guyzzmo
-
Items
7 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door guyzzmo
-
-
Besmet door het welomgekende Ucash virus.
Verwijderd, MABM laten werken (nog een angel gevonden en verwijderd), MSE vond ook niks meer.
In bijlage voor de zekerheid een Hijack logje, graag nazicht hiervan als er nog iets verdachts overblijft.
Reeds 3e maal Ucash over de vloer gekregen, is wel op te lossen, maar vervelend.
Virusscanners MSE en AVG konden dit niet tegenhouden.
Enige oplossing mogelijk?
Alvast bedankt voor het nazicht
HIJACK LOG
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:24:15, on 12/08/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Documents and Settings\NAAM\Mijn documenten\SETUPS\programmas\ANTIVIRUS\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:38771
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162213379953
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162215196484
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1455/defaults/activex/ips/IPSUploader4.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://service.crelan.be/dwa7W.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 10429 bytes
MBAM log :
Malwarebytes Anti-Malware (-evaluatieversie-) 1.62.0.1300
Malwarebytes : Free anti-malware download
Databaseversie: v2012.08.11.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
NAAM :: GUY [administrator]
Realtime bescherming: Ingeschakeld
12/08/2012 0:11:58
mbam-log-2012-08-12 (00-11-58).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 233814
Verstreken tijd: 7 minuut/minuten, 28 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
-
perfect verlopen, alles lijkt normaal te werken. Snelheid hapert nog beetje.
Kreeg bij verwijderen combofix wel de melding opnieuw dat AVG nog actief stond.
Ik heb de remover van AVG afgehaald, mogelijk is het hiermee verwijderd
Alvast bedankt voor de deskundige hulp en begeleiding
-
ComboFix 12-08-07.05 - naam 08/08/2012 13:28:22.3.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1479 [GMT 2:00]
Gestart vanuit: c:\documents and settings\naam\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\naam\Bureaublad\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
FILE ::
"c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"
"c:\windows\Tasks\Ad-Aware Update (Weekly).job"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Enigma Software Group
c:\program files\Enigma Software Group\SpyHunter\gil.dat
c:\program files\Enigma Software Group\SpyHunter\INSTALL.LOG
c:\program files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20120807_122837.log
c:\program files\Enigma Software Group\SpyHunter\safeol.dat
c:\program files\Enigma Software Group\SpyHunter\scanlog.log
c:\program files\Enigma Software Group\SpyHunter\supportlog.txt
c:\program files\Enigma Software Group\SpyHunter\unkcache.dat
c:\program files\Lavasoft
c:\program files\Lavasoft\Ad-Aware\aawapi.dll
c:\program files\Lavasoft\Ad-Aware\AAWService.exe
c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
c:\program files\Lavasoft\Ad-Aware\Ad-Aware.exe
c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
c:\program files\Lavasoft\Ad-Aware\Ad-AwareCommand.exe
c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe
c:\program files\Lavasoft\Ad-Aware\AWSC.exe
c:\program files\Lavasoft\Ad-Aware\AWSCUpdate.dll
c:\program files\Lavasoft\Ad-Aware\CEAPI.dll
c:\program files\Lavasoft\Ad-Aware\dbghelp.dll
c:\program files\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe
c:\program files\Lavasoft\Ad-Aware\Drivers\32\DIFxAPI.dll
c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.cat
c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.inf
c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.sys
c:\program files\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe
c:\program files\Lavasoft\Ad-Aware\Drivers\64\DIFxAPI.dll
c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.cat
c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.inf
c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.sys
c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys
c:\program files\Lavasoft\Ad-Aware\Languages\resource_de-DE.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_en-US.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_es-ES.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_fr-FR.xml
c:\program files\Lavasoft\Ad-Aware\Languages\resource_it-IT.xml
c:\program files\Lavasoft\Ad-Aware\Languages\ResourceAdmin.xml
c:\program files\Lavasoft\Ad-Aware\lavalicense.dll
c:\program files\Lavasoft\Ad-Aware\lavamessage.dll
c:\program files\Lavasoft\Ad-Aware\lsdelete.exe
c:\program files\Lavasoft\Ad-Aware\Neutralize.dll
c:\program files\Lavasoft\Ad-Aware\PrivacyClean.dll
c:\program files\Lavasoft\Ad-Aware\Rebrand.dat
c:\program files\Lavasoft\Ad-Aware\Resources.dll
c:\program files\Lavasoft\Ad-Aware\Resources\Default.eGL
c:\program files\Lavasoft\Ad-Aware\RPAPI.dll
c:\program files\Lavasoft\Ad-Aware\sbap.dll
c:\program files\Lavasoft\Ad-Aware\SBRE.dll
c:\program files\Lavasoft\Ad-Aware\SBTE.dll
c:\program files\Lavasoft\Ad-Aware\ShellExt.dll
c:\program files\Lavasoft\Ad-Aware\threatwork.exe
c:\program files\Lavasoft\Ad-Aware\unrar.dll
c:\program files\Lavasoft\Ad-Aware\UpdateManager.dll
c:\program files\Lavasoft\Ad-Aware\Vipre.dll
c:\program files\Lavasoft\Ad-Aware\VipreBridge.dll
c:\windows\Tasks\Ad-Aware Update (Weekly).job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ESGIGUARD
-------\Legacy_LAVASOFT_KERNEXPLORER
-------\Service_esgiguard
-------\Service_Lavasoft Kernexplorer
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-07-08 to 2012-08-08 ))))))))))))))))))))))))))))))
.
.
2012-08-08 07:58 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6A022832-EFF8-4BE4-B0FD-A679377F9B45}\mpengine.dll
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\naam\Application Data\Malwarebytes
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-08-07 10:11 . 2012-08-08 11:26 -------- d--h--r- c:\documents and settings\naam\Onlangs geopend
2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP
2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax
2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax
2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax
2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll
2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll
2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll
2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll
2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll
2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll
2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll
2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll
2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax
2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll
2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll
2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll
2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll
2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll
2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll
2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll
2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple
2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update
2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent
2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe
2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe
2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll
2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax
2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll
2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm
2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax
2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax
2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll
2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll
2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-07_23.09.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-08 11:38 . 2012-08-08 11:38 16384 c:\windows\Temp\Perflib_Perfdata_88.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\naam\Menu Start\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^naam^Menu Start^Programma's^Opstarten^ctfmon.lnk]
path=c:\documents and settings\naam\Menu Start\Programma's\Opstarten\ctfmon.lnk
backup=c:\windows\pss\ctfmon.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^naam^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]
path=c:\documents and settings\naam\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn]
2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LightScribeService"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120]
S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\naam\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job
- c:\documents and settings\naam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job
- c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]
.
2012-08-08 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-08-08 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-08-07 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
2012-08-08 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = socks=127.0.0.1:38771
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.130.131.133 195.130.130.5
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\naam\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-08-08 13:39
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(520)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
- - - - - - - > 'explorer.exe'(172)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RunDLL32.exe
c:\windows\eHome\ehmsas.exe
c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
c:\windows\system32\dllhost.exe
.
