Free Malware Removal Forum

[davege]

Hey, my fathers pc got infected with this. Internet access is not possible any more, and MS Security Essentials Alert is show with Unknown Win32/Trojan.

Any help will be greatly appreciated!

HijackThis log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:38:28, on 21/10/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Documents and Settings\Fons\Application Data\hotfix.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Belgacom\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Belgacom\bin\sprtcmd.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\MapSource\gStart.exe
C:\Documents and Settings\Fons\Bureaublad\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.be/ig/dell?hl=nl&client=dell ... bd=2060909
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.be/ig/dell?hl=nl&client=dell ... bd=2060909
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [Loader] C:\WINDOWS\System\loader.exe
O4 - HKLM\..\Run: [USS] "C:\Program Files\USS\USS.exe"
O4 - HKLM\..\Run: [Belgacom] "C:\Program Files\Belgacom\bin\sprtcmd.exe" /P Belgacom
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [gStart] C:\MapSource\gStart.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: downloadfree.avg.com
O15 - Trusted Zone: guru.avg.com
O15 - Trusted Zone: update.avgfree.com
O15 - Trusted Zone: guru1.grisoft.cz
O15 - Trusted Zone: guru2.grisoft.cz
O15 - Trusted Zone: guru3.grisoft.cz
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9 ... ontrol.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: apathies - {aed6f6a3-183c-488d-9f90-23db99f56e7f} - C:\WINDOWS\system32\geplxss.dll (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: SupportSoft Sprocket Service (belgacom) (sprtsvc_belgacom) - SupportSoft, Inc. - C:\Program Files\Belgacom\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe

--
End of file - 8604 bytes


Uninstall log:

ABBYY FineReader 5.0 Sprint
Adobe Flash Player 10 ActiveX
Adobe Photoshop CS
Adobe Reader 7.1.0
Adobe Shockwave Player 11.5
avast! Free Antivirus
Belgacom Genius
Beveiligingsupdate for Windows XP (KB941569)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB931768)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325)
Beveiligingsupdate voor Windows Internet Explorer 7 (KB978207)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)
Beveiligingsupdate voor Windows Media Player (KB952069)
Beveiligingsupdate voor Windows Media Player (KB954155)
Beveiligingsupdate voor Windows Media Player (KB968816)
Beveiligingsupdate voor Windows Media Player (KB973540)
Beveiligingsupdate voor Windows Media Player (KB978695)
Beveiligingsupdate voor Windows Media Player 11 (KB936782)
Beveiligingsupdate voor Windows Media Player 11 (KB954154)
Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)
Beveiligingsupdate voor Windows XP (KB2229593)
Beveiligingsupdate voor Windows XP (KB893756)
Beveiligingsupdate voor Windows XP (KB896428)
Beveiligingsupdate voor Windows XP (KB899587)
Beveiligingsupdate voor Windows XP (KB900725)
Beveiligingsupdate voor Windows XP (KB901017)
Beveiligingsupdate voor Windows XP (KB902400)
Beveiligingsupdate voor Windows XP (KB905414)
Beveiligingsupdate voor Windows XP (KB905749)
Beveiligingsupdate voor Windows XP (KB911927)
Beveiligingsupdate voor Windows XP (KB913580)
Beveiligingsupdate voor Windows XP (KB914389)
Beveiligingsupdate voor Windows XP (KB916281)
Beveiligingsupdate voor Windows XP (KB917422)
Beveiligingsupdate voor Windows XP (KB917953)
Beveiligingsupdate voor Windows XP (KB918118)
Beveiligingsupdate voor Windows XP (KB919007)
Beveiligingsupdate voor Windows XP (KB920213)
Beveiligingsupdate voor Windows XP (KB920670)
Beveiligingsupdate voor Windows XP (KB920683)
Beveiligingsupdate voor Windows XP (KB920685)
Beveiligingsupdate voor Windows XP (KB921503)
Beveiligingsupdate voor Windows XP (KB922819)
Beveiligingsupdate voor Windows XP (KB923191)
Beveiligingsupdate voor Windows XP (KB923414)
Beveiligingsupdate voor Windows XP (KB923561)
Beveiligingsupdate voor Windows XP (KB923694)
Beveiligingsupdate voor Windows XP (KB923980)
Beveiligingsupdate voor Windows XP (KB924191)
Beveiligingsupdate voor Windows XP (KB924270)
Beveiligingsupdate voor Windows XP (KB924667)
Beveiligingsupdate voor Windows XP (KB925902)
Beveiligingsupdate voor Windows XP (KB926255)
Beveiligingsupdate voor Windows XP (KB926436)
Beveiligingsupdate voor Windows XP (KB927779)
Beveiligingsupdate voor Windows XP (KB927802)
Beveiligingsupdate voor Windows XP (KB928090)
Beveiligingsupdate voor Windows XP (KB928255)
Beveiligingsupdate voor Windows XP (KB928843)
Beveiligingsupdate voor Windows XP (KB929123)
Beveiligingsupdate voor Windows XP (KB930178)
Beveiligingsupdate voor Windows XP (KB931261)
Beveiligingsupdate voor Windows XP (KB931784)
Beveiligingsupdate voor Windows XP (KB932168)
Beveiligingsupdate voor Windows XP (KB933729)
Beveiligingsupdate voor Windows XP (KB935839)
Beveiligingsupdate voor Windows XP (KB935840)
Beveiligingsupdate voor Windows XP (KB936021)
Beveiligingsupdate voor Windows XP (KB938464)
Beveiligingsupdate voor Windows XP (KB938829)
Beveiligingsupdate voor Windows XP (KB941202)
Beveiligingsupdate voor Windows XP (KB941568)
Beveiligingsupdate voor Windows XP (KB943460)
Beveiligingsupdate voor Windows XP (KB944653)
Beveiligingsupdate voor Windows XP (KB946648)
Beveiligingsupdate voor Windows XP (KB950749)
Beveiligingsupdate voor Windows XP (KB950762)
Beveiligingsupdate voor Windows XP (KB950974)
Beveiligingsupdate voor Windows XP (KB951066)
Beveiligingsupdate voor Windows XP (KB951376-v2)
Beveiligingsupdate voor Windows XP (KB951698)
Beveiligingsupdate voor Windows XP (KB951748)
Beveiligingsupdate voor Windows XP (KB952004)
Beveiligingsupdate voor Windows XP (KB952954)
Beveiligingsupdate voor Windows XP (KB953839)
Beveiligingsupdate voor Windows XP (KB955069)
Beveiligingsupdate voor Windows XP (KB956572)
Beveiligingsupdate voor Windows XP (KB956802)
Beveiligingsupdate voor Windows XP (KB956803)
Beveiligingsupdate voor Windows XP (KB956844)
Beveiligingsupdate voor Windows XP (KB957097)
Beveiligingsupdate voor Windows XP (KB958470)
Beveiligingsupdate voor Windows XP (KB958644)
Beveiligingsupdate voor Windows XP (KB958687)
Beveiligingsupdate voor Windows XP (KB958869)
Beveiligingsupdate voor Windows XP (KB959426)
Beveiligingsupdate voor Windows XP (KB960225)
Beveiligingsupdate voor Windows XP (KB960803)
Beveiligingsupdate voor Windows XP (KB960859)
Beveiligingsupdate voor Windows XP (KB961501)
Beveiligingsupdate voor Windows XP (KB969059)
Beveiligingsupdate voor Windows XP (KB969947)
Beveiligingsupdate voor Windows XP (KB970238)
Beveiligingsupdate voor Windows XP (KB970430)
Beveiligingsupdate voor Windows XP (KB971468)
Beveiligingsupdate voor Windows XP (KB971486)
Beveiligingsupdate voor Windows XP (KB971557)
Beveiligingsupdate voor Windows XP (KB971633)
Beveiligingsupdate voor Windows XP (KB971657)
Beveiligingsupdate voor Windows XP (KB971961)
Beveiligingsupdate voor Windows XP (KB972270)
Beveiligingsupdate voor Windows XP (KB973354)
Beveiligingsupdate voor Windows XP (KB973507)
Beveiligingsupdate voor Windows XP (KB973525)
Beveiligingsupdate voor Windows XP (KB973869)
Beveiligingsupdate voor Windows XP (KB973904)
Beveiligingsupdate voor Windows XP (KB974112)
Beveiligingsupdate voor Windows XP (KB974318)
Beveiligingsupdate voor Windows XP (KB974392)
Beveiligingsupdate voor Windows XP (KB974571)
Beveiligingsupdate voor Windows XP (KB975025)
Beveiligingsupdate voor Windows XP (KB975467)
Beveiligingsupdate voor Windows XP (KB975560)
Beveiligingsupdate voor Windows XP (KB975561)
Beveiligingsupdate voor Windows XP (KB975562)
Beveiligingsupdate voor Windows XP (KB975713)
Beveiligingsupdate voor Windows XP (KB977165)
Beveiligingsupdate voor Windows XP (KB977816)
Beveiligingsupdate voor Windows XP (KB977914)
Beveiligingsupdate voor Windows XP (KB978037)
Beveiligingsupdate voor Windows XP (KB978251)
Beveiligingsupdate voor Windows XP (KB978262)
Beveiligingsupdate voor Windows XP (KB978338)
Beveiligingsupdate voor Windows XP (KB978542)
Beveiligingsupdate voor Windows XP (KB978601)
Beveiligingsupdate voor Windows XP (KB978706)
Beveiligingsupdate voor Windows XP (KB979309)
Beveiligingsupdate voor Windows XP (KB979482)
Beveiligingsupdate voor Windows XP (KB979559)
Beveiligingsupdate voor Windows XP (KB979683)
Beveiligingsupdate voor Windows XP (KB980195)
Beveiligingsupdate voor Windows XP (KB980218)
Beveiligingsupdate voor Windows XP (KB980232)
Browser Defender 2.0.6.15
Dell CinePlayer
Dell Driver Reset Tool
digifietser.v.1.31
digifietser.v.1.50
Digifietser.v.2.00
Digifietser.v.2.50
Digifietser.v.2.55
DriveCleaner Free 1.0.82.0
Garmin City Navigator Europe 2008
Garmin MapSource
Garmin TOPO Nederland
Garmin Training Center
Garmin USB Drivers
Garmin USB Drivers
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix voor Windows Media Player 11 (KB939683)
Hotfix voor Windows XP (KB914440)
Hotfix voor Windows XP (KB952287)
Hotfix voor Windows XP (KB961118)
Hotfix voor Windows XP (KB976098-v2)
Hotfix voor Windows XP (KB979306)
Hotfix voor Windows XP (KB981793)
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
Java(TM) SE Runtime Environment 6 Update 1
JuicyAccess Toolbar
Lexmark X1100 Series
LiveUpdate 2.6 (Symantec Corporation)
Malwarebytes' Anti-Malware
MapWinGIS ActiveX Control
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Dutch Language Pack
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Editie 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ Redist - ENU
MSXML 6 Service Pack 2 (KB973686)
Picasa 3
Roxio DLA
Roxio MyDVD LE
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
SearchAssist
Sonic Activation Module
Sonic Update Manager
Spyware Doctor 7.0
Topo España V.3.0
Topomap Belux
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update voor Windows Internet Explorer 8 (KB976662)
Update voor Windows Internet Explorer 8 (KB978506)
Update voor Windows Internet Explorer 8 (KB980182)
Update voor Windows XP (KB894391)
Update voor Windows XP (KB898461)
Update voor Windows XP (KB900485)
Update voor Windows XP (KB904942)
Update voor Windows XP (KB910437)
Update voor Windows XP (KB911280)
Update voor Windows XP (KB916595)
Update voor Windows XP (KB920872)
Update voor Windows XP (KB922582)
Update voor Windows XP (KB925720)
Update voor Windows XP (KB927891)
Update voor Windows XP (KB929338)
Update voor Windows XP (KB930916)
Update voor Windows XP (KB931836)
Update voor Windows XP (KB932823-v3)
Update voor Windows XP (KB933360)
Update voor Windows XP (KB936357)
Update voor Windows XP (KB938828)
Update voor Windows XP (KB942763)
Update voor Windows XP (KB951072-v2)
Update voor Windows XP (KB955759)
Update voor Windows XP (KB967715)
Update voor Windows XP (KB968389)
Update voor Windows XP (KB971737)
Update voor Windows XP (KB973687)
Update voor Windows XP (KB973815)
URL Assistant
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
WinRAR archiver

