Ga naar inhoud

guyzzmo

Lid
  • Items

    7
  • Registratiedatum

  • Laatst bezocht

guyzzmo's prestaties

  1. Besmet door het welomgekende Ucash virus. Verwijderd, MABM laten werken (nog een angel gevonden en verwijderd), MSE vond ook niks meer. In bijlage voor de zekerheid een Hijack logje, graag nazicht hiervan als er nog iets verdachts overblijft. Reeds 3e maal Ucash over de vloer gekregen, is wel op te lossen, maar vervelend. Virusscanners MSE en AVG konden dit niet tegenhouden. Enige oplossing mogelijk? Alvast bedankt voor het nazicht HIJACK LOG Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:24:15, on 12/08/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe C:\Documents and Settings\NAAM\Mijn documenten\SETUPS\programmas\ANTIVIRUS\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:38771 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/ O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162213379953 O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162215196484 O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1455/defaults/activex/ips/IPSUploader4.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://service.crelan.be/dwa7W.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10429 bytes MBAM log : Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2012.08.11.04 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 NAAM :: GUY [administrator] Realtime bescherming: Ingeschakeld 12/08/2012 0:11:58 mbam-log-2012-08-12 (00-11-58).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 233814 Verstreken tijd: 7 minuut/minuten, 28 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  2. perfect verlopen, alles lijkt normaal te werken. Snelheid hapert nog beetje. Kreeg bij verwijderen combofix wel de melding opnieuw dat AVG nog actief stond. Ik heb de remover van AVG afgehaald, mogelijk is het hiermee verwijderd Alvast bedankt voor de deskundige hulp en begeleiding
  3. ComboFix 12-08-07.05 - naam 08/08/2012 13:28:22.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1479 [GMT 2:00] Gestart vanuit: c:\documents and settings\naam\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\naam\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . FILE :: "c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe" "c:\windows\Tasks\Ad-Aware Update (Weekly).job" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Enigma Software Group c:\program files\Enigma Software Group\SpyHunter\gil.dat c:\program files\Enigma Software Group\SpyHunter\INSTALL.LOG c:\program files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20120807_122837.log c:\program files\Enigma Software Group\SpyHunter\safeol.dat c:\program files\Enigma Software Group\SpyHunter\scanlog.log c:\program files\Enigma Software Group\SpyHunter\supportlog.txt c:\program files\Enigma Software Group\SpyHunter\unkcache.dat c:\program files\Lavasoft c:\program files\Lavasoft\Ad-Aware\aawapi.dll c:\program files\Lavasoft\Ad-Aware\AAWService.exe c:\program files\Lavasoft\Ad-Aware\AAWTray.exe c:\program files\Lavasoft\Ad-Aware\Ad-Aware.exe c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe c:\program files\Lavasoft\Ad-Aware\Ad-AwareCommand.exe c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe c:\program files\Lavasoft\Ad-Aware\AWSC.exe c:\program files\Lavasoft\Ad-Aware\AWSCUpdate.dll c:\program files\Lavasoft\Ad-Aware\CEAPI.dll c:\program files\Lavasoft\Ad-Aware\dbghelp.dll c:\program files\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe c:\program files\Lavasoft\Ad-Aware\Drivers\32\DIFxAPI.dll c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.cat c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.inf c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.sys c:\program files\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe c:\program files\Lavasoft\Ad-Aware\Drivers\64\DIFxAPI.dll c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.cat c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.inf c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.sys c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys c:\program files\Lavasoft\Ad-Aware\Languages\resource_de-DE.xml c:\program files\Lavasoft\Ad-Aware\Languages\resource_en-US.xml c:\program files\Lavasoft\Ad-Aware\Languages\resource_es-ES.xml c:\program files\Lavasoft\Ad-Aware\Languages\resource_fr-FR.xml c:\program files\Lavasoft\Ad-Aware\Languages\resource_it-IT.xml c:\program files\Lavasoft\Ad-Aware\Languages\ResourceAdmin.xml c:\program files\Lavasoft\Ad-Aware\lavalicense.dll c:\program files\Lavasoft\Ad-Aware\lavamessage.dll c:\program files\Lavasoft\Ad-Aware\lsdelete.exe c:\program files\Lavasoft\Ad-Aware\Neutralize.dll c:\program files\Lavasoft\Ad-Aware\PrivacyClean.dll c:\program files\Lavasoft\Ad-Aware\Rebrand.dat c:\program files\Lavasoft\Ad-Aware\Resources.dll c:\program files\Lavasoft\Ad-Aware\Resources\Default.eGL c:\program files\Lavasoft\Ad-Aware\RPAPI.dll c:\program files\Lavasoft\Ad-Aware\sbap.dll c:\program files\Lavasoft\Ad-Aware\SBRE.dll c:\program files\Lavasoft\Ad-Aware\SBTE.dll c:\program files\Lavasoft\Ad-Aware\ShellExt.dll c:\program files\Lavasoft\Ad-Aware\threatwork.exe c:\program files\Lavasoft\Ad-Aware\unrar.dll c:\program files\Lavasoft\Ad-Aware\UpdateManager.dll c:\program files\Lavasoft\Ad-Aware\Vipre.dll c:\program files\Lavasoft\Ad-Aware\VipreBridge.dll c:\windows\Tasks\Ad-Aware Update (Weekly).job . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_ESGIGUARD -------\Legacy_LAVASOFT_KERNEXPLORER -------\Service_esgiguard -------\Service_Lavasoft Kernexplorer . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))) . . 2012-08-08 07:58 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6A022832-EFF8-4BE4-B0FD-A679377F9B45}\mpengine.dll 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\naam\Application Data\Malwarebytes 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-08-07 10:11 . 2012-08-08 11:26 -------- d--h--r- c:\documents and settings\naam\Onlangs geopend 2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client 2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP 2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax 2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax 2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax 2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll 2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll 2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll 2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll 2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll 2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll 2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll 2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll 2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll 2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll 2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax 2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll 2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll 2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll 2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll 2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll 2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll 2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll 2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple 2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update 2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent 2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe 2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe 2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll 2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax 2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll 2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm 2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax 2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax 2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll 2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll 2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec 2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-07_23.09.12 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-08 11:38 . 2012-08-08 11:38 16384 c:\windows\Temp\Perflib_Perfdata_88.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256] "NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072] "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080] . c:\documents and settings\naam\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^naam^Menu Start^Programma's^Opstarten^ctfmon.lnk] path=c:\documents and settings\naam\Menu Start\Programma's\Opstarten\ctfmon.lnk backup=c:\windows\pss\ctfmon.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^naam^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\documents and settings\naam\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn] 2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "LightScribeService"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120] S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\naam\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59] . 2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job - c:\documents and settings\naam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59] . 2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job - c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59] . 2012-08-08 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-08 c:\windows\Tasks\MpIdleTask.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-07 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-08-08 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = socks=127.0.0.1:38771 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\naam\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q= FF - prefs.js: network.proxy.type - 4 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-08 13:39 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(520) c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll . - - - - - - - > 'explorer.exe'(172) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\program files\Microsoft Security Client\MsMpEng.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\progra~1\COMMON~1\X10\Common\x10nets.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Windows Media Player\WMPNetwk.exe c:\windows\system32\rundll32.exe c:\windows\system32\RunDLL32.exe c:\windows\eHome\ehmsas.exe c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE c:\windows\system32\dllhost.exe . ************************************************************************** . Voltooingstijd: 2012-08-08 13:45:23 - machine werd herstart ComboFix-quarantined-files.txt 2012-08-08 11:45 ComboFix2.txt 2012-08-08 07:48 ComboFix3.txt 2012-08-07 23:11 . Pre-Run: 37.400.662.016 bytes beschikbaar Post-Run: 37.220.954.112 bytes beschikbaar . - - End Of File - - 6C61B4D1349F9DC0485E922C2E20F21A Ccleaner laten lopen (die gebruik ik al regelmatig), gaf niks terug van AVG problemen. Heb wel een map teruggevonden onder de 'alle gebruikers', en deze voorlopig in de prullenbak gezet. Kan dit de hapering zijn die bleef hangen? Nog eens scan laten uitvoeren door MSE, ik kreeg geen meldingen meer van Trojans. Kan ik er dan van uitgaan dat problemen van de baan zijn, of kijk ik nog verder iets na?