**************************************************************************
.
Voltooingstijd: 2012-08-08 13:45:23 - machine werd herstart
ComboFix-quarantined-files.txt 2012-08-08 11:45
ComboFix2.txt 2012-08-08 07:48
ComboFix3.txt 2012-08-07 23:11
.
Pre-Run: 37.400.662.016 bytes beschikbaar
Post-Run: 37.220.954.112 bytes beschikbaar
.
- - End Of File - - 6C61B4D1349F9DC0485E922C2E20F21A
Ccleaner laten lopen (die gebruik ik al regelmatig), gaf niks terug van AVG problemen.
Heb wel een map teruggevonden onder de 'alle gebruikers', en deze voorlopig in de prullenbak gezet.
Kan dit de hapering zijn die bleef hangen?
Nog eens scan laten uitvoeren door MSE, ik kreeg geen meldingen meer van Trojans.
Kan ik er dan van uitgaan dat problemen van de baan zijn, of kijk ik nog verder iets na?
-
logje combofix
ComboFix 12-08-07.05 - xxx 08/08/2012 9:35.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1310 [GMT 2:00]
Gestart vanuit: c:\documents and settings\guy vanzieleghem\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\xxx\Bureaublad\CFScript.txt
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\be-flag.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\be-image.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\btn-green.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners-btn.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners1.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners2.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners3.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners4.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\ie6-7.css
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\jquery.main.js
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\main.html
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\McAfee.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\pays-be.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-be.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-en.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-nl.png
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\style.css
c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\tabs.png
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCall.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla17.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla18.exe
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla19.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla2.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla20.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla21.dll
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla21.exe
c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseData.ini
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-07-08 to 2012-08-08 ))))))))))))))))))))))))))))))
.
.
2012-08-08 07:22 . 2012-08-08 07:22 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\offreg.dll
2012-08-08 07:22 . 2012-08-08 07:22 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\MpKslb385baf8.sys
2012-08-07 23:23 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\mpengine.dll
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\guy vanzieleghem\Application Data\Malwarebytes
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-07 10:28 . 2012-08-07 10:28 -------- d-----w- c:\program files\Enigma Software Group
2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-08-07 10:11 . 2012-08-08 07:28 -------- d--h--r- c:\documents and settings\xxx\Onlangs geopend
2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP
2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax
2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax
2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax
2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll
2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll
2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll
2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll
2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll
2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll
2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll
2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll
2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax
2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll
2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll
2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll
2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll
2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll
2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll
2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll
2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple
2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update
2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent
2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe
2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe
2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll
2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax
2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll
2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm
2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax
2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax
2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll
2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll
2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-07_23.09.12 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-08 07:14 . 2012-08-08 07:14 16384 c:\windows\Temp\Perflib_Perfdata_7e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programma's^Opstarten^ctfmon.lnk]
path=c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\ctfmon.lnk
backup=c:\windows\pss\ctfmon.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]
path=c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn]
2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LightScribeService"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R1 MpKslb385baf8;MpKslb385baf8;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\MpKslb385baf8.sys [8/08/2012 9:22 29904]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18/10/2011 20:06 15232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120]
S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys [?]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSLB385BAF8
*NewlyCreated* - WS2IFSL
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-07-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-18 13:43]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job
- c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job
- c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]
.
2012-08-08 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-08-08 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-08-07 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
2012-08-08 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = socks=127.0.0.1:38771
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.130.131.133 195.130.130.5
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\xxx\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-08-08 09:44
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(532)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Voltooingstijd: 2012-08-08 09:48:29
ComboFix-quarantined-files.txt 2012-08-08 07:48
ComboFix2.txt 2012-08-07 23:11
.
Pre-Run: 37.401.575.424 bytes beschikbaar
Post-Run: 37.395.718.144 bytes beschikbaar
.
- - End Of File - - 3E2E6A48A6C0826808B82DE3FDCA41E6
Tijdens het opstarten Combofix was er opnieuw melding van AVG 2012 die actief zou zijn.
Ik had ervoor al het removal tool laten lopen (zie hieronder). Blijkbaar zit er nog ergens een angel?
Kan ik deze ergens terugvinden en er toch afkrijgen?
Ik zie ook dat in de combofix er nog melding is van Spyhunter en Lavasoft (Ad Aware?). Deze zijn ook al verwijderd, maar bliujkbaar nog niet volledig weg... Zelfde vraag als bij AVG dus.
Betreffende Malwarebytes, hier dien ik dan alles inactief te zetten indien ik het programma behoud naast MSE?
Alvast bedankt, alleen zou ik hier noooit aan uit geraken. ;-)
Logje AVG removal :
2012-08-08 07:25:48,359 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-08-08 07:25:48,375 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-08-08 07:25:48,375 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-08-08 07:25:48,375 WARN AvgDir param empty.
2012-08-08 07:25:48,406 WARN AvgDataDir param empty.
2012-08-08 07:28:33,546 INFO AvgRemover runs in attempt number 1
2012-08-08 07:28:33,546 INFO ***** Services *****
2012-08-08 07:28:33,546 INFO Processing service avg8emc
2012-08-08 07:28:33,546 INFO Service avg8emc is not installed
2012-08-08 07:28:33,546 DEBUG Service avg8emc RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service avg8emc are not present
2012-08-08 07:28:33,546 INFO Processing service avgfws8
2012-08-08 07:28:33,546 INFO Service avgfws8 is not installed
2012-08-08 07:28:33,546 DEBUG Service avgfws8 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service avgfws8 are not present
2012-08-08 07:28:33,546 INFO Processing service avg8wd
2012-08-08 07:28:33,546 INFO Service avg8wd is not installed
2012-08-08 07:28:33,546 DEBUG Service avg8wd RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service avg8wd are not present
2012-08-08 07:28:33,546 INFO Processing service AvgWFPx
2012-08-08 07:28:33,546 INFO Service AvgWFPx is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgWFPx RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgWFPx are not present
2012-08-08 07:28:33,546 INFO Processing service AvgWFPa
2012-08-08 07:28:33,546 INFO Service AvgWFPa is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgWFPa RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgWFPa are not present
2012-08-08 07:28:33,546 INFO Processing service AvgMfx86
2012-08-08 07:28:33,546 INFO Service AvgMfx86 is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgMfx86 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgMfx86 are not present
2012-08-08 07:28:33,546 INFO Processing service AvgMfx64
2012-08-08 07:28:33,546 INFO Service AvgMfx64 is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgMfx64 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgMfx64 are not present
2012-08-08 07:28:33,546 INFO Processing service AvgLdx86
2012-08-08 07:28:33,546 INFO Service AvgLdx86 is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgLdx86 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgLdx86 are not present
2012-08-08 07:28:33,546 INFO Processing service AvgLdx64
2012-08-08 07:28:33,546 INFO Service AvgLdx64 is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgLdx64 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgLdx64 are not present
2012-08-08 07:28:33,546 INFO Processing service AvgTdiX