[Cypher]

Hi and welcome to Malware Removal Forum, sorry for the delay in answering your request for help the forum is really busy.
My name is Cypher, and I will be helping you with your malware problems.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.

• The instructions being given are for YOUR computer and system only!.
  Using these instructions on a different computer, can damage that computer and possibly make it inoperable!
• If you don't know or understand something, please don't hesitate to ask.
• Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
• Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
  Absence of symptoms does not mean that everything is clear.
• Please DO NOT run any other tools or scans whilst I am helping you.
• Please DO NOT install any other software (or hardware) during the cleaning process.
• Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
• Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
• Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.
Backup Made Easy XP
Backup data vista

• Please download this tool from Microsoft.
• Double click on MGADiag.exe to run it.
• Click Continue.
• The program will run. It takes a while to finish the diagnosis, please be patient.
• Once done, click on Copy.
• Open Notepad and paste the contents in the window.
• Save this file and copy/paste it in your next reply.

[davege]

Thanks for the assistance!

output of mgadiag.exe

==>


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
Windows Product ID: 76395-OEM-2111907-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.2.0.hom
ID: {05A8EF4E-DCF0-4063-8EF9-AC7EE7D8036D}(1)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.18.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.18.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 114 Blocked VLK 2
Microsoft Office Professional Editie 2003 - 114 Blocked VLK 2
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{05A8EF4E-DCF0-4063-8EF9-AC7EE7D8036D}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.2.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>76395-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-1435424380-2327733308-3081230043</SID><SYSTEM><Manufacturer>Dell Inc. </Manufacturer><Model>Dell DC051 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc. </Manufacturer><Version>A02</Version><SMBIOSVersion major="2" minor="3"/><Date>20060405000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>BF0330470184406D</HWID><UserLCID>0813</UserLCID><SystemLCID>0413</SystemLCID><TimeZone>Romance (standaardtijd)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Dimension DC051</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.0"/><File Name="WgaLogon.dll" Version="1.7.18.0"/></GANotification></MachineData><Software><Office><Result>114</Result><Products><Product GUID="{90110413-6000-11D3-8CFE-0150048383C9}"><LegitResult>114</LegitResult><Name>Microsoft Office Professional Editie 2003</Name><Ver>11</Ver><Val>59D1605114E3500</Val><Hash>vfZmaSmFPIYrLWTcZSZErUQg+Fo=</Hash><Pid>73967-640-0000106-57792</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="11" Result="114"/><App Id="16" Version="11" Result="114"/><App Id="18" Version="11" Result="114"/><App Id="19" Version="11" Result="114"/><App Id="1A" Version="11" Result="114"/><App Id="1B" Version="11" Result="114"/><App Id="44" Version="11" Result="114"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1A925:Dell Inc|1A925:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A

<==

[Cypher]

Hi davege.

Thanks for the assistance!

You're welcome.

The Microsoft Office Professional Editie 2003 on your computer is a non-genuine copy. It was installed with a now blocked Volume Licensing Key (VLK) that was valid and only available to corporations, education entities and government agencies. VLKs are blocked by Microsoft at the request and consent of the original keyholder for such reasons as the key was lost, stolen, compromised, misused, or expired. Also, Microsoft may have blocked the key if it notices a pattern of misuse, that is more installations of XP using that key than authorized.
A VL Product Key is non-transferable to individuals.

Please read Illegal copies of software and Forum Rules.

Any time the helper detects that you may have illegal software on your machine, that helper may stop assisting you immediately until you can demonstrate that you have rectified the situation. We will not support fixing machines with pirated or otherwise illegal software.

If you still want help, please remove the illegal items from your computer, and if you still need the softwares, get legal ones from legitimate sources.
If you advised that the illegal softwares have been removed and I find it otherwise (the tools we use can and will detect them), then I will have no choice but to have this topic closed.
If there are more such new findings after this, the topic will also be closed.

You may return to the seller to demand for a replacement with a genuine copy or get a full refund. Have a read Here to see if you qualify for Genuince Office Offer.

If you wish for me to continue helping you remove Microsoft Office Professional Editie 2003 and post a new uninstall list.

[davege]

ok
that is cleared (was not aware of it). Below is new result of the MGADiag?


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
Windows Product ID: 76395-OEM-2111907-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.2.0.hom
ID: {05A8EF4E-DCF0-4063-8EF9-AC7EE7D8036D}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.18.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.18.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{05A8EF4E-DCF0-4063-8EF9-AC7EE7D8036D}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.2.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>76395-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-1435424380-2327733308-3081230043</SID><SYSTEM><Manufacturer>Dell Inc. </Manufacturer><Model>Dell DC051 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc. </Manufacturer><Version>A02</Version><SMBIOSVersion major="2" minor="3"/><Date>20060405000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>BF0330470184406D</HWID><UserLCID>0813</UserLCID><SystemLCID>0413</SystemLCID><TimeZone>Romance (standaardtijd)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Dimension DC051</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.0"/><File Name="WgaLogon.dll" Version="1.7.18.0"/></GANotification></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1A925:Dell Inc|1A925:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A

[Cypher]

Hi.

do I post a new result of the MGADiag?