  4. logje combofix ComboFix 12-08-07.05 - xxx 08/08/2012 9:35.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1310 [GMT 2:00] Gestart vanuit: c:\documents and settings\guy vanzieleghem\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\xxx\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\be-flag.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\be-image.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\btn-green.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners-btn.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners1.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners2.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners3.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners4.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\ie6-7.css c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\jquery.main.js c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\main.html c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\McAfee.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\pays-be.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-be.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-en.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-nl.png c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\style.css c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\tabs.png c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCall.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla17.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla18.exe c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla19.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla2.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla20.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla21.dll c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla21.exe c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseData.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))) . . 2012-08-08 07:22 . 2012-08-08 07:22 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\offreg.dll 2012-08-08 07:22 . 2012-08-08 07:22 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\MpKslb385baf8.sys 2012-08-07 23:23 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\mpengine.dll 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\guy vanzieleghem\Application Data\Malwarebytes 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-07 10:28 . 2012-08-07 10:28 -------- d-----w- c:\program files\Enigma Software Group 2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-08-07 10:11 . 2012-08-08 07:28 -------- d--h--r- c:\documents and settings\xxx\Onlangs geopend 2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client 2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP 2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax 2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax 2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax 2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll 2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll 2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll 2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll 2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll 2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll 2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll 2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll 2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll 2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll 2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax 2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll 2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll 2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll 2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll 2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll 2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll 2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll 2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple 2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update 2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent 2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe 2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe 2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll 2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax 2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll 2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm 2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax 2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax 2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll 2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll 2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec 2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-08-07_23.09.12 ))))))))))))))))))))))))))))))))))))))))) . + 2012-08-08 07:14 . 2012-08-08 07:14 16384 c:\windows\Temp\Perflib_Perfdata_7e4.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256] "NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072] "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080] . c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programma's^Opstarten^ctfmon.lnk] path=c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\ctfmon.lnk backup=c:\windows\pss\ctfmon.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn] 2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "LightScribeService"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= . R1 MpKslb385baf8;MpKslb385baf8;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\MpKslb385baf8.sys [8/08/2012 9:22 29904] R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18/10/2011 20:06 15232] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120] S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys [?] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLB385BAF8 *NewlyCreated* - WS2IFSL *NewlyCreated* - WUAUSERV . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-18 13:43] . 2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job - c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job - c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59] . 2012-08-08 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-08 c:\windows\Tasks\MpIdleTask.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-07 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-08-08 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = socks=127.0.0.1:38771 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\xxx\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q= FF - prefs.js: network.proxy.type - 4 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-08 09:44 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(532) c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll . Voltooingstijd: 2012-08-08 09:48:29 ComboFix-quarantined-files.txt 2012-08-08 07:48 ComboFix2.txt 2012-08-07 23:11 . Pre-Run: 37.401.575.424 bytes beschikbaar Post-Run: 37.395.718.144 bytes beschikbaar . - - End Of File - - 3E2E6A48A6C0826808B82DE3FDCA41E6 Tijdens het opstarten Combofix was er opnieuw melding van AVG 2012 die actief zou zijn. Ik had ervoor al het removal tool laten lopen (zie hieronder). Blijkbaar zit er nog ergens een angel? Kan ik deze ergens terugvinden en er toch afkrijgen? Ik zie ook dat in de combofix er nog melding is van Spyhunter en Lavasoft (Ad Aware?). Deze zijn ook al verwijderd, maar bliujkbaar nog niet volledig weg... Zelfde vraag als bij AVG dus. Betreffende Malwarebytes, hier dien ik dan alles inactief te zetten indien ik het programma behoud naast MSE? Alvast bedankt, alleen zou ik hier noooit aan uit geraken. ;-) Logje AVG removal : 2012-08-08 07:25:48,359 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013) 2012-08-08 07:25:48,375 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013) 2012-08-08 07:25:48,375 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d) 2012-08-08 07:25:48,375 WARN AvgDir param empty. 2012-08-08 07:25:48,406 WARN AvgDataDir param empty. 2012-08-08 07:28:33,546 INFO AvgRemover runs in attempt number 1 2012-08-08 07:28:33,546 INFO ***** Services ***** 2012-08-08 07:28:33,546 INFO Processing service avg8emc 2012-08-08 07:28:33,546 INFO Service avg8emc is not installed 2012-08-08 07:28:33,546 DEBUG Service avg8emc RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service avg8emc are not present 2012-08-08 07:28:33,546 INFO Processing service avgfws8 2012-08-08 07:28:33,546 INFO Service avgfws8 is not installed 2012-08-08 07:28:33,546 DEBUG Service avgfws8 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service avgfws8 are not present 2012-08-08 07:28:33,546 INFO Processing service avg8wd 2012-08-08 07:28:33,546 INFO Service avg8wd is not installed 2012-08-08 07:28:33,546 DEBUG Service avg8wd RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service avg8wd are not present 2012-08-08 07:28:33,546 INFO Processing service AvgWFPx 2012-08-08 07:28:33,546 INFO Service AvgWFPx is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgWFPx RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgWFPx are not present 2012-08-08 07:28:33,546 INFO Processing service AvgWFPa 2012-08-08 07:28:33,546 INFO Service AvgWFPa is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgWFPa RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgWFPa are not present 2012-08-08 07:28:33,546 INFO Processing service AvgMfx86 2012-08-08 07:28:33,546 INFO Service AvgMfx86 is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgMfx86 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgMfx86 are not present 2012-08-08 07:28:33,546 INFO Processing service AvgMfx64 2012-08-08 07:28:33,546 INFO Service AvgMfx64 is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgMfx64 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgMfx64 are not present 2012-08-08 07:28:33,546 INFO Processing service AvgLdx86 2012-08-08 07:28:33,546 INFO Service AvgLdx86 is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgLdx86 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgLdx86 are not present 2012-08-08 07:28:33,546 INFO Processing service AvgLdx64 2012-08-08 07:28:33,546 INFO Service AvgLdx64 is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgLdx64 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgLdx64 are not present 2012-08-08 07:28:33,546 INFO Processing service AvgTdiX 2012-08-08 07:28:33,546 INFO Service AvgTdiX is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgTdiX RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgTdiX are not present 2012-08-08 07:28:33,546 INFO Processing service AvgTdiA 2012-08-08 07:28:33,546 INFO Service AvgTdiA is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgTdiA RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgTdiA are not present 2012-08-08 07:28:33,546 INFO Processing service AvgRkx86 2012-08-08 07:28:33,546 INFO Service AvgRkx86 is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgRkx86 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgRkx86 are not present 2012-08-08 07:28:33,546 INFO Processing service AvgRkx64 2012-08-08 07:28:33,546 INFO Service AvgRkx64 is not installed 2012-08-08 07:28:33,546 DEBUG Service AvgRkx64 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgRkx64 are not present 2012-08-08 07:28:33,546 INFO Processing service avg9emc 2012-08-08 07:28:33,546 INFO Service avg9emc is not installed 2012-08-08 07:28:33,546 DEBUG Service avg9emc RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service avg9emc are not present 2012-08-08 07:28:33,546 INFO