2012-08-08 07:28:33,546 INFO Service AvgTdiX is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgTdiX RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgTdiX are not present
2012-08-08 07:28:33,546 INFO Processing service AvgTdiA
2012-08-08 07:28:33,546 INFO Service AvgTdiA is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgTdiA RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgTdiA are not present
2012-08-08 07:28:33,546 INFO Processing service AvgRkx86
2012-08-08 07:28:33,546 INFO Service AvgRkx86 is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgRkx86 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgRkx86 are not present
2012-08-08 07:28:33,546 INFO Processing service AvgRkx64
2012-08-08 07:28:33,546 INFO Service AvgRkx64 is not installed
2012-08-08 07:28:33,546 DEBUG Service AvgRkx64 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgRkx64 are not present
2012-08-08 07:28:33,546 INFO Processing service avg9emc
2012-08-08 07:28:33,546 INFO Service avg9emc is not installed
2012-08-08 07:28:33,546 DEBUG Service avg9emc RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service avg9emc are not present
2012-08-08 07:28:33,546 INFO Processing service avgfws9
2012-08-08 07:28:33,546 INFO Service avgfws9 is not installed
2012-08-08 07:28:33,546 DEBUG Service avgfws9 RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service avgfws9 are not present
2012-08-08 07:28:33,546 INFO Processing service avg9wd
2012-08-08 07:28:33,546 INFO Service avg9wd is not installed
2012-08-08 07:28:33,546 DEBUG Service avg9wd RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service avg9wd are not present
2012-08-08 07:28:33,546 INFO Processing service AVGIDSAgent
2012-08-08 07:28:33,546 INFO Service AVGIDSAgent is not installed
2012-08-08 07:28:33,546 DEBUG Service AVGIDSAgent RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSAgent are not present
2012-08-08 07:28:33,546 INFO Processing service AVGIDSShimxpx
2012-08-08 07:28:33,546 INFO Service AVGIDSShimxpx is not installed
2012-08-08 07:28:33,546 DEBUG Service AVGIDSShimxpx RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-08-08 07:28:33,546 INFO Processing service AVGIDSFilterxpx
2012-08-08 07:28:33,546 INFO Service AVGIDSFilterxpx is not installed
2012-08-08 07:28:33,546 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-08-08 07:28:33,546 INFO Processing service AVGIDSDriverxpx
2012-08-08 07:28:33,546 INFO Service AVGIDSDriverxpx is not installed
2012-08-08 07:28:33,546 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-08-08 07:28:33,546 INFO Processing service AVGIDSShimvtx
2012-08-08 07:28:33,562 INFO Service AVGIDSShimvtx is not installed
2012-08-08 07:28:33,562 DEBUG Service AVGIDSShimvtx RegCleanup
2012-08-08 07:28:33,562 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-08-08 07:28:33,562 INFO Processing service AVGIDSFiltervtx
2012-08-08 07:28:33,578 INFO Service AVGIDSFiltervtx is not installed
2012-08-08 07:28:33,578 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-08-08 07:28:33,578 INFO Processing service AVGIDSDrivervtx
2012-08-08 07:28:33,578 INFO Service AVGIDSDrivervtx is not installed
2012-08-08 07:28:33,578 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-08-08 07:28:33,578 INFO Processing service AVGIDSFiltervta
2012-08-08 07:28:33,578 INFO Service AVGIDSFiltervta is not installed
2012-08-08 07:28:33,578 DEBUG Service AVGIDSFiltervta RegCleanup
2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-08-08 07:28:33,578 INFO Processing service AVGIDSDrivervta
2012-08-08 07:28:33,578 INFO Service AVGIDSDrivervta is not installed
2012-08-08 07:28:33,578 DEBUG Service AVGIDSDrivervta RegCleanup
2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-08-08 07:28:33,578 INFO Processing service AVGIDSShimw7x
2012-08-08 07:28:33,578 INFO Service AVGIDSShimw7x is not installed
2012-08-08 07:28:33,578 DEBUG Service AVGIDSShimw7x RegCleanup
2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-08-08 07:28:33,578 INFO Processing service AVGIDSFilterw7x
2012-08-08 07:28:33,609 INFO Service AVGIDSFilterw7x is not installed
2012-08-08 07:28:33,609 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-08-08 07:28:33,609 INFO Processing service AVGIDSDriverw7x
2012-08-08 07:28:33,609 INFO Service AVGIDSDriverw7x is not installed
2012-08-08 07:28:33,609 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-08-08 07:28:33,609 INFO Processing service AVGIDSFilterw7a
2012-08-08 07:28:33,609 INFO Service AVGIDSFilterw7a is not installed
2012-08-08 07:28:33,609 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-08-08 07:28:33,609 INFO Processing service AVGIDSDriverw7a
2012-08-08 07:28:33,609 INFO Service AVGIDSDriverw7a is not installed
2012-08-08 07:28:33,609 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-08-08 07:28:33,609 INFO Processing service AVGIDSErHrxpx
2012-08-08 07:28:33,625 INFO Service AVGIDSErHrxpx is not installed
2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrvtx
2012-08-08 07:28:33,625 INFO Service AVGIDSErHrvtx is not installed
2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrvta
2012-08-08 07:28:33,625 INFO Service AVGIDSErHrvta is not installed
2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrvta RegCleanup
2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrw7x
2012-08-08 07:28:33,625 INFO Service AVGIDSErHrw7x is not installed
2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrw7a
2012-08-08 07:28:33,656 INFO Service AVGIDSErHrw7a is not installed
2012-08-08 07:28:33,656 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-08-08 07:28:33,656 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-08-08 07:28:33,656 INFO ***** Registry keys and values *****
2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-08-08 07:28:33,656 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-08-08 07:28:33,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-08-08 07:28:33,656 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-08-08 07:28:33,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-08-08 07:28:33,671 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\.avgdi
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\.avgdi not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\Clients
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\Clients not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG8
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG9
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG IDS
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG
2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\AVG:DumpType Remove
2012-08-08 07:28:33,687 INFO Value SOFTWARE\AVG:DumpType is not present
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Remove
2012-08-08 07:28:33,687 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG8
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG9
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Remove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2012-08-08 07:28:33,687 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-08-08 07:28:33,703 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-08-08 07:28:33,703 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:28:33,703 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-08-08 07:28:33,703 INFO Processing registry aAvgAPI.AvgBro
2012-08-08 07:28:33,703 DEBUG Key aAvgAPI.AvgBro ForceRemove
2012-08-08 07:28:33,703 DEBUG Key aAvgAPI.AvgBro not found
2012-08-08 07:28:33,703 INFO Processing registry AVG.Office
2012-08-08 07:28:33,703 DEBUG Key AVG.Office ForceRemove
2012-08-08 07:28:33,703 DEBUG Key AVG.Office not found
2012-08-08 07:28:33,703 INFO Processing registry AVG.Office.8
2012-08-08 07:28:33,703 DEBUG Key AVG.Office.8 ForceRemove
2012-08-08 07:28:33,703 DEBUG Key AVG.Office.8 not found
2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBAR
2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2012-08-08 07:28:33,703 INFO Processing registry LinkScannerIE.NavFilter
2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter not found
2012-08-08 07:28:33,703 INFO Processing registry LinkScannerIE.NavFilter.1
2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter.1 not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-08-08 07:28:33,703 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:28:33,703 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:28:33,703 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2012-08-08 07:28:33,703 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2012-08-08 07:28:33,703 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2012-08-08 07:28:33,703 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2012-08-08 07:28:33,703 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2012-08-08 07:28:33,703 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2012-08-08 07:28:33,718 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2012-08-08 07:28:33,718 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:28:33,718 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:28:33,718 INFO ***** Files and folders *****
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 0
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 1
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 2
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 3
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 4
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 5
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 6
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 7
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 8
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 9
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 10
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 11
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 12
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 13
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 14
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 15
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 16
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk
2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk
2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk
2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk
2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk not found
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 27
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 28
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 29
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 30
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 31
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 32
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 33
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 34
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 35
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 36
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 37
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 38