Yes please do.

[davege]

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
Windows Product ID: 76395-OEM-2111907-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.2.0.hom
ID: {05A8EF4E-DCF0-4063-8EF9-AC7EE7D8036D}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.18.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.7.18.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: B4D0AA8B-604-645_025D1FF3-230-1

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{05A8EF4E-DCF0-4063-8EF9-AC7EE7D8036D}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010300.2.0.hom</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-4C8MT</PKey><PID>76395-OEM-2111907-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-1435424380-2327733308-3081230043</SID><SYSTEM><Manufacturer>Dell Inc. </Manufacturer><Model>Dell DC051 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc. </Manufacturer><Version>A02</Version><SMBIOSVersion major="2" minor="3"/><Date>20060405000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>BF0330470184406D</HWID><UserLCID>0813</UserLCID><SystemLCID>0413</SystemLCID><TimeZone>Romance (standaardtijd)(GMT+01:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Dimension DC051</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.7.18.0"/><File Name="WgaLogon.dll" Version="1.7.18.0"/></GANotification></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1A925:Dell Inc|1A925:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A

[Cypher]

Hi davege.
Thank you for your cooperation, please continue with the instructions below.

Add/Remove programs

• Click on start
• Then Run
• In the open text entry box please copy/paste appwiz.cpl Then click enter.
• Press the "Remove" or "Change/Remove"...button to uninstall the following.

J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
Java(TM) SE Runtime Environment 6 Update 1
JuicyAccess Toolbar

Next.

Back Up registry with ERUNT

• Please use the following link and download ERUNT to your desktop. HERE
• Click on the erunt-setup.exe
• Follow the prompts to install ERUNT
• Choose language
• A set up window will pop up. It will ask: Create ERUNT entry in to the Start up folder, answer NO
  
  
  
• Backup your registry to the default location

Note: To restore your registry (if needed), go to the folder and start ERDNT.exe

Next.

Download and run OTM

Download OTM.exe by Old Timer and save it to your Desktop.

• Double-click OTM.exe to run it.
• Right-click then copy the following code, Do not include the word Code.
  

  Code: Select all

  :Reg
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
  [-HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
  [-HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
  [-HKEY_CLASSES_ROOT\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
  [-HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
  "{84938242-5C5B-4A55-B6B9-A1507543B418}"=-
  [-HKEY_CLASSES_ROOT\CLSID\{84938242-5C5B-4A55-B6B9-A1507543B418}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "Loader"=-
  "USS"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
  [-HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\downloadfree.avg.com]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru.avg.com]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\update.avgfree.com]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru1.grisoft.cz]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru2.grisoft.cz]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru3.grisoft.cz]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
  "{aed6f6a3-183c-488d-9f90-23db99f56e7f}"=-
  [-HKEY_CLASSES_ROOT\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}]
  
  :Files
  C:\Documents and Settings\Fons\Application Data\hotfix.exe
  C:\WINDOWS\System\loader.exe
  C:\Program Files\USS
  C:\WINDOWS\system32\geplxss.dll
  
  :Commands
  [EmptyFlash]
  [emptytemp]
  [start explorer]
  [Reboot]
  

  
  
  • Return to OTM, right-click then paste the code into the blank box below
  • Next click on the large button.
  • OTM may ask to reboot the machine. Please do so if asked.
  • Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next.

Download/run Rkill:

Please download Rkill from one of the following links and save to your Desktop:

One, Two,Three or Four

• Double click on Rkill.
• A command window will open then disappear upon completion, this is normal.
• When finished, Notepad will open with a log called, "rkill.log".
• Please copy and paste the contents of the rkill.log in your next reply.
• The file is automatically saved... located at C:\rkill.log.
• Please leave Rkill on the Desktop until otherwise advised.

Note: If your security software warns about Rkill, please ignore and allow the download to continue.


Next.

Malwarebytes Anti-Malware:

• Launch the application, Check for Updates >> Perform Quick Scan.
• When the scan is complete, click OK, then Show Results to view the results.
• Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
• When completed, a log will open in Notepad. please copy and paste the log into your next reply.
• The log can also be found here:
  C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Next.

RSIT (Random's System Information Tool)

Please download RSIT by random/random... and save it to your desktop.

• Double click on RSIT.exe to run it.
• Please read the disclaimer... click on Continue.
• RSIT will start running. When done... 2 logs files...will be produced.
• The first one, "log.txt", << will be maximized
• The second one, "info.txt", << will be minimized.

Please post both... "log.txt" and "info.txt", file contents in your next reply.
(These logs can be lengthy, so post 1 log per reply please.)



Logs/Information to Post in your Next Reply

• OTM log.
• Malwarebytes log.
• RSIT log.txt and info.txt contents.
• Please give me an update on your computers performance.

[davege]

otm.log


All processes killed
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CA6319C0-31B7-401E-A518-A07C3DB8F777}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{84938242-5C5B-4A55-B6B9-A1507543B418} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84938242-5C5B-4A55-B6B9-A1507543B418}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{84938242-5C5B-4A55-B6B9-A1507543B418}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84938242-5C5B-4A55-B6B9-A1507543B418}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Loader deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\USS deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\downloadfree.avg.com\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru.avg.com\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\update.avgfree.com\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru1.grisoft.cz\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru2.grisoft.cz\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\guru3.grisoft.cz\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\\{aed6f6a3-183c-488d-9f90-23db99f56e7f} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\ deleted successfully.
Registry key HKEY_CLASSES_ROOT\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\ not found.
========== FILES ==========
C:\Documents and Settings\Fons\Application Data\hotfix.exe moved successfully.
File/Folder C:\WINDOWS\System\loader.exe not found.
C:\Program Files\USS\{20CF7FD9-6C26-450b-BC5B-B4AD67438A26}\AppBase folder moved successfully.
C:\Program Files\USS\{20CF7FD9-6C26-450b-BC5B-B4AD67438A26} folder moved successfully.
C:\Program Files\USS folder moved successfully.
File/Folder C:\WINDOWS\system32\geplxss.dll not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 388608 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Eigenaar

User: Fons
->Temp folder emptied: 745838608 bytes
->Temporary Internet Files folder emptied: 640340823 bytes
->Java cache emptied: 13779909 bytes
->Flash cache emptied: 1955545 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32969 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2675997 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 649794529 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 74011776 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 391964 bytes

Total Files Cleaned = 2.031,00 mb


OTM by OldTimer - Version 3.1.17.1 log created on 10262010_213346

Files moved on Reboot...
File C:\WINDOWS\temp\_avast5_\Webshlock.txt not found!

