Mededeling

Collapse
No announcement yet.

gzmrt.dll

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • gzmrt.dll

    Telkens ik mij computer opstart krijg ik de melding dat de gzmrt.dll file niet kan geladen worden.

    Dit is mij log :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:37:14, on 17/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16640)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
    C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\wt\updater\wcmdmgr.exe
    C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
    C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
    C:\Compaq\EAKDRV\EAUSBKBD.EXE
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\LiveUpdate\LiveUpdate.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ScanSuite\SDetect.exe
    C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fcvdendereh.be/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=0813&s=search&ap=b204
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SurfingAdvisor - {08111E97-AB7D-B099-1D3F-F88F47E13432} - C:\Program Files\SurfingAdvisor\SurfingAdvisor-2.dll (file missing)
    O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)
    O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll (file missing)
    O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll (file missing)
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - {4E0399BE-F3EF-4461-9B0F-452F4119617E} - C:\WINDOWS\system32\ssqolijg.dll (file missing)
    O2 - BHO: Search Assistant MySidesearch - {6156A32A-C512-4e23-AA9A-2315F4265681} - C:\WINDOWS\system32\myss_sb.dll
    O2 - BHO: (no name) - {6DC2D282-D414-435E-8A26-FF3C23AC36EF} - C:\WINDOWS\system32\vtuvtstt.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsc8.dll (file missing)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
    O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
    O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
    O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrt.dll" DllStart
    O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot
    O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Herinneringen van Microsoft Works Agenda.lnk = ?
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Scannerdetector.lnk = C:\Program Files\ScanSuite\SDetect.exe
    O4 - Global Startup: Ulead Acquire Fast.lnk = C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
    O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
    O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/DDD%20Pool/Images/armhelper.ocx
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\system32\rlai.dll,avgrsstx.dll
    O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll
    O20 - Winlogon Notify: vtuvtstt - vtuvtstt.dll (file missing)
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 9657 bytes



    Kan er mij iemand hiermee helpen. Alvast bedankt.
    Last edited by bawa; 17-05-08, 11:50.

  • #2
    Start Hijackthis en vink alleen de volgende regels aan:
    O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)
    O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll (file missing)
    O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll (file missing)
    O2 - BHO: (no name) - {4E0399BE-F3EF-4461-9B0F-452F4119617E} - C:\WINDOWS\system32\ssqolijg.dll (file missing)
    O2 - BHO: Search Assistant MySidesearch - {6156A32A-C512-4e23-AA9A-2315F4265681} - C:\WINDOWS\system32\myss_sb.dll
    O2 - BHO: (no name) - {6DC2D282-D414-435E-8A26-FF3C23AC36EF} - C:\WINDOWS\system32\vtuvtstt.dll (file missing)
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsc8.dll (file missing)
    O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrt.dll" DllStart
    O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot
    O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\system32\rlai.dll,avgrsstx.dll
    O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll
    O20 - Winlogon Notify: vtuvtstt - vtuvtstt.dll (file missing)

    Sluit alle openstaande vensters(behalve Hijackthis) en klik op de knop "Fix checked".

    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Start de computer in veilige modus.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RunMe.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, laat hem nu weer in normale modus starten. Na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.
    Post ook de inhoud van het 2e logje: C:\RVAXO-Vfind.log

    Comment


    • #3
      Ziehier het door u gevraagde log file :

      ---RVAXO.exe Updated: 2008-05-16---first run---
      Uninstallers:

      Files found:
      C:\WINDOWS\BMa71dd0be.txt

      Folders Found:
      C:\WINDOWS\system32\bharebio05
      C:\Program Files\PlayMP3z
      C:\Program Files\FBrowsingAdvisor
      C:\Program Files\FBrowserAdvisor
      C:\Temp\wdlw14

      Hosts-file was reset, If you use a custom hosts file please replace it...

      --------------RVAXO.exe last run---------------
      Not deleted items:

      --------------RVAXO.exe finished----------------

      Comment


      • #4
        Oorspronkelijk geplaatst door smeenk Bekijk Berichten
        Post ook de inhoud van het 2e logje: C:\RVAXO-Vfind.log

        Comment


        • #5



          Logfile of Trend Micro HijackThis v2.0.2
          Scan saved at 12:37:31, on 17/05/2008
          Platform: Windows XP SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v7.00 (7.00.6000.16640)
          Boot mode: Normal

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          C:\WINDOWS\Explorer.EXE
          C:\WINDOWS\system32\spoolsv.exe
          C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
          C:\WINDOWS\System32\nvsvc32.exe
          C:\WINDOWS\System32\svchost.exe
          C:\PROGRA~1\AVG\AVG8\avgrsx.exe
          C:\WINDOWS\system32\wuauclt.exe
          C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
          C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
          C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
          C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
          C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
          C:\PROGRA~1\AVG\AVG8\avgtray.exe
          C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
          C:\WINDOWS\system32\ctfmon.exe
          C:\Compaq\EAKDRV\EAUSBKBD.EXE
          C:\Program Files\Messenger\msmsgs.exe
          C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
          C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          C:\Program Files\LiveUpdate\LiveUpdate.exe
          C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
          C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
          C:\Program Files\ScanSuite\SDetect.exe
          C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
          C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

          R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fcvdendereh.be/
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=0813&s=search&ap=b204
          R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
          R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
          O2 - BHO: SurfingAdvisor - {08111E97-AB7D-B099-1D3F-F88F47E13432} - C:\Program Files\SurfingAdvisor\SurfingAdvisor-2.dll (file missing)
          O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
          O2 - BHO: (no name) - {6DC2D282-D414-435E-8A26-FF3C23AC36EF} - C:\WINDOWS\system32\vtuvtstt.dll (file missing)
          O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
          O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
          O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
          O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
          O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
          O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
          O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
          O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
          O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
          O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
          O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
          O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
          O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
          O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
          O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
          O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
          O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
          O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
          O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
          O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
          O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
          O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
          O4 - Global Startup: Herinneringen van Microsoft Works Agenda.lnk = ?
          O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
          O4 - Global Startup: Scannerdetector.lnk = C:\Program Files\ScanSuite\SDetect.exe
          O4 - Global Startup: Ulead Acquire Fast.lnk = C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
          O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
          O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
          O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
          O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
          O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
          O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/DDD%20Pool/Images/armhelper.ocx
          O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
          O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\system32\rlai.dll,avgrsstx.dll
          O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
          O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
          O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
          O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
          O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
          O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

          --
          End of file - 8334 bytes

          Comment


          • #6
            Ga naar Start - Uitvoeren en geef hier de volgende vetgedrukte regel in:
            start notepad C:\RVAXO-Vfind.log
            Druk op OK.