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 39
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 40
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 41
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 42
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 43
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 44
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 45
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 46
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 47
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 48
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 49
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 50
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 51
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 52
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 53
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 54
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 55
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 56
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 57
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 58
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 59
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 60
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 61
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 62
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 63
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 64
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 65
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 66
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 67
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 68
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 69
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 70
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk
2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk not found
2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk
2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk not found
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 76
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 77
2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 78
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 79
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 80
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 81
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 82
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 83
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 84
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 85
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 86
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 87
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 88
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 89
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 90
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 91
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 92
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 93
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 94
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 95
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 96
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 97
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 98
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 99
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 100
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 101
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 102
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 103
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 104
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 105
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 106
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 107
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 108
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 109
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 110
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 111
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 112
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 113
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 114
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 115
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 116
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 117
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 118
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 119
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 120
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 121
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 122
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 123
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 124
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 125
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 126
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 127
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 128
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 129
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 130
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 131
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 132
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 133
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 134
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 135
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 136
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 137
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 138
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 139
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 140
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 141
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 142
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 143
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 144
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 145
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 146
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 147
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 148
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 149
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 150
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 151
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 152
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 153
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 154
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 155
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 156
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 157
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 158
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 159
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 160
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 161
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 162
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 163
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 164
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 165
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 166
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 167
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 168
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 169
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 170
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 171
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 172
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 173
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 174
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 175
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 176
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 177
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 178
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 179
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 180
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 181
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 182
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 183
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 184
2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 185
2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2012-08-08 07:28:33,750 INFO File C:\WINDOWS\System32\Drivers\avg\compat12.txt deleted
2012-08-08 07:28:33,765 INFO Directory C:\WINDOWS\System32\Drivers\avg deleted
2012-08-08 07:28:33,765 DEBUG Processing item C:\WINDOWS\System32
2012-08-08 07:28:33,765 DEBUG Processing item C:\Program Files\AVG
2012-08-08 07:28:33,765 INFO Directory C:\Program Files\AVG not found
2012-08-08 07:28:33,765 DEBUG Missing ParentDir path for fileItem number 194
2012-08-08 07:28:33,765 INFO ***** Avg Fw NDIS driver *****
2012-08-08 07:28:36,656 INFO FW NDIS driver not present
2012-08-08 07:30:38,437 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)
2012-08-08 07:30:38,437 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)
2012-08-08 07:30:38,437 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)
2012-08-08 07:30:38,437 WARN AvgDir param empty.
2012-08-08 07:30:38,437 WARN AvgDataDir param empty.
2012-08-08 07:30:41,484 INFO AvgRemover runs in attempt number 1
2012-08-08 07:30:41,484 INFO ***** Services *****
2012-08-08 07:30:41,484 INFO Processing service avg8emc
2012-08-08 07:30:41,484 INFO Service avg8emc is not installed
2012-08-08 07:30:41,484 DEBUG Service avg8emc RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service avg8emc are not present
2012-08-08 07:30:41,484 INFO Processing service avgfws8
2012-08-08 07:30:41,484 INFO Service avgfws8 is not installed
2012-08-08 07:30:41,484 DEBUG Service avgfws8 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service avgfws8 are not present
2012-08-08 07:30:41,484 INFO Processing service avg8wd
2012-08-08 07:30:41,484 INFO Service avg8wd is not installed
2012-08-08 07:30:41,484 DEBUG Service avg8wd RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service avg8wd are not present
2012-08-08 07:30:41,484 INFO Processing service AvgWFPx
2012-08-08 07:30:41,484 INFO Service AvgWFPx is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgWFPx RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgWFPx are not present
2012-08-08 07:30:41,484 INFO Processing service AvgWFPa
2012-08-08 07:30:41,484 INFO Service AvgWFPa is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgWFPa RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgWFPa are not present
2012-08-08 07:30:41,484 INFO Processing service AvgMfx86
2012-08-08 07:30:41,484 INFO Service AvgMfx86 is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgMfx86 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgMfx86 are not present
