816 ----a-w- c:\windows\system32\dllcache\esuimg.dll 2010-10-12 19:13 . 2001-08-17 18:10 24653 ----a-w- c:\windows\system32\dllcache\el574nd4.sys 2010-10-12 19:12 . 2001-09-06 19:26 41046 ----a-w- c:\windows\system32\dllcache\digiisdn.dll 2010-10-12 19:11 . 2001-08-17 18:19 42112 ----a-w- c:\windows\system32\dllcache\crtaud.sys 2010-10-12 19:10 . 2001-09-06 16:47 13952 ----a-w- c:\windows\system32\dllcache\bulltlp3.sys 2010-10-12 19:09 . 2001-08-17 19:47 6272 ----a-w- c:\windows\system32\dllcache\apmbatt.sys 2010-10-12 19:01 . 2004-09-02 12:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll 2010-10-12 19:01 . 2001-09-06 19:26 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll 2010-10-12 19:00 . 2004-09-02 12:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe 2010-10-12 19:00 . 2004-09-02 12:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll 2010-10-12 19:00 . 2004-09-02 12:00 171520 ----a-w- c:\windows\system32\dllcache\iisui.dll 2010-10-12 19:00 . 2004-09-02 12:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll 2010-10-12 19:00 . 2004-09-02 12:00 15360 ----a-w- c:\windows\system32\dllcache\iisreset.exe 2010-10-12 19:00 . 2004-09-02 12:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll 2010-10-12 17:06 . 2010-10-12 17:06 -------- d-----w- c:\documents and settings\H&M\Application Data\TeamViewer 2010-10-12 04:51 . 2010-07-22 01:27 43952 ----a-r- c:\windows\system32\drivers\SymIM.sys 2010-10-11 21:01 . 2004-09-02 12:00 18944 ----a-w- c:\windows\system32\simptcp.dll 2010-10-11 21:01 . 2004-09-02 12:00 18944 ----a-w- c:\windows\system32\dllcache\simptcp.dll 2010-10-11 20:48 . 2010-10-16 11:05 -------- d--h--r- c:\documents and settings\H&M\Onlangs geopend 2010-10-11 17:44 . 2010-10-16 17:10 -------- d-----w- c:\windows\system32\NtmsData 2010-09-20 17:16 . 2010-09-20 17:19 -------- d-----w- c:\windows\system32\drivers\NIS\1201000.025 . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SmpcSys"="c:\apps\SMP\SmpSys.exe" [2005-12-08 975360] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 61952] "RTHDCPL"="RTHDCPL.EXE" [2005-12-09 15691264] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-02 208952] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service] 2010-03-18 09:19 207360 ----a-w- c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DetectorApp] 2005-10-20 04:15 102400 ----a-w- c:\program files\Sonic\DigitalMedia LE v7\MyDVD LE\DetectorApp.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-05-14 09:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2007-07-27 18:23 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 135664] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1201000.025\SYMDS.SYS [2010-06-13 339504] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1201000.025\SYMEFA.SYS [2010-07-29 666672] S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2008-01-29 11392] S1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20101001.001\BHDrvx86.sys [2010-08-31 692272] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1201000.025\Ironx86.SYS [2010-06-27 134704] S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe [2010-07-23 126904] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-09-18 102448] S3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20101015.003\IDSxpx86.sys [2010-10-13 341880] . Inhoud van de 'Gedeelde Taken' map 2010-10-16 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-01-26 18:07] 2010-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 12:38] 2010-10-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-05 12:38] 2010-10-15 c:\windows\Tasks\HPpromotions journeysoftware.job - c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 16:36] 2010-10-11 c:\windows\Tasks\Norton Internet Security - Volledige systeemscan uitvoeren - H&M.job - c:\program files\Norton Internet Security\Engine\18.1.0.37\Navw32.exe [2010-09-20 03:38] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://webmail.tele2.nl/ uInternet Connection Wizard,ShellNext = hxxp://www.ati.com/ uInternet Settings,ProxyOverride = *.local IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://fotoalbum.fotoquelle.nl/ips-opdata/objects/jordan.cab DPF: {91F52A42-C10D-49A7-B941-882C657C604F} - hxxp://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} - hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\18.1.0.37\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @DACL=(02 0011) @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] @DACL=(02 0011) "Enabled"=dword:00000001 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @DACL=(02 0011) @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe" [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @DACL=(02 0011) @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @DACL=(02 0011) @Denied: (A 2) (Everyone) @="IFlashBroker4" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @DACL=(02 0011) @="{00020424-0000-0000-C000-000000000046}" [HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @DACL=(02 0011) @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*] "3140111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- - - - - - - - > 'winlogon.exe'(820) c:\windows\system32\Ati2evxx.dll . Voltooingstijd: 2010-10-16 20:09:07 ComboFix-quarantined-files.txt 2010-10-16 18:09 Pre-Run: 160.034.725.888 bytes beschikbaar Post-Run: 163.131.219.968 bytes beschikbaar WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /fastdetect /NoExecute=OptIn - - End Of File - - 4938041E5FD220550B5FC3C277107631

Grootste probleem sinds kort is dat nadat ik icoon Deze Computer aanklik het ca. 5 minuten duurt voordat de bestanden in Deze computer worden getoond. Verder als ik een dvd in mijn dvd-speler doe, wordt deze niet meer automatisch afgespeeld en komt er geen keuzewindow om te kiezen met welke speler ik de dvd wil afspelen. Wie kan mij helpen??? Zie Logfile HijackThis hieronder. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:05:13, on 16-10-2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\APPS\SMP\SmpSys.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\tcpsvcs.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=NL&range=AD&phase=6&key=SEARCH R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Tele2 Webmail R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Global Provider of Innovative Graphics, Processors and Media Solutions | AMD R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\IPSBHO.DLL O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: MSTBR - {10CA15EA-C0A5-7CAF-B9E9-B8B2A87EFE11} - C:\PROGRA~1\Wanadoo\GLOBAL\Mstbr\mstbr.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32" O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [smpcSys] C:\APPS\SMP\SmpSys.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\S-1-5-21-3173767491-1033059411-1657883583-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\nl.htm O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - Pagina niet gevonden | Facebook O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://fotoalbum.fotoquelle.nl/ips-opdata/objects/jordan.cab O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.nl/s/v/51.23/uploader2.cab O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h20264.www2.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://fotoservice.fotoquelle.nl/FOTOQUELLE/UserControls/Part/Upload/ImageUploader5.cab O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://fotoservice.fotoquelle.nl/FOTOQUELLE/UserControls/Part/Upload/ImageUploader4.cab O16 - DPF: {91F52A42-C10D-49A7-B941-882C657C604F} (Installation Helper Object) - http://kitcentral.wanadoo.nl/download/install/win32/nl/instwact/instwact.dll O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader4.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab O16 - DPF: {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} (CycloScopeLite Control) - http://www.cyclomedia.nl/download/components/CycloScopeLite.cab O16 - DPF: {E36C5562-C4E0-4220-BCB2-1C671E3A5916} (Seagate SeaTools English Online) - file:///C:/DRIVERS/snapsys/HDDDiag/bin/npseatools.cab O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.1.0.37\ccSvcHst.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: USBDeviceService - Unknown owner - C:\Program Files\Sonic\DigitalMedia LE v7\MyDVD LE\USBDeviceService.exe -- End of file - 10886 bytes