            Een logje zal openen, post de inhoud in je volgende bericht.
            Lukt dit niet, kijk dan op je C-schijf of je RVAXO-Vfind.log vinden kan

            Comment


            • #7
              ======C:\WINDOWS====
              ----a-w 0 2008-05-17 10:48:18 C:\WINDOWS\0.log
              --s-a-w 2,048 2008-05-17 10:43:47 C:\WINDOWS\bootstat.dat
              ----a-w 339,450 2008-05-16 15:57:06 C:\WINDOWS\comsetup.log
              ----a-w 2,134 2008-05-14 17:56:31 C:\WINDOWS\DAASINST.LOG
              ----a-w 533 2008-05-15 17:12:16 C:\WINDOWS\daasunin.LOG
              ----a-w 987,113 2008-05-16 15:57:04 C:\WINDOWS\FaxSetup.log
              ----a-w 13,407 2008-05-14 17:56:43 C:\WINDOWS\FSASWINS.LOG
              ----a-w 24,178 2008-05-14 18:16:50 C:\WINDOWS\FSASWSIN.log
              ----a-w 1,767 2008-05-14 18:16:51 C:\WINDOWS\FSASWUNI.LOG
              ----a-w 8,054 2008-05-14 17:57:17 C:\WINDOWS\FSAVCSIN.LOG
              ----a-w 49,784 2008-05-14 17:56:42 C:\WINDOWS\FSAVINST.LOG
              ----a-w 60,324 2008-05-14 18:16:43 C:\WINDOWS\fsavunin.log
              ----a-w 4,791 2008-05-15 17:12:06 C:\WINDOWS\fsbwinst.log
              ----a-w 179,725 2008-05-14 17:54:27 C:\WINDOWS\FSDEPH.log
              ----a-w 1,981 2008-05-14 17:57:13 C:\WINDOWS\fsdginst.log
              ----a-w 1,227 2008-05-15 17:12:16 C:\WINDOWS\fsdgunst.log
              ----a-w 458 2008-05-14 18:16:53 C:\WINDOWS\FSGUIINS.LOG
              ----a-w 5,791,127 2008-05-14 17:57:24 C:\WINDOWS\FSISU.log
              ----a-w 17,588 2008-05-14 17:57:22 C:\WINDOWS\fsmainst.log
              ----a-w 2,841 2008-05-15 17:12:15 C:\WINDOWS\fsmaunin.log
              ----a-w 160,387 2008-05-14 17:57:22 C:\WINDOWS\FSPROD.log
              ----a-w 2,913 2008-05-14 17:54:14 C:\WINDOWS\FSPRODRM.LOG
              ----a-w 6,269 2008-05-14 17:56:50 C:\WINDOWS\FSPSINST.LOG
              ----a-w 2,232 2008-05-14 18:16:20 C:\WINDOWS\FSPSUNI.LOG
              ----a-w 8,747 2008-05-14 17:56:56 C:\WINDOWS\fsrif.log
              ----a-w 1,024,610 2008-05-14 17:57:22 C:\WINDOWS\FSSETUP.log
              ----a-w 2,962,054 2008-05-14 17:57:24 C:\WINDOWS\FSSFM.log
              ----a-w 459,790 2008-05-14 17:54:14 C:\WINDOWS\FSSGSUP.LOG
              ----a-w 2,594,900 2008-05-14 17:57:22 C:\WINDOWS\FSSGUI.log
              ----a-w 5,736 2008-05-14 17:57:22 C:\WINDOWS\FSSYSUPD.LOG
              ----a-w 480 2008-05-14 18:16:51 C:\WINDOWS\fstnbins.LOG
              ----a-w 24,675 2008-05-14 18:15:51 C:\WINDOWS\fwesinst.log
              ----a-w 16,871 2008-05-14 18:15:53 C:\WINDOWS\fwinst.log
              ----a-w 578 2008-05-14 18:16:55 C:\WINDOWS\HELPINST.LOG
              ----a-w 157,159 2008-05-16 15:57:06 C:\WINDOWS\iis6.log
              ----a-w 1,374 2008-04-15 15:13:45 C:\WINDOWS\imsins.BAK
              ----a-w 1,374 2008-05-16 15:57:06 C:\WINDOWS\imsins.log
              ----a-w 21,485 2008-04-15 15:13:34 C:\WINDOWS\KB941693.log
              ----a-w 14,184 2008-04-15 15:05:54 C:\WINDOWS\KB945553.log
              ----a-w 22,177 2008-04-15 15:13:08 C:\WINDOWS\KB947864-IE7.log
              ----a-w 14,537 2008-04-15 15:09:57 C:\WINDOWS\KB948590.log
              ----a-w 15,847 2008-04-15 15:13:45 C:\WINDOWS\KB948881.log
              ----a-w 15,136 2008-05-16 15:57:06 C:\WINDOWS\KB950749.log
              ----a-w 45 2008-04-19 07:56:35 C:\WINDOWS\magix.ini
              ----a-w 217 2008-05-14 17:57:22 C:\WINDOWS\MEHInst.log
              ----a-w 50 2008-05-14 17:54:19 C:\WINDOWS\MEHUnIn.log
              ----a-w 6,147 2008-04-16 17:49:04 C:\WINDOWS\mgxoschk.ini
              ----a-w 49,736 2008-05-16 15:57:04 C:\WINDOWS\msgsocm.log
              ----a-w 205,534 2008-05-16 15:57:06 C:\WINDOWS\ntdtcsetup.log
              ----a-w 471,976 2008-05-16 15:57:04 C:\WINDOWS\ocgen.log
              ----a-w 58,208 2008-05-16 15:57:06 C:\WINDOWS\ocmsn.log
              ----a-w 6,614 2008-05-14 17:57:14 C:\WINDOWS\pmsuinst.log
              ----a-w 1,272 2008-05-15 17:12:13 C:\WINDOWS\pmsuunst.log
              ----a-w 3,010 2008-05-14 17:53:28 C:\WINDOWS\Q-Klez.log
              ----a-w 623,268 2008-05-14 17:57:24 C:\WINDOWS\RunSetup.log
              ----a-w 32,594 2008-05-17 10:24:16 C:\WINDOWS\SchedLgU.Txt
              ----a-w 203,177 2008-05-16 15:57:04 C:\WINDOWS\setupapi.log
              ----a-w 227 2008-05-17 10:33:54 C:\WINDOWS\system.ini
              ----a-w 384,015 2008-05-16 15:57:06 C:\WINDOWS\tsoc.log
              ----a-w 298 2008-04-11 08:26:22 C:\WINDOWS\TWAIN.LOG
              ----a-w 4 2008-04-11 08:26:11 C:\WINDOWS\Twain001.Mtx
              ----a-w 156 2008-04-11 08:25:53 C:\WINDOWS\Twunk001.MTX
              ----a-w 123,490 2008-04-15 15:11:35 C:\WINDOWS\updspapi.log
              ----a-w 159 2008-05-17 10:45:17 C:\WINDOWS\wiadebug.log
              ----a-w 50 2008-05-17 10:44:53 C:\WINDOWS\wiaservc.log
              ----a-w 1,114 2008-05-17 10:33:54 C:\WINDOWS\win.ini
              ----a-w 1,281,068 2008-05-17 10:45:51 C:\WINDOWS\WindowsUpdate.log
              ----a-w 216,297 2008-05-13 16:06:00 C:\WINDOWS\wmsetup.log