Registry entries deleted on Reboot...

[davege]

rkill.log


This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.
Ran as Fons on 26/10/2010 at 21:52:54.


Services Stopped:


Processes terminated by Rkill or while it was running:


C:\Documents and Settings\Fons\Bureaublad\rkill.com


Rkill completed on 26/10/2010 at 21:52:57.

[davege]

malware bytes.log


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4954

Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702

26/10/2010 22:01:54
mbam-log-2010-10-26 (22-01-54).txt

Scantype: Snelle scan
Objecten gescand: 143960
Verstreken tijd: 5 minuut/minuten, 25 seconde(n)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 1
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 2

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.

Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:
C:\Documents and Settings\Fons\Application Data\asdsada.bat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Fons\Application Data\444.bat (Malware.Trace) -> Quarantined and deleted successfully.

[davege]

log.txt

Logfile of random's system information tool 1.08 (written by random/random)
Run by Fons at 2010-10-26 22:04:26
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 77 GB (69%) free of 111 GB
Total RAM: 1014 MB (69% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\NSSstub.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{F689A790-238B-468C-847D-D12FC3780C88}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-12-18 59032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}]
PC Tools Browser Guard BHO - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\System32\DLA\DLASHX_W.DLL [2005-09-08 110652]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-01-20 2423872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-01-20 2423872]
{472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll [2010-01-22 567248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688]
"DMXLauncher"=C:\Program Files\Dell\Media Experience\DMXLauncher.exe [2005-10-05 94208]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"DLA"=C:\WINDOWS\System32\DLA\DLACTRLW.EXE [2005-09-08 122940]
"Lexmark X1100 Series"=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe [2003-08-19 57344]
"Belgacom"=C:\Program Files\Belgacom\bin\sprtcmd.exe [2008-05-29 202016]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-09-07 2838912]
"ISTray"=C:\Program Files\Spyware Doctor\pctsTray.exe [2010-03-09 1286608]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-20 68856]
"gStart"=C:\MapSource\gStart.exe [2008-08-13 1891416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriveCleaner Free]
C:\Program Files\DriveCleaner Free\UDC.exe /min []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
C:\Program Files\McAfee\SpamKiller\MSKDetct.exe [2005-07-12 1117184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-20 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\udc6cw]
C:\Program Files\DriveCleaner Free\udc6cw.exe -c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uwa7pcw]
C:\Program Files\Common Files\WinAntiVirus Pro 2007\uwa7pcw.exe -c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WA6PM_Check]
C:\Program Files\Common Files\DriveCleaner Free\udcwap.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntiVirus Pro 2007]
C:\Program Files\WinAntiVirus Pro 2007\WinAV.exe []

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-22 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"system"=C:\WINDOWS\system32\lsass.exe [2004-08-04 13312]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"E:\STHIW\stInstall.exe"="E:\STHIW\stInstall.exe:*:Enabled:SpeedTouch Home Install Wizard"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\AVG\AVG8\avgcmgr.exe"="C:\Program Files\AVG\AVG8\avgcmgr.exe:*:Enabled:avgcmgr.exe"
"C:\Program Files\AVG\AVG8\avgiproxy.exe"="C:\Program Files\AVG\AVG8\avgiproxy.exe:*:Enabled:avgiproxy.exe"
"C:\Program Files\AVG\AVG8\avgtray.exe"="C:\Program Files\AVG\AVG8\avgtray.exe:*:Enabled:AVG Free Tray Icon"
"C:\Program Files\AVG\AVG8\avgui.exe"="C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:AVG Free User Interface"
"C:\Program Files\AVG\AVG8\avgwdsvc.exe"="C:\Program Files\AVG\AVG8\avgwdsvc.exe:*:Enabled:avgwdsvc.exe"
"C:\WINDOWS\system32\fxsclnt.exe"="C:\WINDOWS\system32\fxsclnt.exe:*:Disabled:Microsoft Fax Console"
"C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe"="C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe:*:Enabled:WiselinkPro"
"C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe"="C:\Program Files\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe:*:Enabled:http_ss_win_pro"
"C:\Garmin\MapSource.exe"="C:\Garmin\MapSource.exe:*:Enabled:MapSource"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-10-26 22:04:27 ----D---- C:\Program Files\trend micro
2010-10-26 22:04:26 ----D---- C:\rsit
2010-10-26 21:33:46 ----D---- C:\_OTM
2010-10-26 21:29:31 ----D---- C:\Program Files\ERUNT
2010-10-26 19:33:04 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-10-13 18:50:03 ----A---- C:\WINDOWS\SGDetectionTool.dll
2010-10-13 18:50:03 ----A---- C:\WINDOWS\BDTSupport.dll
2010-10-13 18:50:02 ----A---- C:\WINDOWS\PCTBDRes.dll
2010-10-13 18:50:02 ----A---- C:\WINDOWS\PCTBDCore.dll
2010-10-13 18:49:59 ----A---- C:\WINDOWS\system32\drivers\pctgntdi.sys
2010-10-13 18:49:55 ----A---- C:\WINDOWS\system32\drivers\PCTCore.sys
2010-10-13 18:49:55 ----A---- C:\WINDOWS\system32\drivers\PCTAppEvent.sys
2010-10-13 18:49:48 ----A---- C:\WINDOWS\system32\drivers\pctplsg.sys
2010-10-13 18:49:36 ----D---- C:\Program Files\Spyware Doctor
2010-10-13 18:49:36 ----D---- C:\Program Files\Common Files\PC Tools
2010-10-13 18:49:36 ----D---- C:\Documents and Settings\Fons\Application Data\PC Tools
2010-10-13 18:49:36 ----D---- C:\Documents and Settings\All Users\Application Data\PC Tools
2010-10-13 17:31:08 ----D---- C:\Documents and Settings\Fons\Application Data\Malwarebytes
2010-10-13 17:30:50 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-10-13 17:30:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-10-13 17:30:49 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-10-13 17:30:49 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-10-13 17:30:38 ----A---- C:\mbam-setup.exe
2010-10-09 14:14:00 ----ASH---- C:\hiberfil.sys
2010-10-08 16:09:12 ----A---- C:\WINDOWS\ntbtlog.txt