Processing service avgfws9 2012-08-08 07:28:33,546 INFO Service avgfws9 is not installed 2012-08-08 07:28:33,546 DEBUG Service avgfws9 RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service avgfws9 are not present 2012-08-08 07:28:33,546 INFO Processing service avg9wd 2012-08-08 07:28:33,546 INFO Service avg9wd is not installed 2012-08-08 07:28:33,546 DEBUG Service avg9wd RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service avg9wd are not present 2012-08-08 07:28:33,546 INFO Processing service AVGIDSAgent 2012-08-08 07:28:33,546 INFO Service AVGIDSAgent is not installed 2012-08-08 07:28:33,546 DEBUG Service AVGIDSAgent RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSAgent are not present 2012-08-08 07:28:33,546 INFO Processing service AVGIDSShimxpx 2012-08-08 07:28:33,546 INFO Service AVGIDSShimxpx is not installed 2012-08-08 07:28:33,546 DEBUG Service AVGIDSShimxpx RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSShimxpx are not present 2012-08-08 07:28:33,546 INFO Processing service AVGIDSFilterxpx 2012-08-08 07:28:33,546 INFO Service AVGIDSFilterxpx is not installed 2012-08-08 07:28:33,546 DEBUG Service AVGIDSFilterxpx RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSFilterxpx are not present 2012-08-08 07:28:33,546 INFO Processing service AVGIDSDriverxpx 2012-08-08 07:28:33,546 INFO Service AVGIDSDriverxpx is not installed 2012-08-08 07:28:33,546 DEBUG Service AVGIDSDriverxpx RegCleanup 2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSDriverxpx are not present 2012-08-08 07:28:33,546 INFO Processing service AVGIDSShimvtx 2012-08-08 07:28:33,562 INFO Service AVGIDSShimvtx is not installed 2012-08-08 07:28:33,562 DEBUG Service AVGIDSShimvtx RegCleanup 2012-08-08 07:28:33,562 DEBUG Registry keys for service AVGIDSShimvtx are not present 2012-08-08 07:28:33,562 INFO Processing service AVGIDSFiltervtx 2012-08-08 07:28:33,578 INFO Service AVGIDSFiltervtx is not installed 2012-08-08 07:28:33,578 DEBUG Service AVGIDSFiltervtx RegCleanup 2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSFiltervtx are not present 2012-08-08 07:28:33,578 INFO Processing service AVGIDSDrivervtx 2012-08-08 07:28:33,578 INFO Service AVGIDSDrivervtx is not installed 2012-08-08 07:28:33,578 DEBUG Service AVGIDSDrivervtx RegCleanup 2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSDrivervtx are not present 2012-08-08 07:28:33,578 INFO Processing service AVGIDSFiltervta 2012-08-08 07:28:33,578 INFO Service AVGIDSFiltervta is not installed 2012-08-08 07:28:33,578 DEBUG Service AVGIDSFiltervta RegCleanup 2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSFiltervta are not present 2012-08-08 07:28:33,578 INFO Processing service AVGIDSDrivervta 2012-08-08 07:28:33,578 INFO Service AVGIDSDrivervta is not installed 2012-08-08 07:28:33,578 DEBUG Service AVGIDSDrivervta RegCleanup 2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSDrivervta are not present 2012-08-08 07:28:33,578 INFO Processing service AVGIDSShimw7x 2012-08-08 07:28:33,578 INFO Service AVGIDSShimw7x is not installed 2012-08-08 07:28:33,578 DEBUG Service AVGIDSShimw7x RegCleanup 2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSShimw7x are not present 2012-08-08 07:28:33,578 INFO Processing service AVGIDSFilterw7x 2012-08-08 07:28:33,609 INFO Service AVGIDSFilterw7x is not installed 2012-08-08 07:28:33,609 DEBUG Service AVGIDSFilterw7x RegCleanup 2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSFilterw7x are not present 2012-08-08 07:28:33,609 INFO Processing service AVGIDSDriverw7x 2012-08-08 07:28:33,609 INFO Service AVGIDSDriverw7x is not installed 2012-08-08 07:28:33,609 DEBUG Service AVGIDSDriverw7x RegCleanup 2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSDriverw7x are not present 2012-08-08 07:28:33,609 INFO Processing service AVGIDSFilterw7a 2012-08-08 07:28:33,609 INFO Service AVGIDSFilterw7a is not installed 2012-08-08 07:28:33,609 DEBUG Service AVGIDSFilterw7a RegCleanup 2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSFilterw7a are not present 2012-08-08 07:28:33,609 INFO Processing service AVGIDSDriverw7a 2012-08-08 07:28:33,609 INFO Service AVGIDSDriverw7a is not installed 2012-08-08 07:28:33,609 DEBUG Service AVGIDSDriverw7a RegCleanup 2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSDriverw7a are not present 2012-08-08 07:28:33,609 INFO Processing service AVGIDSErHrxpx 2012-08-08 07:28:33,625 INFO Service AVGIDSErHrxpx is not installed 2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrxpx RegCleanup 2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrxpx are not present 2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrvtx 2012-08-08 07:28:33,625 INFO Service AVGIDSErHrvtx is not installed 2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrvtx RegCleanup 2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrvtx are not present 2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrvta 2012-08-08 07:28:33,625 INFO Service AVGIDSErHrvta is not installed 2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrvta RegCleanup 2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrvta are not present 2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrw7x 2012-08-08 07:28:33,625 INFO Service AVGIDSErHrw7x is not installed 2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrw7x RegCleanup 2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrw7x are not present 2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrw7a 2012-08-08 07:28:33,656 INFO Service AVGIDSErHrw7a is not installed 2012-08-08 07:28:33,656 DEBUG Service AVGIDSErHrw7a RegCleanup 2012-08-08 07:28:33,656 DEBUG Registry keys for service AVGIDSErHrw7a are not present 2012-08-08 07:28:33,656 INFO ***** Registry keys and values ***** 2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions 2012-08-08 07:28:33,656 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove 2012-08-08 07:28:33,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present 2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions 2012-08-08 07:28:33,656 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove 2012-08-08 07:28:33,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present 2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found 2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found 2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found 2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found 2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found 2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} 2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found 2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify 2012-08-08 07:28:33,671 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d) 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run 2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove 2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove 2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found 2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\.avgdi 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\.avgdi not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\Clients 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\Clients ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\Clients not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG8 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG9 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG IDS 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG IDS not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG 2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\AVG:DumpType Remove 2012-08-08 07:28:33,687 INFO Value SOFTWARE\AVG:DumpType is not present 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Remove 2012-08-08 07:28:33,687 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG Security Toolbar 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG8 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG9 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Remove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG Security Toolbar 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks 2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove 2012-08-08 07:28:33,687 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser 2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove 2012-08-08 07:28:33,703 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present 2012-08-08 07:28:33,703 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:28:33,703 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} 2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove 2012-08-08 07:28:33,703 INFO Processing registry aAvgAPI.AvgBro 2012-08-08 07:28:33,703 DEBUG Key aAvgAPI.AvgBro ForceRemove 2012-08-08 07:28:33,703 DEBUG Key aAvgAPI.AvgBro not found 2012-08-08 07:28:33,703 INFO Processing registry AVG.Office 2012-08-08 07:28:33,703 DEBUG Key AVG.Office ForceRemove 2012-08-08 07:28:33,703 DEBUG Key AVG.Office not found 2012-08-08 07:28:33,703 INFO Processing registry AVG.Office.8 2012-08-08 07:28:33,703 DEBUG Key AVG.Office.8 ForceRemove 2012-08-08 07:28:33,703 DEBUG Key AVG.Office.8 not found 2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBAR 2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove 2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBAR not found 2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button 2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove 2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button 2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove 2012-08-08 07:28:33,703 INFO Processing registry LinkScannerIE.NavFilter 2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter ForceRemove 2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter not found 2012-08-08 07:28:33,703 INFO Processing registry LinkScannerIE.NavFilter.1 2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove 2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter.1 not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found 2012-08-08 07:28:33,703 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:28:33,703 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:28:33,703 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} 2012-08-08 07:28:33,703 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found 2012-08-08 07:28:33,703 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} 2012-08-08 07:28:33,703 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove 2012-08-08 07:28:33,703 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found 2012-08-08 07:28:33,703 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} 2012-08-08 07:28:33,718 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove 2012-08-08 07:28:33,718 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found 2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found 2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found 2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found 2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:28:33,718 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:28:33,718 INFO ***** Files and folders ***** 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 0 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 1 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 2 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 3 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 4 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 5 