              Entries: 68 (67)
              Directories: 0 Files: 68
              Bytes: 18,690,771 Blocks: 36,542
              ======C:\WINDOWS\system32=====
              ----a-w 16,832 2008-04-21 15:01:10 C:\WINDOWS\System32\amcompat.tlb
              ----a-w 10,520 2008-05-15 17:26:12 C:\WINDOWS\System32\avgrsstx.dll
              ----a-w 2,845 2008-05-14 17:48:00 C:\WINDOWS\System32\config.nt
              ----a-w 260,640 2008-04-24 16:54:24 C:\WINDOWS\System32\FNTCACHE.DAT
              ----a-w 16,863,864 2008-05-09 21:35:04 C:\WINDOWS\System32\MRT.exe
              ----a-w 303 2008-04-15 15:08:54 C:\WINDOWS\System32\MRT.INI
              ----a-w 23,392 2008-04-21 15:01:10 C:\WINDOWS\System32\nscompat.tlb
              ----a-w 822,165 2008-05-16 05:10:02 C:\WINDOWS\System32\RVAXO.bat
              --sh--w 1,602,087 2008-04-15 14:45:25 C:\WINDOWS\System32\shschalg.ini
              ----a-w 1,158 2008-05-17 10:36:39 C:\WINDOWS\System32\wpa.dbl

              Entries: 10 (9)
              Directories: 0 Files: 10
              Bytes: 19,603,806 Blocks: 38,294
              ======C:\WINDOWS\system32\drivers=====
              ----a-w 96,520 2008-05-15 17:26:07 C:\WINDOWS\System32\drivers\avgldx86.sys
              ----a-w 26,184 2008-05-15 17:26:01 C:\WINDOWS\System32\drivers\avgmfx86.sys

              Entries: 2 (2)
              Directories: 0 Files: 2
              Bytes: 122,704 Blocks: 241
              =======C:\Program Files=====
              Entries: 0 (0)
              Directories: 0 Files: 0
              Bytes: 0 Blocks: 0
              =======C:=====
              ----a-w 7,668 2008-04-21 15:09:29 C:\APIHook.log
              --sha-r 211 2008-05-17 10:33:54 C:\boot.ini
              ----a-w 16,680 2008-04-21 15:07:44 C:\Detections.txt
              ----a-w 388 2008-05-17 10:28:38 C:\firstrun6.log
              --sha-w 536,305,664 2008-05-17 10:43:46 C:\hiberfil.sys
              --sha-w 805,306,368 2008-05-17 10:43:45 C:\pagefile.sys
              ----a-w 523 2008-05-17 10:51:04 C:\RVAXO-results.log
              ----a-w 6,494 2008-05-17 10:51:04 C:\RVAXO-Vfind.log
              ----a-w 4 2008-04-20 07:50:38 C:\timestmp.tmp

              Entries: 9 (6)
              Directories: 0 Files: 9
              Bytes: 1,341,644,000 Blocks: 2,620,402
              ======C:\Documents and Settings\Bart Wauters\Application Data======
              Entries: 0 (0)
              Directories: 0 Files: 0
              Bytes: 0 Blocks: 0
              ======C:\Documents and Settings\Bart Wauters======
              ---ha-w 4,718,592 2008-05-17 10:43:01 C:\Documents and Settings\Bart Wauters\NTUSER.DAT
              ---ha-w 36,864 2008-05-17 10:50:59 C:\Documents and Settings\Bart Wauters\ntuser.dat.LOG
              --sh--w 288 2008-05-17 10:42:54 C:\Documents and Settings\Bart Wauters\ntuser.ini

              Entries: 3 (0)
              Directories: 0 Files: 3
              Bytes: 4,755,744 Blocks: 9,289
              ======C:\WINDOWS\Downloaded Program Files====
              Entries: 0 (0)
              Directories: 0 Files: 0
              Bytes: 0 Blocks: 0
              =============

              Comment


              • #8
                Open een kladblokbestand.
                Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

                @ECHO OFF
                IF EXIST log.txt DEL log.txt
                ECHO Deleting files>>log.txt
                FOR %%g in (
                C:\WINDOWS\System32\shschalg.ini
                "C:\Program Files\SurfingAdvisor") DO (
                DEL /Q %%gNUCIA
                IF EXIST %%g (
                ATTRIB -r -s -h %%g
                DEL %%g
                RD /S /Q %%g
                REN %%g *NUCIA
                IF EXIST %%gNUCIA (
                ECHO renamed to %%gNUCIA>>log.txt)
                IF EXIST %%g (
                ECHO %%g not deleted>>log.txt
                ) ELSE (
                ECHO %%g deleted>>log.txt)
                ) ELSE (
                ECHO %%g not found>>log.txt))
                START NOTEPAD.EXE log.txt

                Ga naar Bestand - Opslaan als.
                Bij "Opslaan in" kies je: Bureaublad
                Bij "Bestandsnaam" zet je: del.bat
                Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
                Klik op de knop Opslaan.

                Dubbelklik op del.bat en post de inhoud van de logfile die opent.