2012-08-08 07:30:41,484 INFO Processing service AvgMfx64
2012-08-08 07:30:41,484 INFO Service AvgMfx64 is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgMfx64 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgMfx64 are not present
2012-08-08 07:30:41,484 INFO Processing service AvgLdx86
2012-08-08 07:30:41,484 INFO Service AvgLdx86 is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgLdx86 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgLdx86 are not present
2012-08-08 07:30:41,484 INFO Processing service AvgLdx64
2012-08-08 07:30:41,484 INFO Service AvgLdx64 is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgLdx64 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgLdx64 are not present
2012-08-08 07:30:41,484 INFO Processing service AvgTdiX
2012-08-08 07:30:41,484 INFO Service AvgTdiX is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgTdiX RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgTdiX are not present
2012-08-08 07:30:41,484 INFO Processing service AvgTdiA
2012-08-08 07:30:41,484 INFO Service AvgTdiA is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgTdiA RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgTdiA are not present
2012-08-08 07:30:41,484 INFO Processing service AvgRkx86
2012-08-08 07:30:41,484 INFO Service AvgRkx86 is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgRkx86 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgRkx86 are not present
2012-08-08 07:30:41,484 INFO Processing service AvgRkx64
2012-08-08 07:30:41,484 INFO Service AvgRkx64 is not installed
2012-08-08 07:30:41,484 DEBUG Service AvgRkx64 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgRkx64 are not present
2012-08-08 07:30:41,484 INFO Processing service avg9emc
2012-08-08 07:30:41,484 INFO Service avg9emc is not installed
2012-08-08 07:30:41,484 DEBUG Service avg9emc RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service avg9emc are not present
2012-08-08 07:30:41,484 INFO Processing service avgfws9
2012-08-08 07:30:41,484 INFO Service avgfws9 is not installed
2012-08-08 07:30:41,484 DEBUG Service avgfws9 RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service avgfws9 are not present
2012-08-08 07:30:41,484 INFO Processing service avg9wd
2012-08-08 07:30:41,484 INFO Service avg9wd is not installed
2012-08-08 07:30:41,484 DEBUG Service avg9wd RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service avg9wd are not present
2012-08-08 07:30:41,484 INFO Processing service AVGIDSAgent
2012-08-08 07:30:41,484 INFO Service AVGIDSAgent is not installed
2012-08-08 07:30:41,484 DEBUG Service AVGIDSAgent RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSAgent are not present
2012-08-08 07:30:41,484 INFO Processing service AVGIDSShimxpx
2012-08-08 07:30:41,484 INFO Service AVGIDSShimxpx is not installed
2012-08-08 07:30:41,484 DEBUG Service AVGIDSShimxpx RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSShimxpx are not present
2012-08-08 07:30:41,484 INFO Processing service AVGIDSFilterxpx
2012-08-08 07:30:41,484 INFO Service AVGIDSFilterxpx is not installed
2012-08-08 07:30:41,484 DEBUG Service AVGIDSFilterxpx RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSFilterxpx are not present
2012-08-08 07:30:41,484 INFO Processing service AVGIDSDriverxpx
2012-08-08 07:30:41,484 INFO Service AVGIDSDriverxpx is not installed
2012-08-08 07:30:41,484 DEBUG Service AVGIDSDriverxpx RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSDriverxpx are not present
2012-08-08 07:30:41,484 INFO Processing service AVGIDSShimvtx
2012-08-08 07:30:41,484 INFO Service AVGIDSShimvtx is not installed
2012-08-08 07:30:41,484 DEBUG Service AVGIDSShimvtx RegCleanup
2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSShimvtx are not present
2012-08-08 07:30:41,484 INFO Processing service AVGIDSFiltervtx
2012-08-08 07:30:41,484 INFO Service AVGIDSFiltervtx is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSFiltervtx RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFiltervtx are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSDrivervtx
2012-08-08 07:30:41,500 INFO Service AVGIDSDrivervtx is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSDrivervtx RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDrivervtx are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSFiltervta
2012-08-08 07:30:41,500 INFO Service AVGIDSFiltervta is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSFiltervta RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFiltervta are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSDrivervta
2012-08-08 07:30:41,500 INFO Service AVGIDSDrivervta is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSDrivervta RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDrivervta are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSShimw7x
2012-08-08 07:30:41,500 INFO Service AVGIDSShimw7x is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSShimw7x RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSShimw7x are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSFilterw7x
2012-08-08 07:30:41,500 INFO Service AVGIDSFilterw7x is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSFilterw7x RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFilterw7x are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSDriverw7x
2012-08-08 07:30:41,500 INFO Service AVGIDSDriverw7x is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSDriverw7x RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDriverw7x are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSFilterw7a
2012-08-08 07:30:41,500 INFO Service AVGIDSFilterw7a is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSFilterw7a RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFilterw7a are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSDriverw7a
2012-08-08 07:30:41,500 INFO Service AVGIDSDriverw7a is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSDriverw7a RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDriverw7a are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrxpx
2012-08-08 07:30:41,500 INFO Service AVGIDSErHrxpx is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrxpx RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrxpx are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrvtx
2012-08-08 07:30:41,500 INFO Service AVGIDSErHrvtx is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrvtx RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrvtx are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrvta
2012-08-08 07:30:41,500 INFO Service AVGIDSErHrvta is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrvta RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrvta are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrw7x
2012-08-08 07:30:41,500 INFO Service AVGIDSErHrw7x is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrw7x RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrw7x are not present
2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrw7a
2012-08-08 07:30:41,500 INFO Service AVGIDSErHrw7a is not installed
2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrw7a RegCleanup
2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrw7a are not present
2012-08-08 07:30:41,500 INFO ***** Registry keys and values *****
2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove
2012-08-08 07:30:41,500 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present
2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions
2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove
2012-08-08 07:30:41,500 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present
2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found
2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found
2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found
2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found
2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}
2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found
2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar
2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-08-08 07:30:41,500 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:30:41,515 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:30:41,515 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify
2012-08-08 07:30:41,515 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present
2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove
2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\AvgDiagFile
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\.avgdi
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\.avgdi not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\Clients
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\Clients ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\Clients not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG8
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG9
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG IDS
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG IDS not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG
2012-08-08 07:30:41,531 DEBUG Value SOFTWARE\AVG:DumpType Remove
2012-08-08 07:30:41,531 INFO Value SOFTWARE\AVG:DumpType is not present
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Remove
2012-08-08 07:30:41,531 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG8
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG9
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Remove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG Security Toolbar
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove
2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar not found
2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks
2012-08-08 07:30:41,546 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove
2012-08-08 07:30:41,546 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present
2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser
2012-08-08 07:30:41,546 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove
2012-08-08 07:30:41,546 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present
2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-08-08 07:30:41,546 INFO Processing registry aAvgAPI.AvgBro
2012-08-08 07:30:41,546 DEBUG Key aAvgAPI.AvgBro ForceRemove
2012-08-08 07:30:41,546 DEBUG Key aAvgAPI.AvgBro not found
2012-08-08 07:30:41,546 INFO Processing registry AVG.Office
2012-08-08 07:30:41,546 DEBUG Key AVG.Office ForceRemove
2012-08-08 07:30:41,546 DEBUG Key AVG.Office not found
2012-08-08 07:30:41,546 INFO Processing registry AVG.Office.8
2012-08-08 07:30:41,546 DEBUG Key AVG.Office.8 ForceRemove
2012-08-08 07:30:41,546 DEBUG Key AVG.Office.8 not found
2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBAR
2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove
2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBAR not found