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 6 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 7 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 8 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 9 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 10 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 11 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 12 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 13 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 14 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 15 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 16 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk 2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk 2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk 2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk 2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk not found 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 27 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 28 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 29 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 30 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 31 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 32 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 33 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 34 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 35 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 36 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 37 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 38 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 39 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 40 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 41 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 42 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 43 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 44 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 45 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 46 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 47 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 48 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 49 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 50 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 51 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 52 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 53 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 54 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 55 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 56 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 57 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 58 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 59 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 60 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 61 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 62 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 63 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 64 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 65 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 66 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 67 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 68 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 69 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 70 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar 2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk 2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk not found 2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk 2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk not found 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 76 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 77 2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 78 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 79 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 80 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 81 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 82 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 83 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 84 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 85 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 86 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 87 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 88 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 89 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 90 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 91 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 92 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 93 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 94 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 95 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 96 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 97 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 98 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 99 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 100 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 101 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 102 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 103 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 104 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 105 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 106 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 107 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 108 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 109 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 110 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 111 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 112 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 113 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 114 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 115 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 116 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 117 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 118 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 119 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 120 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 121 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 122 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 123 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 124 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 125 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 126 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 127 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 128 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 129 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 130 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 131 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 132 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 133 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 134 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 135 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 136 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 137 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 138 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 139 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 140 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 141 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 142 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 143 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 144 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 145 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 146 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 147 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 148 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 149 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 150 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 151 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 152 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 153 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 154 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 155 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 156 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 157 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 158 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 159 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 160 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 161 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 162 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 163 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 164 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 165 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 166 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 167 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 168 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 169 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 170 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 171 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 172 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 173 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 174 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 175 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 176 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 177 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 178 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 179 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 180 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 181 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 182 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 183 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 184 2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 185 2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg 2012-08-08 07:28:33,750 INFO File C:\WINDOWS\System32\Drivers\avg\compat12.txt deleted 2012-08-08 07:28:33,765 INFO Directory C:\WINDOWS\System32\Drivers\avg deleted 2012-08-08 07:28:33,765 DEBUG Processing item C:\WINDOWS\System32 2012-08-08 07:28:33,765 DEBUG Processing item C:\Program Files\AVG 2012-08-08 07:28:33,765 INFO Directory C:\Program Files\AVG not found 2012-08-08 07:28:33,765 DEBUG Missing ParentDir path for fileItem number 194 2012-08-08 07:28:33,765 INFO ***** Avg Fw NDIS driver ***** 2012-08-08 07:28:36,656 INFO FW NDIS driver not present 2012-08-08 07:30:38,437 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013) 2012-08-08 07:30:38,437 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013) 2012-08-08 07:30:38,437 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d) 2012-08-08 07:30:38,437 WARN AvgDir param empty. 2012-08-08 07:30:38,437 WARN AvgDataDir param empty. 