                Comment


                • #9
                  volgende log :

                  Deleting files
                  C:\WINDOWS\System32\shschalg.ini deleted
                  "C:\Program Files\SurfingAdvisor" deleted

                  Comment


                  • #10
                    Start Hijackthis en vink alleen de volgende regels aan:
                    O2 - BHO: SurfingAdvisor - {08111E97-AB7D-B099-1D3F-F88F47E13432} - C:\Program Files\SurfingAdvisor\SurfingAdvisor-2.dll (file missing)
                    O2 - BHO: (no name) - {6DC2D282-D414-435E-8A26-FF3C23AC36EF} - C:\WINDOWS\system32\vtuvtstt.dll (file missing)

                    Sluit alle openstaande vensters(behalve Hijackthis) en klik op de knop "Fix checked".

                    Herstart je computer.

                    Download Deckard's System Scanner naar je Bureaublad.
                    • Sluit alle toepassingen en vensters.
                    • Dubbelklik op dss.exe om het te activeren, en volg de aanwijzingen.
                    • Wanneer de scan volledig is, zal een tekstbestand - main.txt - openen.
                    • Kopiëer (Ctrl+A gevolgd door Ctrl+C) en plak (Ctrl+V) de inhoud van main.txt in je volgende antwoord.

                    Opmerking: Sommige firewalls kunnen waarschuwen dat sigcheck.exe probeert verbinding te maken met het internet
                    - zorg dat sigcheck.exe toestemming krijgt om dit te doen !
                    Tevens kan het gebeuren dat je Antivirus DSS als verdacht aangeeft, of zelfs probeert te verwijderen.
                    Laat je Antivirus dit niet verwijderen ! (In dit geval is het misschien beter om tijdens de scan van DSS je Antivirus even uit te schakelen)

                    Comment


                    • #11
                      main txt :

                      Deckard's System Scanner v20071014.68
                      Run by Bart Wauters on 2008-05-18 18:58:19
                      Computer is in Normal Mode.
                      --------------------------------------------------------------------------------

                      -- System Restore --------------------------------------------------------------

                      Successfully created a Deckard's System Scanner Restore Point.


                      -- Last 5 Restore Point(s) --
                      33: 2008-05-18 16:58:26 UTC - RP149 - Deckard's System Scanner Restore Point
                      32: 2008-05-18 07:18:58 UTC - RP148 - Verwijderd PC SpeedScan Pro
                      31: 2008-05-18 07:14:31 UTC - RP147 - Geïnstalleerd PC SpeedScan Pro
                      30: 2008-05-17 09:33:10 UTC - RP146 - Uniblue RegistryBooster
                      29: 2008-05-16 18:58:10 UTC - RP145 - Installed AdwareBot


                      -- First Restore Point --
                      1: 2008-04-14 15:57:49 UTC - RP117 - Software Distribution Service 3.0


                      Backed up registry hives.
                      Performed disk cleanup.



                      -- HijackThis (run as Bart Wauters.exe) ----------------------------------------

                      Logfile of Trend Micro HijackThis v2.0.2
                      Scan saved at 18:59:13, on 18/05/2008
                      Platform: Windows XP SP2 (WinNT 5.01.2600)
                      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
                      Boot mode: Normal

                      Running processes:
                      C:\WINDOWS\System32\smss.exe
                      C:\WINDOWS\system32\winlogon.exe
                      C:\WINDOWS\system32\services.exe
                      C:\WINDOWS\system32\lsass.exe
                      C:\WINDOWS\system32\svchost.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                      C:\WINDOWS\system32\spoolsv.exe
                      C:\WINDOWS\Explorer.EXE
                      C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
                      C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
                      C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
                      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
                      C:\WINDOWS\system32\ctfmon.exe
                      C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
                      C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
                      C:\Compaq\EAKDRV\EAUSBKBD.EXE
                      C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
                      C:\Program Files\Messenger\msmsgs.exe
                      C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe
                      C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                      C:\WINDOWS\System32\nvsvc32.exe
                      C:\Program Files\LiveUpdate\LiveUpdate.exe
                      C:\WINDOWS\System32\svchost.exe
                      C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
                      C:\Program Files\ScanSuite\SDetect.exe
                      C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
                      C:\WINDOWS\system32\wuauclt.exe
                      C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
                      C:\PROGRA~1\AVG\AVG8\avgrsx.exe
                      C:\Documents and Settings\Bart Wauters\Bureaublad\dss.exe
                      C:\PROGRA~1\TRENDM~1\HIJACK~1\Bart Wauters.exe

                      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fcvdendereh.be/
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=1c02&lc=0813&s=search&ap=b204
                      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
                      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
                      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
                      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
                      O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
                      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                      O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
                      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
                      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
                      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
                      O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
                      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
                      O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
                      O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
                      O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
                      O4 - HKLM\..\Run: [WCOLOREAL] "C:\Program Files\COMPAQ\Coloreal\coloreal.exe"
                      O4 - HKLM\..\Run: [srmclean] C:\Cpqs\Scom\srmclean.exe
                      O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
                      O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
                      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
                      O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
                      O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
                      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
                      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                      O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe"
                      O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
                      O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
                      O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
                      O4 - HKCU\..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe -m
                      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
                      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
                      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
                      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
                      O4 - Global Startup: Herinneringen van Microsoft Works Agenda.lnk = ?
                      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
                      O4 - Global Startup: Scannerdetector.lnk = C:\Program Files\ScanSuite\SDetect.exe
                      O4 - Global Startup: Ulead Acquire Fast.lnk = C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE
                      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
                      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
                      O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
                      O14 - IERESET.INF: START_PAGE_URL=http://www.telenet.be
                      O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Monopoly/Images/stg_drm.ocx
                      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
                      O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab
                      O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/DDD%20Pool/Images/armhelper.ocx
                      O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
                      O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\system32\rlai.dll,avgrsstx.dll
                      O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
                      O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
                      O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
                      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
                      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
                      O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