======List of files/folders modified in the last 1 months======

2010-10-26 22:04:27 ----RD---- C:\Program Files
2010-10-26 22:03:47 ----D---- C:\WINDOWS\Temp
2010-10-26 22:03:44 ----A---- C:\WINDOWS\ModemLog_Standaardmodem met 56000 bps.txt
2010-10-26 22:03:40 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-10-26 22:03:11 ----D---- C:\WINDOWS\system32\drivers
2010-10-26 22:02:37 ----D---- C:\WINDOWS\system32\CatRoot2
2010-10-26 22:02:37 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-10-26 21:53:22 ----D---- C:\WINDOWS\Prefetch
2010-10-26 21:50:52 ----D---- C:\WINDOWS\system32
2010-10-26 21:28:14 ----D---- C:\WINDOWS
2010-10-26 20:52:21 ----SHD---- C:\WINDOWS\Installer
2010-10-26 20:52:11 ----D---- C:\Program Files\Common Files
2010-10-26 20:12:23 ----D---- C:\Program Files\Common Files\Adobe
2010-10-26 20:12:23 ----D---- C:\Program Files\Adobe
2010-10-26 20:12:23 ----D---- C:\Documents and Settings\Fons\Application Data\Adobe
2010-10-26 20:10:47 ----RSD---- C:\WINDOWS\assembly
2010-10-26 20:10:45 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-10-26 20:10:42 ----RSD---- C:\WINDOWS\Fonts
2010-10-26 20:10:26 ----HD---- C:\WINDOWS\inf
2010-10-16 10:20:40 ----HDC---- C:\WINDOWS\$NtUninstallKB936357$
2010-10-13 18:49:53 ----D---- C:\WINDOWS\WinSxS
2010-10-13 18:39:35 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$
2010-10-09 14:17:33 ----D---- C:\WINDOWS\system32\CatRoot
2010-10-08 16:09:35 ----D---- C:\Documents and Settings
2010-10-07 19:19:09 ----D---- C:\dell
2010-10-07 18:24:27 ----D---- C:\Program Files\Internet Explorer
2010-10-05 09:03:52 ----A---- C:\WINDOWS\lexstat.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DRVMCDB;DRVMCDB; C:\WINDOWS\System32\Drivers\DRVMCDB.SYS [2005-09-12 89264]
R0 PCTCore;PCTools KDS; C:\WINDOWS\system32\drivers\PCTCore.sys [2010-03-10 217032]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2008-11-20 43872]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-09-07 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-09-07 165584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-09-07 46672]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2005-08-25 5628]
R1 DLARTL_N;DLARTL_N; C:\WINDOWS\System32\Drivers\DLARTL_N.SYS [2005-08-25 22684]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 40192]
R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-05-06 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-09-07 100176]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2005-09-08 25628]
R2 DLADResN;DLADResN; C:\WINDOWS\System32\DLA\DLADResN.SYS [2005-09-08 2496]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2005-09-08 86524]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2005-09-08 14684]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2005-09-08 6364]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2005-09-08 87036]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2005-09-08 94332]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2005-08-12 40544]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-09-07 23376]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-10-14 155648]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2004-08-12 137728]
R3 HidUsb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-06 12288]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2006-02-10 1107224]
R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
S3 grmnusb;Garmin USB Driver; C:\WINDOWS\system32\drivers\grmnusb.sys [2009-04-17 9344]
S3 IMNPF;IMFirewall Packet Filter; C:\WINDOWS\system32\drivers\imnpf.sys []
S3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2004-08-04 607132]
S3 MODEMCSA;Unimodem Streaming-filterapparaat; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 Ser2pl;ATEN USB to Serial port driver; C:\WINDOWS\system32\DRIVERS\ser2pl.sys [2003-07-16 43264]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2004-08-04 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2004-08-04 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2004-08-04 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2004-08-04 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2004-08-04 41088]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2004-08-04 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 sprtsvc_belgacom;SupportSoft Sprocket Service (belgacom); C:\Program Files\Belgacom\bin\sprtsvc.exe [2008-05-29 202016]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-09-07 40384]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2004-08-04 268288]
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe [2008-05-29 382320]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe [2010-01-22 112592]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-23 138168]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2004-11-19 147456]
S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[davege]

