trojaan sirefef

[guyzzmo]

Microsoft security essentials gaf melding van Trojanen, WIn32/ Sirefef met verscheidene extenties.

ook Conedex.a en Weelsof.c werden vermeld. Deze konden niet verwijderd worden door MSE, wel in quarantaine gezet, maar deze werden telkens opnieuw actief.

Heb er nadien Malware Bytes overgegooid, deze haalde zaken weg, maar ik weet niet of alles weg is.

Pas nadien gezien dat de problemen hier iets deftiger aangepakt worden.

Hieronder een Hijackthis log

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:10:09, on 7/08/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Documents and Settings\naam\Mijn documenten\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=127.0.0.1:38771

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com/

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} (JordanUploader Class) - http://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab

O16 - DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} (Uploader Control) - http://ua.foto.com/ImageUploader6.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1162213379953

O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1162215196484

O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - https://asp.photoprintit.de/microsite/1455/defaults/activex/ips/IPSUploader4.cab

O16 - DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} (Domino Web Access 7 Control) - https://service.crelan.be/dwa7W.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--

End of file - 10758 bytes

Graag nazicht en verdere instructie om dit deftig op te lossen.

[kape]

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

Download ComboFix van één van deze locaties:

Link 1

Link 2

* BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:

Klik hier

Als het je niet lukt om ze uit te schakelen, ga dan gewoon door naar de volgende stap.

2. Dubbelklik op ComboFix.exe en volg de meldingen op het scherm.

3. ComboFix zal controleren of dat de Microsoft Windows Recovery Console reeds is geïnstalleerd.

**Let op: Als de Microsoft Windows Recovery Console al is geïnstalleerd, dan krijg je de volgende schermen niet te zien en zal ComboFix automatisch verder gaan met het scannen naar malware.

4. Volg de meldingen op het scherm om ComboFix de Microsoft Windows Recovery Console te laten downloaden en installeren.

Je krijgt de volgende melding te zien wanneer ComboFix de Microsoft Windows Recovery Console succesvol heeft geïnstalleerd:

Klik op Ja om verder te gaan met het scannen naar malware.

5. Wanneer ComboFix klaar is, zal het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.

[guyzzmo]

In bijlage Combo Fix log

ComboFix 12-08-07.03 - NAAM 08/08/2012 1:02.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1140 [GMT 2:00]

Gestart vanuit: c:\documents and settings\xx\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\ptkfbdfszixqnku

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\X\Application Data\44733bf8