2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button
2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove
2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found
2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button
2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove
2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found
2012-08-08 07:30:41,546 INFO Processing registry LinkScannerIE.NavFilter
2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter ForceRemove
2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter not found
2012-08-08 07:30:41,546 INFO Processing registry LinkScannerIE.NavFilter.1
2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove
2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter.1 not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}
2012-08-08 07:30:41,546 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove
2012-08-08 07:30:41,546 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found
2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}
2012-08-08 07:30:41,562 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found
2012-08-08 07:30:41,562 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:30:41,562 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:30:41,562 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}
2012-08-08 07:30:41,562 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found
2012-08-08 07:30:41,562 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}
2012-08-08 07:30:41,562 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found
2012-08-08 07:30:41,562 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}
2012-08-08 07:30:41,562 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found
2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found
2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found
2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found
2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove
2012-08-08 07:30:41,562 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found
2012-08-08 07:30:41,562 INFO ***** Files and folders *****
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 0
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 1
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 2
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 3
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 4
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 5
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 6
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 7
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 8
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 9
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 10
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 11
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 12
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 13
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 14
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 15
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 16
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR
2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0
2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0
2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5
2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5
2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk
2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk
2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk
2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk not found
2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk
2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk not found
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 27
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 28
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 29
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 30
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 31
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 32
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 33
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 34
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 35
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 36
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 37
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 38
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 39
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 40
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 41
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 42
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 43
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 44
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 45
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 46
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 47
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 48
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 49
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 50
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 51
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 52
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 53
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 54
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 55
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 56
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 57
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 58
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 59
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 60
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 61
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 62
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 63
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 64
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 65
2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 66
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 67
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 68
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 69
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 70
2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages
2012-08-08 07:30:41,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found
2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
2012-08-08 07:30:41,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk
2012-08-08 07:30:41,578 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk not found
2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk
2012-08-08 07:30:41,578 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk not found
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 76
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 77
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 78
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 79
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 80
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 81
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 82
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 83
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 84
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 85
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 86
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 87
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 88
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 89
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 90
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 91
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 92
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 93
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 94
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 95
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 96
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 97
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 98
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 99
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 100
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 101
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 102
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 103
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 104
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 105
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 106
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 107
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 108
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 109
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 110
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 111
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 112
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 113
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 114
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 115
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 116
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 117
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 118
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 119
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 120
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 121
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 122
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 123
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 124
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 125
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 126
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 127
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 128
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 129
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 130
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 131
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 132
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 133
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 134
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 135
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 136
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 137
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 138
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 139
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 140
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 141
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 142
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 143
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 144
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 145
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 146
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 147
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 148