2012-08-08 07:30:41,484 INFO AvgRemover runs in attempt number 1 2012-08-08 07:30:41,484 INFO ***** Services ***** 2012-08-08 07:30:41,484 INFO Processing service avg8emc 2012-08-08 07:30:41,484 INFO Service avg8emc is not installed 2012-08-08 07:30:41,484 DEBUG Service avg8emc RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service avg8emc are not present 2012-08-08 07:30:41,484 INFO Processing service avgfws8 2012-08-08 07:30:41,484 INFO Service avgfws8 is not installed 2012-08-08 07:30:41,484 DEBUG Service avgfws8 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service avgfws8 are not present 2012-08-08 07:30:41,484 INFO Processing service avg8wd 2012-08-08 07:30:41,484 INFO Service avg8wd is not installed 2012-08-08 07:30:41,484 DEBUG Service avg8wd RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service avg8wd are not present 2012-08-08 07:30:41,484 INFO Processing service AvgWFPx 2012-08-08 07:30:41,484 INFO Service AvgWFPx is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgWFPx RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgWFPx are not present 2012-08-08 07:30:41,484 INFO Processing service AvgWFPa 2012-08-08 07:30:41,484 INFO Service AvgWFPa is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgWFPa RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgWFPa are not present 2012-08-08 07:30:41,484 INFO Processing service AvgMfx86 2012-08-08 07:30:41,484 INFO Service AvgMfx86 is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgMfx86 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgMfx86 are not present 2012-08-08 07:30:41,484 INFO Processing service AvgMfx64 2012-08-08 07:30:41,484 INFO Service AvgMfx64 is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgMfx64 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgMfx64 are not present 2012-08-08 07:30:41,484 INFO Processing service AvgLdx86 2012-08-08 07:30:41,484 INFO Service AvgLdx86 is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgLdx86 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgLdx86 are not present 2012-08-08 07:30:41,484 INFO Processing service AvgLdx64 2012-08-08 07:30:41,484 INFO Service AvgLdx64 is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgLdx64 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgLdx64 are not present 2012-08-08 07:30:41,484 INFO Processing service AvgTdiX 2012-08-08 07:30:41,484 INFO Service AvgTdiX is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgTdiX RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgTdiX are not present 2012-08-08 07:30:41,484 INFO Processing service AvgTdiA 2012-08-08 07:30:41,484 INFO Service AvgTdiA is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgTdiA RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgTdiA are not present 2012-08-08 07:30:41,484 INFO Processing service AvgRkx86 2012-08-08 07:30:41,484 INFO Service AvgRkx86 is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgRkx86 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgRkx86 are not present 2012-08-08 07:30:41,484 INFO Processing service AvgRkx64 2012-08-08 07:30:41,484 INFO Service AvgRkx64 is not installed 2012-08-08 07:30:41,484 DEBUG Service AvgRkx64 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgRkx64 are not present 2012-08-08 07:30:41,484 INFO Processing service avg9emc 2012-08-08 07:30:41,484 INFO Service avg9emc is not installed 2012-08-08 07:30:41,484 DEBUG Service avg9emc RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service avg9emc are not present 2012-08-08 07:30:41,484 INFO Processing service avgfws9 2012-08-08 07:30:41,484 INFO Service avgfws9 is not installed 2012-08-08 07:30:41,484 DEBUG Service avgfws9 RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service avgfws9 are not present 2012-08-08 07:30:41,484 INFO Processing service avg9wd 2012-08-08 07:30:41,484 INFO Service avg9wd is not installed 2012-08-08 07:30:41,484 DEBUG Service avg9wd RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service avg9wd are not present 2012-08-08 07:30:41,484 INFO Processing service AVGIDSAgent 2012-08-08 07:30:41,484 INFO Service AVGIDSAgent is not installed 2012-08-08 07:30:41,484 DEBUG Service AVGIDSAgent RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSAgent are not present 2012-08-08 07:30:41,484 INFO Processing service AVGIDSShimxpx 2012-08-08 07:30:41,484 INFO Service AVGIDSShimxpx is not installed 2012-08-08 07:30:41,484 DEBUG Service AVGIDSShimxpx RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSShimxpx are not present 2012-08-08 07:30:41,484 INFO Processing service AVGIDSFilterxpx 2012-08-08 07:30:41,484 INFO Service AVGIDSFilterxpx is not installed 2012-08-08 07:30:41,484 DEBUG Service AVGIDSFilterxpx RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSFilterxpx are not present 2012-08-08 07:30:41,484 INFO Processing service AVGIDSDriverxpx 2012-08-08 07:30:41,484 INFO Service AVGIDSDriverxpx is not installed 2012-08-08 07:30:41,484 DEBUG Service AVGIDSDriverxpx RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSDriverxpx are not present 2012-08-08 07:30:41,484 INFO Processing service AVGIDSShimvtx 2012-08-08 07:30:41,484 INFO Service AVGIDSShimvtx is not installed 2012-08-08 07:30:41,484 DEBUG Service AVGIDSShimvtx RegCleanup 2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSShimvtx are not present 2012-08-08 07:30:41,484 INFO Processing service AVGIDSFiltervtx 2012-08-08 07:30:41,484 INFO Service AVGIDSFiltervtx is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSFiltervtx RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFiltervtx are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSDrivervtx 2012-08-08 07:30:41,500 INFO Service AVGIDSDrivervtx is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSDrivervtx RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDrivervtx are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSFiltervta 2012-08-08 07:30:41,500 INFO Service AVGIDSFiltervta is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSFiltervta RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFiltervta are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSDrivervta 2012-08-08 07:30:41,500 INFO Service AVGIDSDrivervta is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSDrivervta RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDrivervta are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSShimw7x 2012-08-08 07:30:41,500 INFO Service AVGIDSShimw7x is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSShimw7x RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSShimw7x are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSFilterw7x 2012-08-08 07:30:41,500 INFO Service AVGIDSFilterw7x is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSFilterw7x RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFilterw7x are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSDriverw7x 2012-08-08 07:30:41,500 INFO Service AVGIDSDriverw7x is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSDriverw7x RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDriverw7x are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSFilterw7a 2012-08-08 07:30:41,500 INFO Service AVGIDSFilterw7a is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSFilterw7a RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFilterw7a are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSDriverw7a 2012-08-08 07:30:41,500 INFO Service AVGIDSDriverw7a is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSDriverw7a RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDriverw7a are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrxpx 2012-08-08 07:30:41,500 INFO Service AVGIDSErHrxpx is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrxpx RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrxpx are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrvtx 2012-08-08 07:30:41,500 INFO Service AVGIDSErHrvtx is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrvtx RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrvtx are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrvta 2012-08-08 07:30:41,500 INFO Service AVGIDSErHrvta is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrvta RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrvta are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrw7x 2012-08-08 07:30:41,500 INFO Service AVGIDSErHrw7x is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrw7x RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrw7x are not present 2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrw7a 2012-08-08 07:30:41,500 INFO Service AVGIDSErHrw7a is not installed 2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrw7a RegCleanup 2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrw7a are not present 2012-08-08 07:30:41,500 INFO ***** Registry keys and values ***** 2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions 2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove 2012-08-08 07:30:41,500 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present 2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions 2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove 2012-08-08 07:30:41,500 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present 2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found 2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found 2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found 2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found 2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found 2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} 2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found 2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar 2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove 2012-08-08 07:30:41,500 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:30:41,515 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:30:41,515 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify 2012-08-08 07:30:41,515 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d) 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present 2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run 2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove 2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\AvgDiagFile 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\AvgDiagFile 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\.avgdi 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\.avgdi not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\Clients 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\Clients ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\Clients not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG8 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG9 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG IDS 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG IDS not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG 2012-08-08 07:30:41,531 DEBUG Value SOFTWARE\AVG:DumpType Remove 2012-08-08 07:30:41,531 INFO Value SOFTWARE\AVG:DumpType is not present 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Remove 2012-08-08 07:30:41,531 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG Security Toolbar 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG8 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG9 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Remove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG Security Toolbar 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove 2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar not found 2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks 2012-08-08 07:30:41,546 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove 2012-08-08 07:30:41,546 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present 2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser 2012-08-08 07:30:41,546 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove 2012-08-08 07:30:41,546 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present 2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} 