info.txt


info.txt logfile of random's system information tool 1.08 2010-10-26 22:04:31

======Uninstall list======

-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
-->C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
ABBYY FineReader 5.0 Sprint-->MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe -maintain activex
Adobe Reader 7.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A71000000002}
Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"
avast! Free Antivirus-->C:\Program Files\Alwil Software\Avast5\aswRunDll.exe "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Belgacom Genius-->MsiExec.exe /X{FDE9FC7A-BF6D-4347-850D-05A16E6FEE17}
Beveiligingsupdate for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows Media Player 6.4 (KB925398)-->"C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB893756)-->"C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB896428)-->"C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB899587)-->"C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB900725)-->"C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB901017)-->"C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB902400)-->"C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905414)-->"C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB905749)-->"C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB911927)-->"C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB913580)-->"C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB914389)-->"C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB916281)-->"C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917422)-->"C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB917953)-->"C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB918118)-->"C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB919007)-->"C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920213)-->"C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920670)-->"C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920683)-->"C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB920685)-->"C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB921503)-->"C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB922819)-->"C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923191)-->"C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923414)-->"C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923694)-->"C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923980)-->"C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924191)-->"C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924270)-->"C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB924667)-->"C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB925902)-->"C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB926255)-->"C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB926436)-->"C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB927779)-->"C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB927802)-->"C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928090)-->"C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928255)-->"C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB928843)-->"C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB929123)-->"C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB930178)-->"C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931261)-->"C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB931784)-->"C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB932168)-->"C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB933729)-->"C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB935839)-->"C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB935840)-->"C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB936021)-->"C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB938829)-->"C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB941202)-->"C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB941568)-->"C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB943460)-->"C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB944653)-->"C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950749)-->"C:\WINDOWS\$NtUninstallKB950749$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB958470)-->"C:\WINDOWS\$NtUninstallKB958470$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Browser Defender 2.0.6.15-->"C:\Program Files\Spyware Doctor\BDT\unins000.exe"
Dell CinePlayer-->MsiExec.exe /I{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}
Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}
digifietser.v.1.31-->MsiExec.exe /I{2237F33F-B196-472D-842B-7F6354BDBC41}
digifietser.v.1.50-->MsiExec.exe /I{AD90E25C-ED9E-4746-9C3D-4C46ABE6CBE2}
Digifietser.v.2.00-->MsiExec.exe /I{A81EB4B1-2517-461E-892F-1F9B494884ED}
Digifietser.v.2.50-->MsiExec.exe /I{8DB850F9-6644-4A92-8171-F3F40B621AB1}
Digifietser.v.2.55-->MsiExec.exe /I{E9E60CAC-1072-47A9-B4F8-27804709C532}
DriveCleaner Free 1.0.82.0-->"C:\Program Files\DriveCleaner Free\unins000.exe"
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
Garmin City Navigator Europe 2008-->MsiExec.exe /X{96DA37C3-4B48-41ED-8500-9C1F1E3933A2}
Garmin MapSource-->MsiExec.exe /X{58FA5D40-E35A-47ED-8AFA-68CCC758559E}
Garmin TOPO Nederland-->"C:\Garmin\TopoNederland\unins000.exe"
Garmin Training Center-->MsiExec.exe /X{08D5F667-E1D7-4792-9FFD-5888C8D4A0DF}
Garmin USB Drivers-->MsiExec.exe /X{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}
Garmin USB Drivers-->MsiExec.exe /X{B1102A25-3AA3-446B-AA0F-A699B07A02FD}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915865)-->"C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB926239)-->"C:\WINDOWS\$NtUninstallKB926239$\spuninst\spuninst.exe"
Hotfix voor Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB914440)-->"C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix voor Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
Intel(R) PROSet for Wired Connections-->MsiExec.exe /I{83F793B5-8BBF-42FD-A8A6-868CB3E2AAEA}
JuicyAccess Toolbar-->C:\Documents and Settings\All Users\Application Data\{5EA804FD-5E7A-4405-A638-CAFBD22489D9}\Setup.exe
Lexmark X1100 Series-->C:\WINDOWS\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -dLexmark X1100 Series
LiveUpdate 2.6 (Symantec Corporation)-->C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE /U
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
MapWinGIS ActiveX Control-->"C:\Program Files\Common Files\MapWindow\unins000.exe"
MCU-->MsiExec.exe /I{D2988E9B-C73F-422C-AD4B-A66EBE257120}
Microsoft .NET Framework 1.1 Dutch Language Pack-->MsiExec.exe /X{168F8BAC-A269-48E9-BB7A-A51B594CF6FF}
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ Redist - ENU-->MsiExec.exe /X{5E09E82C-004D-4F08-B051-46DE6D79F71A}
MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Roxio DLA-->MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Roxio MyDVD LE-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Roxio RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Roxio RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Roxio RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
SearchAssist-->C:\DELL\SearchAssist\UninstSA.bat
Sonic Activation Module-->MsiExec.exe /I{5B6BE547-21E2-49CA-B2E2-6A5F470593B1}
Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Spyware Doctor 7.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Topo España V.3.0-->MsiExec.exe /X{1CFDFFDB-6646-43D6-8141-A77443F6BF98}
Topomap Belux -->MsiExec.exe /X{82D054AB-3034-41FE-980E-53026803D22A}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update voor Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"
Update voor Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe"
Update voor Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe"
Update voor Windows XP (KB894391)-->"C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Update voor Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update voor Windows XP (KB900485)-->"C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Update voor Windows XP (KB904942)-->"C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Update voor Windows XP (KB910437)-->"C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Update voor Windows XP (KB911280)-->"C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Update voor Windows XP (KB916595)-->"C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Update voor Windows XP (KB920872)-->"C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Update voor Windows XP (KB922582)-->"C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Update voor Windows XP (KB925720)-->"C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Update voor Windows XP (KB927891)-->"C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Update voor Windows XP (KB929338)-->"C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Update voor Windows XP (KB930916)-->"C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Update voor Windows XP (KB931836)-->"C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
Update voor Windows XP (KB932823-v3)-->"C:\WINDOWS\$NtUninstallKB932823-v3$\spuninst\spuninst.exe"
Update voor Windows XP (KB933360)-->"C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe"
Update voor Windows XP (KB936357)-->"C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Update voor Windows XP (KB938828)-->"C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Update voor Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update voor Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update voor Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update voor Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update voor Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update voor Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update voor Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update voor Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
URL Assistant-->regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)-->rundll32.exe C:\PROGRA~1\DIFX\15B7F172FC21855D\DIFxAppA.dll, DIFxARPUninstallDriverPackage C:\WINDOWS\system32\DRVSTORE\grmnusb_09F3E629557EBE4D2BA1A9469BDAE635AC0807AE\grmnusb.inf
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe"
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Hotfix - KB885836-->C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP Hotfix - KB886185-->C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP Hotfix - KB888302-->C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP Hotfix - KB890859-->"C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: avast! Antivirus (outdated)

======System event log======

Computer Name: LIVING
Event Code: 7036
Message: De Google Updater Service-service heeft nu de status Wordt uitgevoerd.