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 149
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 150
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 151
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 152
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 153
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 154
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 155
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 156
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 157
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 158
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 159
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 160
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 161
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 162
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 163
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 164
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 165
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 166
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 167
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 168
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 169
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 170
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 171
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 172
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 173
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 174
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 175
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 176
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 177
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 178
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 179
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 180
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 181
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 182
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 183
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 184
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 185
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg
2012-08-08 07:30:41,578 INFO Directory C:\WINDOWS\System32\Drivers\avg not found
2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32
2012-08-08 07:30:41,578 DEBUG Processing item C:\Program Files\AVG
2012-08-08 07:30:41,578 INFO Directory C:\Program Files\AVG not found
2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 194
2012-08-08 07:30:41,578 INFO ***** Avg Fw NDIS driver *****
2012-08-08 07:30:42,187 INFO FW NDIS driver not present
-
In bijlage Combo Fix log
ComboFix 12-08-07.03 - NAAM 08/08/2012 1:02.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1140 [GMT 2:00]
Gestart vanuit: c:\documents and settings\xx\Bureaublad\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\ptkfbdfszixqnku
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\X\Application Data\44733bf8
c:\documents and settings\X\Application Data\496274bd
c:\documents and settings\X\Application Data\888ae64a
c:\documents and settings\X\Application Data\88ff63b6
c:\documents and settings\X\Application Data\b6ab15ef
c:\documents and settings\X\Application Data\b7203e9c
c:\documents and settings\X\Application Data\b7ce93a1
c:\documents and settings\X\Application Data\ba3a5326
c:\documents and settings\X\Application Data\bab750a4
c:\documents and settings\X\Application Data\bb24c653
c:\documents and settings\X\Application Data\cd44b85c
c:\documents and settings\X\Application Data\cdbbebd2
c:\documents and settings\X\Application Data\cea5262f
c:\documents and settings\X\Application Data\cf180e97
c:\documents and settings\X\Application Data\d03560e9
c:\documents and settings\X\Application Data\d0ae8a7c
c:\documents and settings\X\Application Data\d11d30c7
c:\documents and settings\X\Application Data\d1da8cae
c:\documents and settings\X\Application Data\d254d56b
c:\documents and settings\X\Application Data\dbb288be
c:\documents and settings\X\Application Data\deda14f9
c:\documents and settings\X\Application Data\inst.exe
C:\Thumbs.db
c:\windows\SET435.tmp
c:\windows\system32\_004655_.tmp.dll
c:\windows\system32\_004656_.tmp.dll
c:\windows\system32\_004657_.tmp.dll
c:\windows\system32\_004658_.tmp.dll
c:\windows\system32\_004665_.tmp.dll
c:\windows\system32\_004666_.tmp.dll
c:\windows\system32\_004667_.tmp.dll
c:\windows\system32\_004668_.tmp.dll
c:\windows\system32\_004670_.tmp.dll
c:\windows\system32\_004671_.tmp.dll
c:\windows\system32\_004674_.tmp.dll
c:\windows\system32\_004675_.tmp.dll
c:\windows\system32\_004677_.tmp.dll
c:\windows\system32\_004678_.tmp.dll
c:\windows\system32\_004679_.tmp.dll
c:\windows\system32\_004681_.tmp.dll
c:\windows\system32\_004684_.tmp.dll
c:\windows\system32\_004685_.tmp.dll
c:\windows\system32\_004689_.tmp.dll
c:\windows\system32\_004690_.tmp.dll
c:\windows\system32\_004692_.tmp.dll
c:\windows\system32\_004695_.tmp.dll
c:\windows\system32\_004697_.tmp.dll
c:\windows\system32\_004698_.tmp.dll
c:\windows\system32\_004699_.tmp.dll
c:\windows\system32\_004700_.tmp.dll
c:\windows\system32\_004701_.tmp.dll
c:\windows\system32\_004704_.tmp.dll
c:\windows\system32\_004705_.tmp.dll
c:\windows\system32\_004706_.tmp.dll
c:\windows\system32\_004707_.tmp.dll
c:\windows\system32\_004708_.tmp.dll
c:\windows\system32\_004713_.tmp.dll
c:\windows\system32\_004715_.tmp.dll
c:\windows\system32\Cache
c:\windows\system32\Cache\047144a9b878a36f.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\4a32862b38fd9697.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\5b598853c0105ef0.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\64fcb896798bf27f.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\9ba482de413eb658.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\e0de16f883bea794.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\SET110D.tmp
c:\windows\system32\SET1110.tmp
c:\windows\system32\SET1113.tmp
c:\windows\system32\SET1118.tmp
c:\windows\system32\SET1125.tmp
c:\windows\system32\SET1126.tmp
c:\windows\system32\SET1130.tmp
c:\windows\system32\SET114C.tmp
c:\windows\system32\SET139.tmp
c:\windows\system32\SET13A.tmp
c:\windows\system32\SET13B.tmp
c:\windows\system32\SET13C.tmp
c:\windows\system32\SET13D.tmp
c:\windows\system32\SET13E.tmp
c:\windows\system32\SET140.tmp
c:\windows\system32\SET147.tmp
c:\windows\system32\SET148.tmp
c:\windows\system32\SET14B.tmp
c:\windows\system32\SET14C.tmp
c:\windows\system32\SET14D.tmp
c:\windows\system32\SET14F.tmp
c:\windows\system32\SET154.tmp
c:\windows\system32\SET155.tmp
c:\windows\system32\SET156.tmp
c:\windows\system32\SET158.tmp
c:\windows\system32\SET159.tmp
c:\windows\system32\SET15A.tmp
c:\windows\system32\SET15B.tmp
c:\windows\system32\SET15C.tmp
c:\windows\system32\SET15E.tmp
c:\windows\system32\SET15F.tmp
c:\windows\system32\SET160.tmp
c:\windows\system32\SET16A.tmp
c:\windows\system32\SET16B.tmp
c:\windows\system32\SET16E.tmp
c:\windows\system32\SET170.tmp
c:\windows\system32\SET171.tmp
c:\windows\system32\SET175.tmp
c:\windows\system32\SET176.tmp
c:\windows\system32\SET178.tmp
c:\windows\system32\SET17A.tmp
c:\windows\system32\SET17B.tmp
c:\windows\system32\SET17C.tmp
c:\windows\system32\SET17E.tmp
c:\windows\system32\SET183.tmp
c:\windows\system32\SET184.tmp
c:\windows\system32\SET185.tmp
c:\windows\system32\SET186.tmp
c:\windows\system32\SET187.tmp
c:\windows\system32\SET18A.tmp
c:\windows\system32\SET18D.tmp
c:\windows\system32\SET192.tmp
c:\windows\system32\SET193.tmp
c:\windows\system32\SET194.tmp
c:\windows\system32\SET196.tmp
c:\windows\system32\SET199.tmp
c:\windows\system32\SET19A.tmp
c:\windows\system32\SET19B.tmp
c:\windows\system32\SET1A1.tmp
c:\windows\system32\SET1A2.tmp
c:\windows\system32\SET1A4.tmp
c:\windows\system32\SET1A8.tmp
c:\windows\system32\SET1B1.tmp
c:\windows\system32\SET1B2.tmp
c:\windows\system32\SET1B5.tmp
c:\windows\system32\SET1B7.tmp
c:\windows\system32\SET1B8.tmp
c:\windows\system32\SET1B9.tmp
c:\windows\system32\SET1BA.tmp
c:\windows\system32\SET1BB.tmp
c:\windows\system32\SET1CB.tmp
c:\windows\system32\SET1D0.tmp
c:\windows\system32\SET1D2.tmp
c:\windows\system32\SET1D4.tmp
c:\windows\system32\SET1D5.tmp
c:\windows\system32\SET1D6.tmp
c:\windows\system32\SET1D7.tmp
c:\windows\system32\SET1D9.tmp
c:\windows\system32\SET1DA.tmp
c:\windows\system32\SET1DE.tmp
c:\windows\system32\SET1DF.tmp
c:\windows\system32\SET1E2.tmp
c:\windows\system32\SET1E3.tmp
c:\windows\system32\SET1E4.tmp
c:\windows\system32\SET1EA.tmp
c:\windows\system32\SET1EB.tmp
c:\windows\system32\SET1EC.tmp
c:\windows\system32\SET1F4.tmp
c:\windows\system32\SET1FA.tmp
c:\windows\system32\SET1FB.tmp
c:\windows\system32\SET1FC.tmp
c:\windows\system32\SET1FD.tmp
c:\windows\system32\SET1FF.tmp
c:\windows\system32\SET204.tmp
c:\windows\system32\SET205.tmp
c:\windows\system32\SET211.tmp
c:\windows\system32\SET213.tmp
c:\windows\system32\SET215.tmp
c:\windows\system32\SET216.tmp
c:\windows\system32\SET217.tmp
c:\windows\system32\SET21A.tmp
c:\windows\system32\SET21F.tmp
c:\windows\system32\SET220.tmp
c:\windows\system32\SET222.tmp
c:\windows\system32\SET224.tmp
c:\windows\system32\SET225.tmp
c:\windows\system32\SET228.tmp
c:\windows\system32\SET22A.tmp
c:\windows\system32\SET22D.tmp
c:\windows\system32\SET23C.tmp
c:\windows\system32\SET23E.tmp
c:\windows\system32\SET23F.tmp
c:\windows\system32\SET240.tmp
c:\windows\system32\SET247.tmp
c:\windows\system32\SET248.tmp
c:\windows\system32\SET24B.tmp
c:\windows\system32\SET24C.tmp
c:\windows\system32\SET24D.tmp
c:\windows\system32\SET24E.tmp
c:\windows\system32\SET24F.tmp
c:\windows\system32\SET251.tmp
c:\windows\system32\SET252.tmp
c:\windows\system32\SET253.tmp
c:\windows\system32\SET255.tmp
c:\windows\system32\SET256.tmp
c:\windows\system32\SET257.tmp
c:\windows\system32\SET259.tmp
c:\windows\system32\SET25C.tmp
c:\windows\system32\SET261.tmp
c:\windows\system32\SET262.tmp
c:\windows\system32\SET263.tmp
c:\windows\system32\SET268.tmp
c:\windows\system32\SET269.tmp
c:\windows\system32\SET26A.tmp
c:\windows\system32\SET26C.tmp
c:\windows\system32\SET26F.tmp
c:\windows\system32\SET271.tmp
c:\windows\system32\SET272.tmp
c:\windows\system32\SET275.tmp
c:\windows\system32\SET276.tmp
c:\windows\system32\SET279.tmp
c:\windows\system32\SET27C.tmp
c:\windows\system32\SET27D.tmp
c:\windows\system32\SET27F.tmp
c:\windows\system32\SET284.tmp
c:\windows\system32\SET289.tmp
c:\windows\system32\SET28D.tmp
c:\windows\system32\SET28F.tmp
c:\windows\system32\SET290.tmp
c:\windows\system32\SET294.tmp
c:\windows\system32\SET299.tmp
c:\windows\system32\SET29E.tmp
c:\windows\system32\SET2A0.tmp
c:\windows\system32\SET2A2.tmp
c:\windows\system32\SET2A3.tmp
c:\windows\system32\SET2AE.tmp
c:\windows\system32\SET2AF.tmp
c:\windows\system32\SET2B0.tmp
c:\windows\system32\SET2B1.tmp
c:\windows\system32\SET2B2.tmp
c:\windows\system32\SET2B3.tmp
c:\windows\system32\SET2B5.tmp
c:\windows\system32\SET2B7.tmp