                      --
                      End of file - 8203 bytes

                      -- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

                      backup-20080517-120001-155 O2 - BHO: (no name) - {4E0399BE-F3EF-4461-9B0F-452F4119617E} - C:\WINDOWS\system32\ssqolijg.dll (file missing)
                      backup-20080517-120001-175 O20 - Winlogon Notify: vtuvtstt - vtuvtstt.dll (file missing)
                      backup-20080517-120001-222 O2 - BHO: Search Assistant MySidesearch - {6156A32A-C512-4e23-AA9A-2315F4265681} - C:\WINDOWS\system32\myss_sb.dll
                      backup-20080517-120001-294 O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsc8.dll (file missing)
                      backup-20080517-120001-297 O4 - HKLM\..\Run: [RelevantKnowledge] c:\windows\system32\rlvknlg.exe -boot
                      backup-20080517-120001-312 O20 - Winlogon Notify: RelevantKnowledge - C:\WINDOWS\system32\rlls.dll
                      backup-20080517-120001-429 O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrt.dll" DllStart
                      backup-20080517-120001-561 O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
                      backup-20080517-120001-607 O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll (file missing)
                      backup-20080517-120001-689 O2 - BHO: rightonads optimizer - {10F3E8BD-257A-4702-A2F5-DC02055B068C} - C:\WINDOWS\system32\gzmrt.dll (file missing)
                      backup-20080517-120001-760 O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll (file missing)
                      backup-20080517-120001-789 O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
                      backup-20080518-185048-200 O2 - BHO: (no name) - {6DC2D282-D414-435E-8A26-FF3C23AC36EF} - C:\WINDOWS\system32\vtuvtstt.dll (file missing)
                      backup-20080518-185048-627 O2 - BHO: SurfingAdvisor - {08111E97-AB7D-B099-1D3F-F88F47E13432} - C:\Program Files\SurfingAdvisor\SurfingAdvisor-2.dll (file missing)

                      -- File Associations -----------------------------------------------------------

                      All associations okay.


                      -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

                      R0 SMPLSCSI - c:\windows\system32\drivers\smplscsi.sys <Not Verified; OnSpec Electronic, Inc.; Microsoft® Windows(TM) Operating System>
                      R2 ONSIO - c:\windows\system32\drivers\onsio.sys

                      S3 iAimTV2 - c:\windows\system32\drivers\watv03nt.sys (file missing)


                      -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

                      S3 FirebirdServerMAGIXInstance (Firebird Server - MAGIX Instance) - c:\program files\magix\common\database\bin\fbserver.exe <Not Verified; MAGIX®; Firebird SQL Server - MAGIX Edition>
                      S3 UPnPService - c:\program files\common files\magix shared\upnpservice\upnpservice.exe <Not Verified; Magix AG; UPnPService Module>


                      -- Device Manager: Disabled ----------------------------------------------------

                      Class GUID:
                      Description: Microtek SimpleSCSI Miniport Drivers
                      Device ID: ROOT\SCSIADAPTER\SMPLSCSI.INF&SMPLSCSI
                      Manufacturer: Company
                      Name: Microtek SimpleSCSI Miniport Drivers
                      PNP Device ID: ROOT\SCSIADAPTER\SMPLSCSI.INF&SMPLSCSI
                      Service: SMPLSCSI


                      -- Files created between 2008-04-18 and 2008-05-18 -----------------------------

                      2008-05-18 09:14:31 20480 --a------ C:\WINDOWS\system32\SysRestore.dll <Not Verified; Ascentive LLC; prjSysRestore>
                      2008-05-18 09:14:31 208896 --a------ C:\WINDOWS\system32\ConTest.dll <Not Verified; Ascentive; ConnectionTester>
                      2008-05-17 12:50:44 0 d-------- C:\RVAXO
                      2008-05-17 12:18:36 822165 --a------ C:\WINDOWS\system32\RVAXO.bat
                      2008-05-17 12:18:36 69632 --a------ C:\WINDOWS\system32\remove.exe
                      2008-05-17 11:57:43 0 d-------- C:\WINDOWS\pss
                      2008-05-17 11:31:05 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\Uniblue
                      2008-05-17 11:24:14 0 d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
                      2008-05-17 11:24:05 0 d-------- C:\Program Files\Security Task Manager
                      2008-05-17 11:14:04 0 d-------- C:\Program Files\Trend Micro
                      2008-05-16 20:03:13 0 d-------- C:\Program Files\Lavasoft
                      2008-05-16 20:03:12 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
                      2008-05-16 20:02:29 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
                      2008-05-15 19:27:55 0 d--h----- C:\$AVG8.VAULT$
                      2008-05-15 19:25:55 0 d-------- C:\WINDOWS\system32\drivers\Avg
                      2008-05-15 19:25:55 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\AVGTOOLBAR
                      2008-05-15 19:25:42 0 d-------- C:\Program Files\AVG
                      2008-05-15 19:25:41 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
                      2008-05-14 20:01:57 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\F-Secure
                      2008-05-14 19:53:29 0 d-------- C:\Program Files\F-Secure
                      2008-05-13 18:39:24 0 d-------- C:\Program Files\Alwil Software
                      2008-05-13 18:01:04 0 d-------- C:\Mijn muziek
                      2008-05-02 19:59:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
                      2008-04-22 20:19:42 0 d-------- C:\Mixmania
                      2008-04-22 19:29:31 0 d-------- C:\Program Files\VirtualDJ
                      2008-04-21 17:42:09 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\WinRAR
                      2008-04-21 17:25:35 0 d-------- C:\Program Files\Soundman
                      2008-04-21 16:59:10 101888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>


                      -- Find3M Report ---------------------------------------------------------------

                      2008-05-18 10:44:34 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\LimeWire
                      2008-05-18 10:22:46 0 d--h----- C:\Program Files\InstallShield Installation Information
                      2008-05-16 20:02:29 0 d-------- C:\Program Files\Common Files
                      2008-05-01 14:36:36 0 d-------- C:\Program Files\Tennis Elbow 2006
                      2008-04-26 10:21:18 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\Adobe
                      2008-04-08 17:48:52 0 d-------- C:\Program Files\Carrot
                      2008-04-08 15:01:04 0 d-------- C:\Program Files\Icon Maker
                      2008-03-30 10:33:32 0 d-------- C:\Documents and Settings\Bart Wauters\Application Data\PowerChallenge
                      2008-03-30 10:06:32 364330 --a------ C:\WINDOWS\system32\perfh013.dat
                      2008-03-30 10:06:31 53418 --a------ C:\WINDOWS\system32\perfc013.dat
                      2008-03-14 16:16:56 286720 --a------ C:\WINDOWS\system32\rlxf.dll <Not Verified; RelevantKnowledge; RelevantKnowledge>
                      2008-03-12 20:55:19 712704 --a------ C:\WINDOWS\system32\rlph.dll <Not Verified; RelevantKnowledge; RelevantKnowledge>


                      -- Registry Dump ---------------------------------------------------------------

                      *Note* empty entries & legit default entries are not shown


                      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
                      15/05/2008 19:25 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

                      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
                      "{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [15/05/2008 19:25 2050816]

                      [-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
                      [HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