2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found 2012-08-08 07:30:41,546 INFO Processing registry aAvgAPI.AvgBro 2012-08-08 07:30:41,546 DEBUG Key aAvgAPI.AvgBro ForceRemove 2012-08-08 07:30:41,546 DEBUG Key aAvgAPI.AvgBro not found 2012-08-08 07:30:41,546 INFO Processing registry AVG.Office 2012-08-08 07:30:41,546 DEBUG Key AVG.Office ForceRemove 2012-08-08 07:30:41,546 DEBUG Key AVG.Office not found 2012-08-08 07:30:41,546 INFO Processing registry AVG.Office.8 2012-08-08 07:30:41,546 DEBUG Key AVG.Office.8 ForceRemove 2012-08-08 07:30:41,546 DEBUG Key AVG.Office.8 not found 2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBAR 2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove 2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBAR not found 2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button 2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove 2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found 2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button 2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove 2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found 2012-08-08 07:30:41,546 INFO Processing registry LinkScannerIE.NavFilter 2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter ForceRemove 2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter not found 2012-08-08 07:30:41,546 INFO Processing registry LinkScannerIE.NavFilter.1 2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove 2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter.1 not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} 2012-08-08 07:30:41,546 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove 2012-08-08 07:30:41,546 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found 2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} 2012-08-08 07:30:41,562 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found 2012-08-08 07:30:41,562 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:30:41,562 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:30:41,562 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} 2012-08-08 07:30:41,562 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found 2012-08-08 07:30:41,562 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} 2012-08-08 07:30:41,562 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found 2012-08-08 07:30:41,562 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} 2012-08-08 07:30:41,562 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found 2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found 2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found 2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found 2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove 2012-08-08 07:30:41,562 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found 2012-08-08 07:30:41,562 INFO ***** Files and folders ***** 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 0 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 1 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 2 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 3 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 4 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 5 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 6 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 7 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 8 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 9 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 10 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 11 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 12 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 13 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 14 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 15 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 16 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR 2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk 2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk 2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk 2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk not found 2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk 2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk not found 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 27 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 28 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 29 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 30 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 31 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 32 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 33 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 34 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 35 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 36 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 37 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 38 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 39 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 40 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 41 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 42 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 43 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 44 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 45 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 46 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 47 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 48 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 49 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 50 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 51 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 52 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 53 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 54 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 55 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 56 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 57 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 58 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 59 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 60 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 61 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 62 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 63 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 64 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 65 2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 66 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 67 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 68 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 69 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 70 2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages 2012-08-08 07:30:41,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found 2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar 2012-08-08 07:30:41,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk 2012-08-08 07:30:41,578 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk not found 2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk 2012-08-08 07:30:41,578 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk not found 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 76 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 77 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 78 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 79 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 80 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 81 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 82 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 83 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 84 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 85 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 86 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 87 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 88 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 89 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 90 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 91 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 92 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 93 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 94 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 95 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 96 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 97 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 98 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 99 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 100 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 101 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 102 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 103 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 104 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 105 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 106 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 107 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 108 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 109 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 110 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 111 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 112 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 113 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 114 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 115 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 116 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 117 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 118 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 119 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 120 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 121 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 122 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 123 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 124 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 125 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 126 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 127 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 128 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 129 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 130 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 131 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 132 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 133 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 134 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 135 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 136 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 137 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 138 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 139 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 140 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 141 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 142 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 143 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 144 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 145 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 146 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 147 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 148 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 149 