c:\windows\system32\SET2B9.tmp
c:\windows\system32\SET2C3.tmp
c:\windows\system32\SET2C5.tmp
c:\windows\system32\SET2C7.tmp
c:\windows\system32\SET2C8.tmp
c:\windows\system32\SET2C9.tmp
c:\windows\system32\SET2CB.tmp
c:\windows\system32\SET2CD.tmp
c:\windows\system32\SET2D1.tmp
c:\windows\system32\SET2D2.tmp
c:\windows\system32\SET2D4.tmp
c:\windows\system32\SET2D5.tmp
c:\windows\system32\SET2D7.tmp
c:\windows\system32\SET2D8.tmp
c:\windows\system32\SET2DB.tmp
c:\windows\system32\SET2E6.tmp
c:\windows\system32\SET2EA.tmp
c:\windows\system32\SET2EB.tmp
c:\windows\system32\SET2EC.tmp
c:\windows\system32\SET2EF.tmp
c:\windows\system32\SET2F7.tmp
c:\windows\system32\SET2FE.tmp
c:\windows\system32\SET300.tmp
c:\windows\system32\SET302.tmp
c:\windows\system32\SET304.tmp
c:\windows\system32\SET306.tmp
c:\windows\system32\SET309.tmp
c:\windows\system32\SET318.tmp
c:\windows\system32\SET31C.tmp
c:\windows\system32\SET31E.tmp
c:\windows\system32\SET320.tmp
c:\windows\system32\SET326.tmp
c:\windows\system32\SET32A.tmp
c:\windows\system32\SET338.tmp
c:\windows\system32\SET33E.tmp
c:\windows\system32\SET340.tmp
c:\windows\system32\SET341.tmp
c:\windows\system32\SET342.tmp
c:\windows\system32\SET344.tmp
c:\windows\system32\SET347.tmp
c:\windows\system32\SET348.tmp
c:\windows\system32\SET34C.tmp
c:\windows\system32\SET356.tmp
c:\windows\system32\SET357.tmp
c:\windows\system32\SET35A.tmp
c:\windows\system32\SET35C.tmp
c:\windows\system32\SET35D.tmp
c:\windows\system32\SET35E.tmp
c:\windows\system32\SET360.tmp
c:\windows\system32\SET366.tmp
c:\windows\system32\SET367.tmp
c:\windows\system32\SET36A.tmp
c:\windows\system32\SET36F.tmp
c:\windows\system32\SET375.tmp
c:\windows\system32\SET385.tmp
c:\windows\system32\SET386.tmp
c:\windows\system32\SET38B.tmp
c:\windows\system32\SET395.tmp
c:\windows\system32\SET3A5.tmp
c:\windows\system32\SET3A8.tmp
c:\windows\system32\SET3AB.tmp
c:\windows\system32\SET3B0.tmp
c:\windows\system32\SET3B2.tmp
c:\windows\system32\SET3B6.tmp
c:\windows\system32\SET3BA.tmp
c:\windows\system32\SET3BB.tmp
c:\windows\system32\SET3BD.tmp
c:\windows\system32\SET3BE.tmp
c:\windows\system32\SET3BF.tmp
c:\windows\system32\SET3C2.tmp
c:\windows\system32\SET3C4.tmp
c:\windows\system32\SET3C5.tmp
c:\windows\system32\SET3C7.tmp
c:\windows\system32\SET3C8.tmp
c:\windows\system32\SET3CA.tmp
c:\windows\system32\SET3CC.tmp
c:\windows\system32\SET3D1.tmp
c:\windows\system32\SET3D2.tmp
c:\windows\system32\SET3DA.tmp
c:\windows\system32\SET3E0.tmp
c:\windows\system32\SET3E5.tmp
c:\windows\system32\SET3E8.tmp
c:\windows\system32\SET3EB.tmp
c:\windows\system32\SET3ED.tmp
c:\windows\system32\SET3F1.tmp
c:\windows\system32\SET3F3.tmp
c:\windows\system32\SET3F4.tmp
c:\windows\system32\SET3F5.tmp
c:\windows\system32\SET3F8.tmp
c:\windows\system32\SET3F9.tmp
c:\windows\system32\SET3FD.tmp
c:\windows\system32\SET3FE.tmp
c:\windows\system32\SET403.tmp
c:\windows\system32\SET408.tmp
c:\windows\system32\SET40B.tmp
c:\windows\system32\SET40F.tmp
c:\windows\system32\SET411.tmp
c:\windows\system32\SET413.tmp
c:\windows\system32\SET591.tmp
c:\windows\system32\SET597.tmp
c:\windows\system32\SET9D.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-07-07 to 2012-08-07 ))))))))))))))))))))))))))))))
.
.
2012-08-07 22:43 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F505EF5-C8D4-4F9C-AD70-2B174E684C98}\mpengine.dll
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\X\Application Data\Malwarebytes
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-07 10:28 . 2012-08-07 10:28 -------- d-----w- c:\program files\Enigma Software Group
2012-08-07 10:27 . 2012-08-07 11:25 -------- d-----w- c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP
2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2012-08-07 10:11 . 2012-08-07 22:33 -------- d--h--r- c:\documents and settings\X\Onlangs geopend
2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-02 07:40 . 2012-08-02 07:40 -------- d-----w- c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm
2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP
2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax
2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax
2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax
2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll
2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll
2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll
2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll
2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll
2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll
2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll
2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll
2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll
2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll
2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax
2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll
2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll
2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll
2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll
2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll
2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll
2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll
2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll
2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple
2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update
2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent
2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe
2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe
2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll
2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax
2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll
2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm
2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll
2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax
2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax
2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll
2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll
2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec
2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]
"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]
"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
c:\documents and settings\X\Menu Start\Programma's\Opstarten\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^X^Menu Start^Programma's^Opstarten^ctfmon.lnk]
path=c:\documents and settings\X\Menu Start\Programma's\Opstarten\ctfmon.lnk
backup=c:\windows\pss\ctfmon.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^X^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]
path=c:\documents and settings\X\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk
backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 15:20 57344 ----a-w- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn]
2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"LightScribeService"=2 (0x2)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120]
R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360]
R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704]
R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]
S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]
S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18/10/2011 20:06 15232]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120]
S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\X\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\X\Bureaublad\WinStress Pro\uxddrv.sys [?]
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - MPKSLC68DD99E
*Deregistered* - MpKslc68dd99e
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
Inhoud van de 'Gedeelde Taken' map
.
2012-07-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-18 13:43]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job
- c:\documents and settings\XX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]
.
2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job
- c:\documents and settings\XX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]
.
2012-08-07 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-08-07 c:\windows\Tasks\MpIdleTask.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]
.
2012-08-07 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
2012-08-07 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.google.be/
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = socks=127.0.0.1:38771
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.130.131.133 195.130.130.5
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab
FF - ProfilePath - c:\documents and settings\XX\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q=
FF - prefs.js: network.proxy.type - 4
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
MSConfigStartUp-noygahzfhwzqhnr - c:\documents and settings\All Users\Application Data\noygahzf.exe
AddRemove-OVT Scanner - c:\windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-08-08 01:08
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(520)
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
.
Voltooingstijd: 2012-08-08 01:11:13
ComboFix-quarantined-files.txt 2012-08-07 23:11
.
Pre-Run: 37.145.907.200 bytes beschikbaar
Post-Run: 37.449.629.696 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
[spybotsd]
timeout.old=30
.
- - End Of File - - 7EE1CAA94FA44EE9EFB068EE50104D48
MO : gaf melding van actieve AVG, niettegenstaande deze gewist werd, MSE is nu de scanner?? Waar dient deze nog verwijderd te worden?
Kan ik op MSE vertrouwen? En dient Malware Anit Malware opnieuw verwijderd te worden?
Alvast bedankt voor de hulp
-
Microsoft security essentials gaf melding van Trojanen, WIn32/ Sirefef met verscheidene extenties.
ook Conedex.a en Weelsof.c werden vermeld. Deze konden niet verwijderd worden door MSE, wel in quarantaine gezet, maar deze werden telkens opnieuw actief.
Heb er nadien Malware Bytes overgegooid, deze haalde zaken weg, maar ik weet niet of alles weg is.
Pas nadien gezien dat de problemen hier iets deftiger aangepakt worden.
Hieronder een Hijackthis log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:09, on 7/08/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\naam\Mijn documenten\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:38771
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab
O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162213379953
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162215196484
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1455/defaults/activex/ips/IPSUploader4.cab
O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://service.crelan.be/dwa7W.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 10758 bytes
Graag nazicht en verdere instructie om dit deftig op te lossen.
ucash virus WINDOWS XP
in Archief Bestrijding malware & virussen
Geplaatst:
dank voor de snelle respons