                      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                      "NvCplDaemon"="NvQTwk"
                      "CPQEASYACC"="C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe" [14/12/2001 15:01]
                      "Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [11/07/2000 22:14]
                      "Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [29/08/2000 09:56]
                      "WCOLOREAL"="C:\Program Files\COMPAQ\Coloreal\coloreal.exe" [20/02/2002 12:40]
                      "srmclean"="C:\Cpqs\Scom\srmclean.exe" [24/07/2001 23:34]
                      "Smapp"="C:\Program Files\Analog Devices\SoundMAX\Smtray.exe" [12/10/2001 15:45]
                      "AutoLogon"=""
                      "HPDJ Taskbar Utility"="C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe" [20/12/2001 00:29]
                      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
                      "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [14/07/2003 22:34]
                      "AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [15/05/2008 19:25]

                      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 10:03]
                      "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [22/02/2005 08:56]
                      "PopUpStopperFreeEdition"="C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" [29/04/2003 10:40]
                      "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [10/09/2007 19:00]
                      "@"=""
                      "BTCLiveUpdate"="C:\Program Files\LiveUpdate\LiveUpdate.exe" [08/03/2004 13:50]
                      "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe"
                      "Performance Center"="C:\Program Files\Ascentive\Performance Center\APCMain.exe"

                      C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten\
                      Herinneringen van Microsoft Works Agenda.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [12/07/2000 6:14:38]
                      Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [17/02/1999 21:05:56]
                      Scannerdetector.lnk - C:\Program Files\ScanSuite\SDetect.exe [12/06/2007 9:34:28]
                      Ulead Acquire Fast.lnk - C:\Program Files\Ulead Systems\Ulead Photo Assistant\UATRAY.EXE [17/08/2007 20:33:52]

                      [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
                      "NoDispAppearancePage"=0 (0x0)
                      "NoDispBackgroundPage"=0 (0x0)

                      [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
                      "NoActiveDesktopChanges"=0 (0x0)

                      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
                      "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL,C:\WINDOWS\system32\rlai.dll,avgrsstx.dl l

                      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
                      @="Service"

                      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
                      @="Service"

                      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
                      @="Volume shadow copy"




                      -- End of Deckard's System Scanner: finished at 2008-05-18 19:00:00 ------------



                      EXTRA TXT KLADBLOK :

                      eckard's System Scanner v20071014.68
                      Extra logfile - please post this as an attachment with your post.
                      --------------------------------------------------------------------------------

                      -- System Information ----------------------------------------------------------

                      Microsoft Windows XP Home Edition (build 2600) SP 2.0
                      Architecture: X86; Language: Dutch

                      CPU 0: AMD Athlon(tm) XP 2200+
                      Percentage of Memory in Use: 48%
                      Physical Memory (total/avail): 511.39 MiB / 265.13 MiB
                      Pagefile Memory (total/avail): 1248.31 MiB / 993.2 MiB
                      Virtual Memory (total/avail): 2047.88 MiB / 1925.04 MiB

                      A: is Removable (No Media)
                      C: is Fixed (NTFS) - 74.53 GiB total, 52.97 GiB free.
                      D: is CDROM (No Media)
                      E: is CDROM (No Media)
                      F: is CDROM (No Media)

                      \\.\PHYSICALDRIVE0 - ST380020A - 74.53 GiB - 1 partition
                      \PARTITION0 (bootable) - Installable File System - 74.53 GiB - C:



                      -- Security Center -------------------------------------------------------------

                      AUOptions is scheduled to auto-install.
                      Windows Internal Firewall is enabled.

                      AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
                      AV: F-Secure Anti-Virus Client Security 6.00 v6.00 (F-Secure Corporation)

                      [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
                      "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
                      "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"

                      [HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
                      "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
                      "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
                      "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
                      "C:\\Program Files\\Golden Fairway\\GoldenFairway.exe"="C:\\Program Files\\Golden Fairway\\GoldenFairway.exe:*:Enabled:Golden Fairway Application"
                      "C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe"="C:\\Program Files\\Wolfenstein - Enemy Territory\\ET.exe:*:Enabled:ET"
                      "C:\\Program Files\\Microsoft Games\\Golf '98\\msgolf98.exe"="C:\\Program Files\\Microsoft Games\\Golf '98\\msgolf98.exe:*:Enabled:Microsoft Golf '98"
                      "C:\\Program Files\\Common Files\\MAGIX Shared\\UPnPService\\UPnPService.exe"="C:\\Program Files\\Common Files\\MAGIX Shared\\UPnPService\\UPnPService.exe:LocalSubNet:Enabled:Magix UPnP Service"
                      "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
                      "C:\\Program Files\\MotoGP2 Demo\\motogp2_demo.exe"="C:\\Program Files\\MotoGP2 Demo\\motogp2_demo.exe:*:Enabled:motogp2_demo"
                      "C:\\WINDOWS\\Temp\\~osE.tmp\\ossproxy.exe"="C:\\WINDOWS\\Temp\\~osE.tmp\\ossproxy.exe:*:Enabledssproxy.exe"
                      "c:\\windows\\system32\\rlvknlg.exe"="c:\\windows\\system32\\rlvknlg.exe:*:Enabled:rlvknlg.exe"
                      "C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"


                      -- Environment Variables -------------------------------------------------------

                      ALLUSERSPROFILE=C:\Documents and Settings\All Users
                      APPDATA=C:\Documents and Settings\Bart Wauters\Application Data
                      CLIENTNAME=Console
                      CommonProgramFiles=C:\Program Files\Common Files
                      COMPUTERNAME=CPQ12505183362
                      ComSpec=C:\WINDOWS\system32\cmd.exe
                      FP_NO_HOST_CHECK=NO
                      HOMEDRIVE=C:
                      HOMEPATH=\Documents and Settings\Bart Wauters
                      LOGONSERVER=\\CPQ12505183362
                      NUMBER_OF_PROCESSORS=1
                      OS=Windows_NT
                      Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
                      PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
                      PROCESSOR_ARCHITECTURE=x86
                      PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 0, AuthenticAMD
                      PROCESSOR_LEVEL=6
                      PROCESSOR_REVISION=0800
                      ProgramFiles=C:\Program Files
                      PROMPT=$P$G
                      SESSIONNAME=Console
                      SystemDrive=C:
                      SystemRoot=C:\WINDOWS
                      TEMP=C:\DOCUME~1\BARTWA~1\LOCALS~1\Temp
                      TMP=C:\DOCUME~1\BARTWA~1\LOCALS~1\Temp
                      USERDOMAIN=CPQ12505183362
                      USERNAME=Bart Wauters
                      USERPROFILE=C:\Documents and Settings\Bart Wauters
                      windir=C:\WINDOWS