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 150 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 151 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 152 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 153 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 154 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 155 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 156 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 157 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 158 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 159 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 160 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 161 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 162 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 163 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 164 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 165 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 166 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 167 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 168 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 169 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 170 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 171 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 172 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 173 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 174 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 175 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 176 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 177 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 178 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 179 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 180 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 181 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 182 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 183 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 184 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 185 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg 2012-08-08 07:30:41,578 INFO Directory C:\WINDOWS\System32\Drivers\avg not found 2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32 2012-08-08 07:30:41,578 DEBUG Processing item C:\Program Files\AVG 2012-08-08 07:30:41,578 INFO Directory C:\Program Files\AVG not found 2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 194 2012-08-08 07:30:41,578 INFO ***** Avg Fw NDIS driver ***** 2012-08-08 07:30:42,187 INFO FW NDIS driver not present
  5. In bijlage Combo Fix log ComboFix 12-08-07.03 - NAAM 08/08/2012 1:02.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1140 [GMT 2:00] Gestart vanuit: c:\documents and settings\xx\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\ptkfbdfszixqnku c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\X\Application Data\44733bf8 c:\documents and settings\X\Application Data\496274bd c:\documents and settings\X\Application Data\888ae64a c:\documents and settings\X\Application Data\88ff63b6 c:\documents and settings\X\Application Data\b6ab15ef c:\documents and settings\X\Application Data\b7203e9c c:\documents and settings\X\Application Data\b7ce93a1 c:\documents and settings\X\Application Data\ba3a5326 c:\documents and settings\X\Application Data\bab750a4 c:\documents and settings\X\Application Data\bb24c653 c:\documents and settings\X\Application Data\cd44b85c c:\documents and settings\X\Application Data\cdbbebd2 c:\documents and settings\X\Application Data\cea5262f c:\documents and settings\X\Application Data\cf180e97 c:\documents and settings\X\Application Data\d03560e9 c:\documents and settings\X\Application Data\d0ae8a7c c:\documents and settings\X\Application Data\d11d30c7 c:\documents and settings\X\Application Data\d1da8cae c:\documents and settings\X\Application Data\d254d56b c:\documents and settings\X\Application Data\dbb288be c:\documents and settings\X\Application Data\deda14f9 c:\documents and settings\X\Application Data\inst.exe C:\Thumbs.db c:\windows\SET435.tmp c:\windows\system32\_004655_.tmp.dll c:\windows\system32\_004656_.tmp.dll c:\windows\system32\_004657_.tmp.dll c:\windows\system32\_004658_.tmp.dll c:\windows\system32\_004665_.tmp.dll c:\windows\system32\_004666_.tmp.dll c:\windows\system32\_004667_.tmp.dll c:\windows\system32\_004668_.tmp.dll c:\windows\system32\_004670_.tmp.dll c:\windows\system32\_004671_.tmp.dll c:\windows\system32\_004674_.tmp.dll c:\windows\system32\_004675_.tmp.dll c:\windows\system32\_004677_.tmp.dll c:\windows\system32\_004678_.tmp.dll c:\windows\system32\_004679_.tmp.dll c:\windows\system32\_004681_.tmp.dll c:\windows\system32\_004684_.tmp.dll c:\windows\system32\_004685_.tmp.dll c:\windows\system32\_004689_.tmp.dll c:\windows\system32\_004690_.tmp.dll c:\windows\system32\_004692_.tmp.dll c:\windows\system32\_004695_.tmp.dll c:\windows\system32\_004697_.tmp.dll c:\windows\system32\_004698_.tmp.dll c:\windows\system32\_004699_.tmp.dll c:\windows\system32\_004700_.tmp.dll c:\windows\system32\_004701_.tmp.dll c:\windows\system32\_004704_.tmp.dll c:\windows\system32\_004705_.tmp.dll c:\windows\system32\_004706_.tmp.dll c:\windows\system32\_004707_.tmp.dll c:\windows\system32\_004708_.tmp.dll c:\windows\system32\_004713_.tmp.dll c:\windows\system32\_004715_.tmp.dll c:\windows\system32\Cache c:\windows\system32\Cache\047144a9b878a36f.fb c:\windows\system32\Cache\272512937d9e61a4.fb c:\windows\system32\Cache\287204568329e189.fb c:\windows\system32\Cache\28bc8f716fd76a47.fb c:\windows\system32\Cache\2c53092c95605355.fb c:\windows\system32\Cache\31a0997e9a5b5eb3.fb c:\windows\system32\Cache\32c84fe32bb74d60.fb c:\windows\system32\Cache\3917078cb68ec657.fb c:\windows\system32\Cache\4a32862b38fd9697.fb c:\windows\system32\Cache\590ba23ce359fd0c.fb c:\windows\system32\Cache\5b598853c0105ef0.fb c:\windows\system32\Cache\610289e025a3ee9a.fb c:\windows\system32\Cache\64fcb896798bf27f.fb c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb c:\windows\system32\Cache\6d03dad1035885d3.fb c:\windows\system32\Cache\9ba482de413eb658.fb c:\windows\system32\Cache\a8556537add6dfc5.fb c:\windows\system32\Cache\ad10a52aff5e038d.fb c:\windows\system32\Cache\c1fa887b03019701.fb c:\windows\system32\Cache\c4d28dca2e7648be.fb c:\windows\system32\Cache\d201ef9910cd39de.fb c:\windows\system32\Cache\d2e94710a5708128.fb c:\windows\system32\Cache\d79b9dfe81484ec4.fb c:\windows\system32\Cache\e0de16f883bea794.fb c:\windows\system32\Cache\f998975c9cc711ee.fb c:\windows\system32\SET110D.tmp c:\windows\system32\SET1110.tmp c:\windows\system32\SET1113.tmp c:\windows\system32\SET1118.tmp c:\windows\system32\SET1125.tmp c:\windows\system32\SET1126.tmp c:\windows\system32\SET1130.tmp c:\windows\system32\SET114C.tmp c:\windows\system32\SET139.tmp c:\windows\system32\SET13A.tmp c:\windows\system32\SET13B.tmp c:\windows\system32\SET13C.tmp c:\windows\system32\SET13D.tmp c:\windows\system32\SET13E.tmp c:\windows\system32\SET140.tmp c:\windows\system32\SET147.tmp c:\windows\system32\SET148.tmp c:\windows\system32\SET14B.tmp c:\windows\system32\SET14C.tmp c:\windows\system32\SET14D.tmp c:\windows\system32\SET14F.tmp c:\windows\system32\SET154.tmp c:\windows\system32\SET155.tmp c:\windows\system32\SET156.tmp c:\windows\system32\SET158.tmp c:\windows\system32\SET159.tmp c:\windows\system32\SET15A.tmp c:\windows\system32\SET15B.tmp c:\windows\system32\SET15C.tmp c:\windows\system32\SET15E.tmp c:\windows\system32\SET15F.tmp c:\windows\system32\SET160.tmp c:\windows\system32\SET16A.tmp c:\windows\system32\SET16B.tmp c:\windows\system32\SET16E.tmp c:\windows\system32\SET170.tmp c:\windows\system32\SET171.tmp c:\windows\system32\SET175.tmp c:\windows\system32\SET176.tmp c:\windows\system32\SET178.tmp c:\windows\system32\SET17A.tmp c:\windows\system32\SET17B.tmp c:\windows\system32\SET17C.tmp c:\windows\system32\SET17E.tmp c:\windows\system32\SET183.tmp c:\windows\system32\SET184.tmp c:\windows\system32\SET185.tmp c:\windows\system32\SET186.tmp c:\windows\system32\SET187.tmp c:\windows\system32\SET18A.tmp c:\windows\system32\SET18D.tmp c:\windows\system32\SET192.tmp c:\windows\system32\SET193.tmp c:\windows\system32\SET194.tmp c:\windows\system32\SET196.tmp c:\windows\system32\SET199.tmp c:\windows\system32\SET19A.tmp c:\windows\system32\SET19B.tmp c:\windows\system32\SET1A1.tmp c:\windows\system32\SET1A2.tmp c:\windows\system32\SET1A4.tmp c:\windows\system32\SET1A8.tmp c:\windows\system32\SET1B1.tmp c:\windows\system32\SET1B2.tmp c:\windows\system32\SET1B5.tmp c:\windows\system32\SET1B7.tmp c:\windows\system32\SET1B8.tmp c:\windows\system32\SET1B9.tmp c:\windows\system32\SET1BA.tmp c:\windows\system32\SET1BB.tmp c:\windows\system32\SET1CB.tmp c:\windows\system32\SET1D0.tmp c:\windows\system32\SET1D2.tmp c:\windows\system32\SET1D4.tmp c:\windows\system32\SET1D5.tmp c:\windows\system32\SET1D6.tmp c:\windows\system32\SET1D7.tmp c:\windows\system32\SET1D9.tmp c:\windows\system32\SET1DA.tmp c:\windows\system32\SET1DE.tmp c:\windows\system32\SET1DF.tmp c:\windows\system32\SET1E2.tmp c:\windows\system32\SET1E3.tmp c:\windows\system32\SET1E4.tmp c:\windows\system32\SET1EA.tmp c:\windows\system32\SET1EB.tmp c:\windows\system32\SET1EC.tmp c:\windows\system32\SET1F4.tmp c:\windows\system32\SET1FA.tmp c:\windows\system32\SET1FB.tmp c:\windows\system32\SET1FC.tmp c:\windows\system32\SET1FD.tmp c:\windows\system32\SET1FF.tmp c:\windows\system32\SET204.tmp c:\windows\system32\SET205.tmp c:\windows\system32\SET211.tmp c:\windows\system32\SET213.tmp c:\windows\system32\SET215.tmp c:\windows\system32\SET216.tmp c:\windows\system32\SET217.tmp c:\windows\system32\SET21A.tmp c:\windows\system32\SET21F.tmp c:\windows\system32\SET220.tmp c:\windows\system32\SET222.tmp c:\windows\system32\SET224.tmp c:\windows\system32\SET225.tmp c:\windows\system32\SET228.tmp c:\windows\system32\SET22A.tmp c:\windows\system32\SET22D.tmp c:\windows\system32\SET23C.tmp c:\windows\system32\SET23E.tmp c:\windows\system32\SET23F.tmp c:\windows\system32\SET240.tmp c:\windows\system32\SET247.tmp c:\windows\system32\SET248.tmp c:\windows\system32\SET24B.tmp c:\windows\system32\SET24C.tmp c:\windows\system32\SET24D.tmp c:\windows\system32\SET24E.tmp c:\windows\system32\SET24F.tmp c:\windows\system32\SET251.tmp c:\windows\system32\SET252.tmp c:\windows\system32\SET253.tmp c:\windows\system32\SET255.tmp c:\windows\system32\SET256.tmp c:\windows\system32\SET257.tmp c:\windows\system32\SET259.tmp c:\windows\system32\SET25C.tmp c:\windows\system32\SET261.tmp c:\windows\system32\SET262.tmp c:\windows\system32\SET263.tmp c:\windows\system32\SET268.tmp c:\windows\system32\SET269.tmp c:\windows\system32\SET26A.tmp c:\windows\system32\SET26C.tmp c:\windows\system32\SET26F.tmp c:\windows\system32\SET271.tmp c:\windows\system32\SET272.tmp c:\windows\system32\SET275.tmp c:\windows\system32\SET276.tmp c:\windows\system32\SET279.tmp c:\windows\system32\SET27C.tmp c:\windows\system32\SET27D.tmp c:\windows\system32\SET27F.tmp c:\windows\system32\SET284.tmp c:\windows\system32\SET289.tmp c:\windows\system32\SET28D.tmp c:\windows\system32\SET28F.tmp c:\windows\system32\SET290.tmp c:\windows\system32\SET294.tmp c:\windows\system32\SET299.tmp c:\windows\system32\SET29E.tmp c:\windows\system32\SET2A0.tmp c:\windows\system32\SET2A2.tmp c:\windows\system32\SET2A3.tmp c:\windows\system32\SET2AE.tmp c:\windows\system32\SET2AF.tmp c:\windows\system32\SET2B0.tmp c:\windows\system32\SET2B1.tmp c:\windows\system32\SET2B2.tmp c:\windows\system32\SET2B3.tmp c:\windows\system32\SET2B5.tmp c:\windows\system32\SET2B7.tmp