start up lijst/beetje veel
StartupList report, 5-7-2004, 3:58:26
StartupList version: 1.52
Started from : C:\DOCUME~1\MONIQU~1.AAL\LOCALS~1\Temp\StartupList.EXE
Detected: Windows XP (WinNT 5.01.2600)
Detected: Internet Explorer v6.00 (6.00.2600.0000)
* Using default options
==================================================
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\System32\cisvc.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program Files\Outlook Express\msimn.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hotbar\bin\4.4.6.0\HbSrv.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\MONIQU~1.AAL\LOCALS~1\Temp\StartupList.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\System32\Userinit.exe
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
IST Service = C:\Program Files\ISTsvc\istsvc.exe
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
msnmsgr = "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
Update Service = C:\PROGRA~1\COMMON~1\TEKNUM~1\update.exe /startup
--------------------------------------------------
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(Default) = %1
--------------------------------------------------
Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\System32\f3pssavr.scr
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\WINDOWS\twaintec.dll - {000020DD-C72E-4113-AF77-DD56626C6C42}
(no name) - (no file) - {0428FFC7-1931-45b7-95CB-3CBB919777E1}
(no name) - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - (no file) - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\PROGRA~1\SURFFI~1\drive iso.dll - {5EE0F88D-E736-D99B-FE23-643FC424ACD1}
(no name) - C:\WINDOWS\2_0_1browserhelper2.dll - {83DE62E0-5805-11D8-9B25-00E04C60FAF2}
(no name) - C:\PROGRA~1\FLASHGET\jccatch.dll - {A5366673-E8CA-11D3-9CD9-0090271D075B}
Hotbar - C:\Program Files\Hotbar\bin\4.4.6.0\HbHostIE.dll - {B195B3B3-8A05-11D3-97A4-0004ACA6948E}
Core Library - C:\WINDOWS\System32\KDP5e53.dll - {F281FFC7-6C63-4bf9-83F2-AB7A6157B109}
--------------------------------------------------
Enumerating Task Scheduler jobs:
Symantec NetDetect.job
Schijfopruiming.job
--------------------------------------------------
Enumerating Download Program Files:
[IELoaderCtl Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ieloader.dll
CODEBASE =
http://install.global-netcom.de/ieloader.cab
[Checkers Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\msgrchkr.dll
CODEBASE =
http://messenger.zone.msn.com/binary/msgrchkr.cab
[{02C20140-76F8-4763-83D5-B660107B7A90}]
CODEBASE =
http://63.217.29.115/cax.cab
[{10954C80-4F0F-11D3-B17C-00C0DFE39736}]
CODEBASE =
http://crackspider.net/crackspider.exe
[Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ISTactivex.dll
CODEBASE =
http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_download.cab
[Shockwave ActiveX Control]
InProcServer32 = C:\WINDOWS\system32\Macromed\Director\SwDir.dll
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
[MSSecurityAdvisor Class]
InProcServer32 = C:\WINDOWS\System32\mssecadv.dll
CODEBASE =
http://download.microsoft.com/downl...-a3de-373c3e5552fc/msSecAdv.cab?1083756542482
[{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}]
CODEBASE =
http://imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
[Web P2P Installer]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll
[{2119776A-F1AD-4FCD-9548-F1E1C615350C}]
CODEBASE =
http://www.stop-sign.com/pub/download/scandl_cnry.cab
[Office Update Installation Engine]
InProcServer32 = C:\WINDOWS\opuc.dll
CODEBASE =
http://office.microsoft.com/officeupdate/content/opuc.cab
[SeeStorm AvatarPlayer]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\AvatarPlayer.dll
CODEBASE =
http://www.facefactory.tv/cab/AvatarPlayer.cab
[{4E15D681-1D20-11D4-8B72-000021DA1956}]
CODEBASE =
http://www.fotovanmijnhuis.nl/plugins/huis48/nl/nl.exe
[dldisplay Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ghdlctl.dll
CODEBASE =
http://www.gamehouse.com/ghdlctl.cab
[HouseCall Besturing]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan53.ocx
CODEBASE =
http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
[AvxScanOnline Control]
InProcServer32 = C:\WINDOWS\AvxOScan\BITDEF~1.OCX
CODEBASE =
http://www.bitdefender.com/scan/Msie/bitdefender.cab
[DialXSCtl Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\dialxs.ocx
CODEBASE =
http://dialxs.nl/install/dialxs.ocx
[MessengerStatsClient Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll
CODEBASE =
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
[{9B4AA442-9EBF-11D5-8C11-0050DA4957F5}]
CODEBASE =
http://www.cavello.com/dialxs/plugins/d/10/072/nl.exe
[{9C691A33-7DDA-4C2F-BE4C-C176083F35CF}]
CODEBASE =
http://www2.flingstone.com/cab/2000XP/CDTInc/bridge-c1.cab
[Update Class]
InProcServer32 = C:\WINDOWS\System32\iuctl.dll
CODEBASE =
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37599.4737268519
[RealArcadeRdxIE Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\RealArcadeRdxIE.dll
CODEBASE =
http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\System32\macromed\flash\Flash.ocx
CODEBASE =
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[SeeStorm AvatarRecorder]
InProcServer32 = C:\WINDOWS\System32\AvatarRecorder.dll
CODEBASE =
http://www.facefactory.tv/cab/AvatarRecorder.cab
[PopCapLoader Object]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\popcaploader.dll
CODEBASE =
http://anu.popcap.com/games/popcaploader_v5.cab
[StarInstall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\STARIN~1.OCX
CODEBASE =
http://install.service-url.de/StarInstall.ocx
[{E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD}]
CODEBASE =
http://download.abacast.com/download/files/abasetup145.cab
[McFreeScan Class]
InProcServer32 = C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll
CODEBASE =
http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4365/mcfscan.cab
[Installer Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\ISTactivex.dll
CODEBASE =
http://www.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
[Solitaire Showdown Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\solitaireshowdown.dll
CODEBASE =
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
[HouseCall Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\xscan51.ocx
CODEBASE =
http://www.housecall.nl/housecall/xscan4.cab
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\System32\webcheck.dll
SysTray: C:\WINDOWS\System32\stobject.dll
--------------------------------------------------
End of report, 9.107 bytes
Report generated in 1,011 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only