                      -- User Profiles ---------------------------------------------------------------

                      Eigenaar (new local, admin)
                      Bart Wauters (admin)


                      -- Add/Remove Programs ---------------------------------------------------------

                      --> C:\WINDOWS\uninst.exe -fc:\compaq\lutil\DeIsL1.isu
                      --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{854A5F01-D692-11D4-A984-009027EC0A9C}\setup.exe"
                      --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{945E2519-C2B9-11D3-9D56-0060B0A4823E}\setup.exe"
                      --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CD47EFC1-D692-11D4-A984-009027EC0A9C}\setup.exe"
                      --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E7E518B2-B174-11D3-9D4E-0060B0A4823E}\setup.exe"
                      --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
                      Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
                      Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
                      Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
                      Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
                      Ahead Nero Burning ROM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
                      Avery DesignPro --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}\setup.exe" -uninst
                      AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
                      Belote Expert --> C:\WINDOWS\system32\GKSUI16.EXE C:\Program Files\Spellekes\Belote Expert\UNINSTAL.DAT
                      Beveiligingsupdate for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
                      Beveiligingsupdate for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB939653) --> "C:\WINDOWS\$NtUninstallKB939653$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
                      Beveiligingsupdate voor Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
                      Biliardo --> C:\Program Files\Spellekes\billiardo\Uninstall.exe "C:\Program Files\Spellekes\billiardo\install.log"
                      Cd 2 van Microsoft Office 2000 --> MsiExec.exe /I{00040413-78E1-11D2-B60F-006097C998E7}
                      Coloreal --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDE90251-93EB-4F6A-89D8-086E2D91DC56}\setup.exe"
                      dBpoweramp m4a Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp m4a Codec.dat
                      dBpowerAMP Mp4 & AAC Decode Codec --> "C:\WINDOWS\System32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP Mp4 & AAC Decode Codec.dat
                      dBpoweramp Music Converter --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
                      dBpoweramp Ogg Vorbis Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
                      dBpoweramp Windows Media Audio 10 Codec --> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Windows Media Audio 10 Codec.dat
                      dBpowerAMP WMA V9.1 Codec --> "C:\WINDOWS\System32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\System32\SpoonUninstall-dBpowerAMP WMA V9.1 Codec.dat
                      Easy Access Button Ondersteuning --> C:\Program Files\COMPAQ\Easy Access Button Support\Uninst.exe
                      Firebird SQL Server - MAGIX Edition 2.0.0.1 (NL) --> C:\Program Files\MAGIX\Common\Database\uninstall.exe
                      Fx Icon 32 --> C:\PROGRA~1\ICONMA~1\UNWISE.EXE C:\PROGRA~1\ICONMA~1\INSTALL.LOG
                      Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72}
                      Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
                      Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
                      HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
                      Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
                      Hotfix voor Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
                      hp deskjet 916c series --> rundll32 hpzcon04.dll,VendorJettison hp deskjet 916c series
                      hp deskjet 916c series (Remove only) --> C:\Program Files\hp deskjet 916c series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=LPT1: -vproduct=916c -huninstall
                      InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{C1939820-A945-11D4-86F6-0001031E5712}\setup.exe" REMOVEALL
                      J2SE Runtime Environment 5.0 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150030}
                      Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
                      Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
                      Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
                      Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
                      LimeWire 4.16.6 --> "C:\Program Files\LimeWire\uninstall.exe"
                      MAGIX Music Manager 2007 8.1.1.98 (NL) --> C:\Program Files\MAGIX\Music_Manager_2007\instslct.exe
                      Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
                      Microsoft Office 2000 Premium --> MsiExec.exe /I{00000413-78E1-11D2-B60F-006097C998E7}
                      Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
                      Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
                      Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
                      Microsoft Word 2002 --> MsiExec.exe /I{911B0413-6000-11D3-8CFE-0050048383C9}
                      Microsoft Works 6.0 --> MsiExec.exe /I{EC8D0A07-438C-11D4-AE7F-00C04F324C16}
                      Microtek ScanSuite 1.2 --> C:\Program Files\ScanSuite\UnInstSS.exe" -f"C:\Program Files\ScanSuite\Uninst.isu"
                      Microtek ScanWizard --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17A7779A-D23F-11D3-8753-0050BABE1202}\setup.exe"
                      Microtek ScanWizard for Windows NT V2.54 --> C:\WINDOWS\UNINST.EXE -fC:\WINDOWS\Twain_32\Scanwiz\DeIsL4.isu
                      ModemXpert --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9CB4FEE2-7F47-11D4-B6AD-00A0CC624550}\setup.exe" AnyText
                      MySidesearch Search Assistant Adzgalore --> C:\WINDOWS\system32\myss_sb_uninstall.exe
                      NetWaiting --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe" ControlPanelAnyText
                      NVIDIA Windows 2000/XP Display Drivers --> rundll32.exe C:\WINDOWS\System32\nvinstnt.dll,NvUninstallNT4 nvca.inf
                      Performance Center --> C:\Program Files\InstallShield Installation Information\{BB05BD70-4605-4829-93FC-AD80D8CC5B66}\setup.exe -runfromtemp -l0x0013 -removeonly
                      Pop-Up Stopper Free Edition --> C:\PROGRA~1\PANICW~1\POP-UP~1\UNWISE.EXE C:\PROGRA~1\PANICW~1\POP-UP~1\INSTALL.LOG
                      RelevantKnowledge --> c:\windows\system32\rlvknlg.exe -bootremove -uninst:RelevantKnowledge
                      SoundMAX --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.EXE"
                      SurfingAdvisor --> C:\Program Files\SurfingAdvisor\uninstall.exe
                      Tennis Elbow 2006 1.0b --> C:\Program Files\Tennis Elbow 2006\uninst.exe
                      TORCS - The Open Racing Car Simulator 1.2.4 --> C:\Program Files\torcs\uninst.exe
                      Ulead Photo Assistant 1.0 --> C:\WINDOWS\Upa100.exe /f:upa100.inf
                      Update voor Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
                      Update voor Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
                      UserBar Generator 1.2 --> "C:\Program Files\AmitySource\UserBar Generator 2.2\unins000.exe"
                      Virtual DJ - Atomix Productions --> C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
                      WildTangent Updater --> C:\WINDOWS\wt\updater\wcmdmgr.exe -uninstall wcmdmgr.exe
                      WildTangent Web Driver --> C:\WINDOWS\wt\updater\wcmdmgr.exe -uninstall wtwebdriver
                      Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
                      Windows Messenger 5.1 --> MsiExec.exe /I{A433AE09-2126-4dad-9CBD-C1B05DC42787}
                      WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
                      WinZip --> C:\Program Files\WinZip\WINZIP32.EXE /uninstall