c:\windows\system32\SET2B9.tmp c:\windows\system32\SET2C3.tmp c:\windows\system32\SET2C5.tmp c:\windows\system32\SET2C7.tmp c:\windows\system32\SET2C8.tmp c:\windows\system32\SET2C9.tmp c:\windows\system32\SET2CB.tmp c:\windows\system32\SET2CD.tmp c:\windows\system32\SET2D1.tmp c:\windows\system32\SET2D2.tmp c:\windows\system32\SET2D4.tmp c:\windows\system32\SET2D5.tmp c:\windows\system32\SET2D7.tmp c:\windows\system32\SET2D8.tmp c:\windows\system32\SET2DB.tmp c:\windows\system32\SET2E6.tmp c:\windows\system32\SET2EA.tmp c:\windows\system32\SET2EB.tmp c:\windows\system32\SET2EC.tmp c:\windows\system32\SET2EF.tmp c:\windows\system32\SET2F7.tmp c:\windows\system32\SET2FE.tmp c:\windows\system32\SET300.tmp c:\windows\system32\SET302.tmp c:\windows\system32\SET304.tmp c:\windows\system32\SET306.tmp c:\windows\system32\SET309.tmp c:\windows\system32\SET318.tmp c:\windows\system32\SET31C.tmp c:\windows\system32\SET31E.tmp c:\windows\system32\SET320.tmp c:\windows\system32\SET326.tmp c:\windows\system32\SET32A.tmp c:\windows\system32\SET338.tmp c:\windows\system32\SET33E.tmp c:\windows\system32\SET340.tmp c:\windows\system32\SET341.tmp c:\windows\system32\SET342.tmp c:\windows\system32\SET344.tmp c:\windows\system32\SET347.tmp c:\windows\system32\SET348.tmp c:\windows\system32\SET34C.tmp c:\windows\system32\SET356.tmp c:\windows\system32\SET357.tmp c:\windows\system32\SET35A.tmp c:\windows\system32\SET35C.tmp c:\windows\system32\SET35D.tmp c:\windows\system32\SET35E.tmp c:\windows\system32\SET360.tmp c:\windows\system32\SET366.tmp c:\windows\system32\SET367.tmp c:\windows\system32\SET36A.tmp c:\windows\system32\SET36F.tmp c:\windows\system32\SET375.tmp c:\windows\system32\SET385.tmp c:\windows\system32\SET386.tmp c:\windows\system32\SET38B.tmp c:\windows\system32\SET395.tmp c:\windows\system32\SET3A5.tmp c:\windows\system32\SET3A8.tmp c:\windows\system32\SET3AB.tmp c:\windows\system32\SET3B0.tmp c:\windows\system32\SET3B2.tmp c:\windows\system32\SET3B6.tmp c:\windows\system32\SET3BA.tmp c:\windows\system32\SET3BB.tmp c:\windows\system32\SET3BD.tmp c:\windows\system32\SET3BE.tmp c:\windows\system32\SET3BF.tmp c:\windows\system32\SET3C2.tmp c:\windows\system32\SET3C4.tmp c:\windows\system32\SET3C5.tmp c:\windows\system32\SET3C7.tmp c:\windows\system32\SET3C8.tmp c:\windows\system32\SET3CA.tmp c:\windows\system32\SET3CC.tmp c:\windows\system32\SET3D1.tmp c:\windows\system32\SET3D2.tmp c:\windows\system32\SET3DA.tmp c:\windows\system32\SET3E0.tmp c:\windows\system32\SET3E5.tmp c:\windows\system32\SET3E8.tmp c:\windows\system32\SET3EB.tmp c:\windows\system32\SET3ED.tmp c:\windows\system32\SET3F1.tmp c:\windows\system32\SET3F3.tmp c:\windows\system32\SET3F4.tmp c:\windows\system32\SET3F5.tmp c:\windows\system32\SET3F8.tmp c:\windows\system32\SET3F9.tmp c:\windows\system32\SET3FD.tmp c:\windows\system32\SET3FE.tmp c:\windows\system32\SET403.tmp c:\windows\system32\SET408.tmp c:\windows\system32\SET40B.tmp c:\windows\system32\SET40F.tmp c:\windows\system32\SET411.tmp c:\windows\system32\SET413.tmp c:\windows\system32\SET591.tmp c:\windows\system32\SET597.tmp c:\windows\system32\SET9D.tmp c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-07-07 to 2012-08-07 )))))))))))))))))))))))))))))) . . 2012-08-07 22:43 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F505EF5-C8D4-4F9C-AD70-2B174E684C98}\mpengine.dll 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\X\Application Data\Malwarebytes 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-08-07 10:28 . 2012-08-07 10:28 -------- d-----w- c:\program files\Enigma Software Group 2012-08-07 10:27 . 2012-08-07 11:25 -------- d-----w- c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP 2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-08-07 10:11 . 2012-08-07 22:33 -------- d--h--r- c:\documents and settings\X\Onlangs geopend 2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client 2012-08-02 07:40 . 2012-08-02 07:40 -------- d-----w- c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm 2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP 2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax 2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax 2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax 2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll 2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll 2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll 2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll 2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll 2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll 2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll 2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll 2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll 2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll 2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax 2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll 2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll 2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll 2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll 2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll 2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll 2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll 2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll 2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple 2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update 2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent 2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe 2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe 2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll 2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax 2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll 2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm 2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll 2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll 2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll 2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll 2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax 2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax 2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll 2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll 2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec 2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256] "NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072] "nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080] . c:\documents and settings\X\Menu Start\Programma's\Opstarten\ Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn] 2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\startupfolder\C:^Documents and Settings^X^Menu Start^Programma's^Opstarten^ctfmon.lnk] path=c:\documents and settings\X\Menu Start\Programma's\Opstarten\ctfmon.lnk backup=c:\windows\pss\ctfmon.lnkStartup . [HKLM\~\startupfolder\C:^Documents and Settings^X^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk] path=c:\documents and settings\X\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2008-06-19 15:20 57344 ----a-w- c:\windows\ALCMTR.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] 2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn] 2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut] 2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "LightScribeService"=2 (0x2) . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360] R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704] R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704] R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040] S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664] S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992] S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664] S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18/10/2011 20:06 15232] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120] S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\X\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\X\Bureaublad\WinStress Pro\uxddrv.sys [?] . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - MPKSLC68DD99E *Deregistered* - MpKslc68dd99e . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Inhoud van de 'Gedeelde Taken' map . 2012-07-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-18 13:43] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job - c:\documents and settings\XX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59] . 2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job - c:\documents and settings\XX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59] . 2012-08-07 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-07 c:\windows\Tasks\MpIdleTask.job - c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03] . 2012-08-07 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-08-07 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uInternet Settings,ProxyOverride = *.local uInternet Settings,ProxyServer = socks=127.0.0.1:38771 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab FF - ProfilePath - c:\documents and settings\XX\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q= FF - prefs.js: network.proxy.type - 4 FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) MSConfigStartUp-noygahzfhwzqhnr - c:\documents and settings\All Users\Application Data\noygahzf.exe AddRemove-OVT Scanner - c:\windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-08-08 01:08 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(520) c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll . Voltooingstijd: 2012-08-08 01:11:13 ComboFix-quarantined-files.txt 2012-08-07 23:11 . Pre-Run: 37.145.907.200 bytes beschikbaar Post-Run: 37.449.629.696 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect [spybotsd] timeout.old=30 . - - End Of File - - 7EE1CAA94FA44EE9EFB068EE50104D48 MO : gaf melding van actieve AVG, niettegenstaande deze gewist werd, MSE is nu de scanner?? Waar dient deze nog verwijderd te worden? Kan ik op MSE vertrouwen? En dient Malware Anit Malware opnieuw verwijderd te worden? Alvast bedankt voor de hulp
  6. Microsoft security essentials gaf melding van Trojanen, WIn32/ Sirefef met verscheidene extenties. ook Conedex.a en Weelsof.c werden vermeld. Deze konden niet verwijderd worden door MSE, wel in quarantaine gezet, maar deze werden telkens opnieuw actief. Heb er nadien Malware Bytes overgegooid, deze haalde zaken weg, maar ik weet niet of alles weg is. Pas nadien gezien dat de problemen hier iets deftiger aangepakt worden. Hieronder een Hijackthis log Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:10:09, on 7/08/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Windows Media Player\WMPNSCFG.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\svchost.exe C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\eHome\ehmsas.exe C:\Documents and Settings\naam\Mijn documenten\Downloads\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:38771 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/ O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162213379953 O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162215196484 O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1455/defaults/activex/ips/IPSUploader4.cab O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://service.crelan.be/dwa7W.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 10758 bytes Graag nazicht en verdere instructie om dit deftig op te lossen.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.