Record Number: 22144
Source Name: Service Control Manager
Time Written: 20100923183244.000000+120
Event Type: Gegevens
User:

Computer Name: LIVING
Event Code: 7035
Message: De Google Updater Service-service is naar een Starten-besturingselement verzonden.

Record Number: 22143
Source Name: Service Control Manager
Time Written: 20100923183244.000000+120
Event Type: Gegevens
User: NT AUTHORITY\SYSTEM

Computer Name: LIVING
Event Code: 18
Message: Gereed voor installatie: de volgende updates zijn gedownload en gereed voor installatie. De installatie van deze updates is gepland op vrijdag 24 september 2010 om 17:00:
- KB967715: Update voor Windows XP uur

Record Number: 22142
Source Name: Windows Update Agent
Time Written: 20100923173812.000000+120
Event Type: Gegevens
User:

Computer Name: LIVING
Event Code: 7036
Message: De Universele Plug en Play-apparaathost-service heeft nu de status Wordt uitgevoerd.

Record Number: 22141
Source Name: Service Control Manager
Time Written: 20100923173643.000000+120
Event Type: Gegevens
User:

Computer Name: LIVING
Event Code: 7035
Message: De Universele Plug en Play-apparaathost-service is naar een Starten-besturingselement verzonden.

Record Number: 22140
Source Name: Service Control Manager
Time Written: 20100923173643.000000+120
Event Type: Gegevens
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: LIVING
Event Code: 0
Message: ASPNET local user account does not exist, skipped setting WMI permissions for ASP.NET

Record Number: 14798
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100121171723.000000+060
Event Type: Gegevens
User:

Computer Name: LIVING
Event Code: 0
Message: Configuration section system.serviceModel.activation already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.

Record Number: 14797
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100121171721.000000+060
Event Type: Waarschuwing
User:

Computer Name: LIVING
Event Code: 0
Message: Configuration section system.runtime.serialization already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.

Record Number: 14796
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100121171721.000000+060
Event Type: Waarschuwing
User:

Computer Name: LIVING
Event Code: 0
Message: Configuration section system.serviceModel already exists in c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.

Record Number: 14795
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100121171720.000000+060
Event Type: Waarschuwing
User:

Computer Name: LIVING
Event Code: 0
Message: The ServiceModelReg tool will take the following actions:
Reinstalling configuration section system.serviceModel to c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Reinstalling configuration section system.runtime.serialization to c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Reinstalling configuration section system.serviceModel.activation to c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Config\machine.config.
Adding configuration entry for BuildProvider:
System.ServiceModel.Activation.ServiceBuildProvider, System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Reinstalling compilation assembly node to System.Web section group:
System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL
Reinstalling compilation assembly node to System.Web section group:
System.IdentityModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=MSIL
Reinstalling compilation assembly node to System.Web section group:
System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Reinstalling HttpHandlers node to System.Web section group:
*.svc
Reinstalling HttpModules node to System.Web section group:
ServiceModel
Reinstalling WMI classes.
Reinstalling Windows CardSpace (idsvc).
Reinstalling Net.Tcp Port Sharing Service (NetTcpPortSharing).
Reinstalling HTTP namespace reservations.

Record Number: 14794
Source Name: System.ServiceModel.Install 3.0.0.0
Time Written: 20100121171720.000000+060
Event Type: Gegevens
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=0409
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"SonicCentral"=C:\Program Files\Common Files\Sonic Shared\Sonic Central\

-----------------EOF-----------------

[davege]

and about the computers performance...

It looks ok, but how can I be sure? Reboot again? Run some other tool?

[Cypher]

Hi davege.

and about the computers performance...
It looks ok, but how can I be sure? Reboot again? Run some other tool?

Are you getting anymore alerts any other problems with your PC's performance?
When you ran RSIT did you have an active internet connection at the time?
We will be running RSIT again please be sure you are connected to the internet when doing so.

Re-run OTM

• Double-click OTM.exe to run it.
• Right-click then copy the following code, Do not include the word Code.
  

  Code: Select all

  :Reg
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriveCleaner Free]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\udc6cw]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uwa7pcw]
  [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinAntiVirus Pro 2007]
  
  :Files
  C:\Program Files\Common Files\WinAntiVirus Pro 2007
  C:\Program Files\WinAntiVirus Pro 2007
  
  :Commands
  [EmptyFlash]
  [emptytemp]
  [start explorer]
  [Reboot]
  

  
  
  • Return to OTM, right-click then paste the code into the blank box below
  • Next click on the large button.
  • OTM may ask to reboot the machine. Please do so if asked.
  • Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next.

Re-run - RSIT (Random's System Information Tool)

You should still have this program on your desktop.

• Double click on RSIT.exe to run it.
• Please read the disclaimer... click on Continue.
• RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
• Please post ONLY the "log.txt", file contents in your next reply.
  (This log can be lengthy, so a separate post may be needed.)

Next.

Disable Avast

• Right click on the avast! icon in system tray (looks like this: ) and choose (Stop On-Access Protection)
• Note: Don't forget to re-enable it after the below scan.

Next.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

• Hold down Control then click on the following link to open a new window to ESET online scannner
• Then click on:
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
  All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:

• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Logs/Information to Post in your Next Reply

• OTM log.
• RSIT log.txt.
• ESET log.
• Please give me an update on your computers performance.