                      -- Application Event Log -------------------------------------------------------

                      Event Record #/Type1945 / Error
                      Event Submitted/Written: 05/18/2008 10:35:24 AM
                      Event ID/Source: 1002 / Application Hang
                      Event Description:
                      Vastgelopen toepassing: iexplore.exe, versie: 7.0.6000.16640, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

                      Event Record #/Type1930 / Error
                      Event Submitted/Written: 05/17/2008 00:05:12 PM
                      Event ID/Source: 4614 / EventSystem
                      Event Description:
                      Het COM+-gebeurtenissysteem heeft een inconsistentie in de interne status aangetroffen. Er is bij verklaring GetLastError() == 122L een fout opgetreden op regel 201 van d:\qxp_slp\com\com1x\src\events\shared\sectools.cpp. Neem contact op met Microsoft Productondersteuning om deze fout te melden.

                      Event Record #/Type1929 / Warning
                      Event Submitted/Written: 05/17/2008 00:05:07 PM
                      Event ID/Source: 1524 / Userenv
                      Event Description:
                      Windows kan het klassenregisterbestand niet uit het geheugen verwijderen omdat het momenteel door een andere toepassing of service wordt gebruikt. Het bestand wordt uit het geheugen verwijderd als het niet meer wordt gebruikt.

                      Event Record #/Type1926 / Error
                      Event Submitted/Written: 05/17/2008 11:24:53 AM
                      Event ID/Source: 1002 / Application Hang
                      Event Description:
                      Vastgelopen toepassing: TaskMan.exe, versie: 1.7.4.0, vastgelopen module: hungapp, versie: 0.0.0.0, vastgelopen op: 0x00000000.

                      Event Record #/Type1922 / Error
                      Event Submitted/Written: 05/16/2008 08:58:08 PM
                      Event ID/Source: 11309 / MsiInstaller
                      Event Description:
                      Product: AdwareBot -- Error 1309. Error reading from file: C:\DOCUME~1\BARTWA~1\LOCALS~1\Temp\7zS8C.tmp\AdwareBot\AdwareBot.exe. System error 5. Verify that the file exists and that you can access it.



                      -- Security Event Log ----------------------------------------------------------

                      No Errors/Warnings found.


                      -- System Event Log ------------------------------------------------------------

                      Event Record #/Type18529 / Error
                      Event Submitted/Written: 05/18/2008 06:56:12 PM
                      Event ID/Source: 7022 / Service Control Manager
                      Event Description:
                      De AVG8 WatchDog-service is bij het starten vastgelopen.

                      Event Record #/Type18508 / Error
                      Event Submitted/Written: 05/18/2008 06:15:31 PM
                      Event ID/Source: 7022 / Service Control Manager
                      Event Description:
                      De AVG8 WatchDog-service is bij het starten vastgelopen.

                      Event Record #/Type18502 / Warning
                      Event Submitted/Written: 05/18/2008 10:39:46 AM
                      Event ID/Source: 4226 / Tcpip
                      Event Description:
                      TCP/IP heeft de beveiligingslimiet bereikt van het aantal gelijktijdige verbindingspogingen via TCP.

                      Event Record #/Type18484 / Error
                      Event Submitted/Written: 05/18/2008 10:19:23 AM
                      Event ID/Source: 7022 / Service Control Manager
                      Event Description:
                      De AVG8 WatchDog-service is bij het starten vastgelopen.

                      Event Record #/Type18446 / Warning
                      Event Submitted/Written: 05/18/2008 08:54:28 AM
                      Event ID/Source: 4226 / Tcpip
                      Event Description:
                      TCP/IP heeft de beveiligingslimiet bereikt van het aantal gelijktijdige verbindingspogingen via TCP.



                      -- End of Deckard's System Scanner: finished at 2008-05-18 19:00:00 ------------
                      Last edited by bawa; 18-05-08, 19:04.

                      Comment


                      • #12
                        Open een kladblokbestand.
                        Kopieer onderstaande (alles wat vetgedrukt is) in dit kladblokbestand.

                        @ECHO OFF
                        IF EXIST log.txt DEL log.txt
                        ECHO Deleting files>>log.txt
                        FOR %%g in (
                        C:\WINDOWS\system32\rlxf.dll
                        C:\WINDOWS\system32\rlph.dll) DO (
                        DEL /Q %%gNUCIA
                        IF EXIST %%g (
                        ATTRIB -r -s -h %%g
                        DEL %%g
                        REN %%g *NUCIA
                        IF EXIST %%gNUCIA (
                        ECHO renamed to %%gNUCIA>>log.txt)
                        IF EXIST %%g (
                        ECHO %%g not deleted>>log.txt
                        ) ELSE (
                        ECHO %%g deleted>>log.txt)
                        ) ELSE (
                        ECHO %%g not found>>log.txt))
                        START NOTEPAD.EXE log.txt

                        Ga naar Bestand - Opslaan als.
                        Bij "Opslaan in" kies je: Bureaublad
                        Bij "Bestandsnaam" zet je: del.bat
                        Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
                        Klik op de knop Opslaan.

                        Dubbelklik op del.bat en post de inhoud van de logfile die opent.

                        Comment


                        • #13
                          Deleting files
                          C:\WINDOWS\system32\rlxf.dll deleted
                          C:\WINDOWS\system32\rlph.dll deleted

                          Comment


                          • #14
                            1) Open een klablokbestand.
                            2) Kopieer onderstaande code in dit kladblokbestand.
                            3) Ga naar Bestand - Opslaan als.
                            -Bij "Opslaan in" kies je: Bureaublad
                            -Bij "Bestandsnaam" zet je: look.bat
                            -Bij "Opslaan als type" selecteer je: Alle bestanden (*.*).
                            -Klik op de knop Opslaan.
                            Code:
                            regedit /e look.txt "HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows"
                            start notepad look.txt
                            4) Dubbelklik op de look.bat file en post de inhoud van look.txt dat dan geopend wordt

                            Groeten smeenk
                            Last edited by smeenk; 18-05-08, 21:32.

                            Comment


                            • #15
                              Er komt niets voor in Look.txt

                              Comment

                              Sorry, you are not authorized to view this page
                              Working...
                              X