c:\documents and settings\X\Application Data\496274bd

c:\documents and settings\X\Application Data\888ae64a

c:\documents and settings\X\Application Data\88ff63b6

c:\documents and settings\X\Application Data\b6ab15ef

c:\documents and settings\X\Application Data\b7203e9c

c:\documents and settings\X\Application Data\b7ce93a1

c:\documents and settings\X\Application Data\ba3a5326

c:\documents and settings\X\Application Data\bab750a4

c:\documents and settings\X\Application Data\bb24c653

c:\documents and settings\X\Application Data\cd44b85c

c:\documents and settings\X\Application Data\cdbbebd2

c:\documents and settings\X\Application Data\cea5262f

c:\documents and settings\X\Application Data\cf180e97

c:\documents and settings\X\Application Data\d03560e9

c:\documents and settings\X\Application Data\d0ae8a7c

c:\documents and settings\X\Application Data\d11d30c7

c:\documents and settings\X\Application Data\d1da8cae

c:\documents and settings\X\Application Data\d254d56b

c:\documents and settings\X\Application Data\dbb288be

c:\documents and settings\X\Application Data\deda14f9

c:\documents and settings\X\Application Data\inst.exe

C:\Thumbs.db

c:\windows\SET435.tmp

c:\windows\system32\_004655_.tmp.dll

c:\windows\system32\_004656_.tmp.dll

c:\windows\system32\_004657_.tmp.dll

c:\windows\system32\_004658_.tmp.dll

c:\windows\system32\_004665_.tmp.dll

c:\windows\system32\_004666_.tmp.dll

c:\windows\system32\_004667_.tmp.dll

c:\windows\system32\_004668_.tmp.dll

c:\windows\system32\_004670_.tmp.dll

c:\windows\system32\_004671_.tmp.dll

c:\windows\system32\_004674_.tmp.dll

c:\windows\system32\_004675_.tmp.dll

c:\windows\system32\_004677_.tmp.dll

c:\windows\system32\_004678_.tmp.dll

c:\windows\system32\_004679_.tmp.dll

c:\windows\system32\_004681_.tmp.dll

c:\windows\system32\_004684_.tmp.dll

c:\windows\system32\_004685_.tmp.dll

c:\windows\system32\_004689_.tmp.dll

c:\windows\system32\_004690_.tmp.dll

c:\windows\system32\_004692_.tmp.dll

c:\windows\system32\_004695_.tmp.dll

c:\windows\system32\_004697_.tmp.dll

c:\windows\system32\_004698_.tmp.dll

c:\windows\system32\_004699_.tmp.dll

c:\windows\system32\_004700_.tmp.dll

c:\windows\system32\_004701_.tmp.dll

c:\windows\system32\_004704_.tmp.dll

c:\windows\system32\_004705_.tmp.dll

c:\windows\system32\_004706_.tmp.dll

c:\windows\system32\_004707_.tmp.dll

c:\windows\system32\_004708_.tmp.dll

c:\windows\system32\_004713_.tmp.dll

c:\windows\system32\_004715_.tmp.dll

c:\windows\system32\Cache

c:\windows\system32\Cache\047144a9b878a36f.fb

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\2c53092c95605355.fb

c:\windows\system32\Cache\31a0997e9a5b5eb3.fb

c:\windows\system32\Cache\32c84fe32bb74d60.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\4a32862b38fd9697.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\5b598853c0105ef0.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\64fcb896798bf27f.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\6d03dad1035885d3.fb

c:\windows\system32\Cache\9ba482de413eb658.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\c1fa887b03019701.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\e0de16f883bea794.fb

c:\windows\system32\Cache\f998975c9cc711ee.fb

c:\windows\system32\SET110D.tmp

c:\windows\system32\SET1110.tmp

c:\windows\system32\SET1113.tmp

c:\windows\system32\SET1118.tmp

c:\windows\system32\SET1125.tmp

c:\windows\system32\SET1126.tmp

c:\windows\system32\SET1130.tmp

c:\windows\system32\SET114C.tmp

c:\windows\system32\SET139.tmp

c:\windows\system32\SET13A.tmp

c:\windows\system32\SET13B.tmp

c:\windows\system32\SET13C.tmp

c:\windows\system32\SET13D.tmp

c:\windows\system32\SET13E.tmp

c:\windows\system32\SET140.tmp

c:\windows\system32\SET147.tmp

c:\windows\system32\SET148.tmp

c:\windows\system32\SET14B.tmp

c:\windows\system32\SET14C.tmp

c:\windows\system32\SET14D.tmp

c:\windows\system32\SET14F.tmp

c:\windows\system32\SET154.tmp

c:\windows\system32\SET155.tmp

c:\windows\system32\SET156.tmp

c:\windows\system32\SET158.tmp

c:\windows\system32\SET159.tmp

c:\windows\system32\SET15A.tmp

c:\windows\system32\SET15B.tmp

c:\windows\system32\SET15C.tmp

c:\windows\system32\SET15E.tmp

c:\windows\system32\SET15F.tmp

c:\windows\system32\SET160.tmp

c:\windows\system32\SET16A.tmp

c:\windows\system32\SET16B.tmp

c:\windows\system32\SET16E.tmp

c:\windows\system32\SET170.tmp

c:\windows\system32\SET171.tmp

c:\windows\system32\SET175.tmp

c:\windows\system32\SET176.tmp

c:\windows\system32\SET178.tmp

c:\windows\system32\SET17A.tmp

c:\windows\system32\SET17B.tmp

c:\windows\system32\SET17C.tmp

c:\windows\system32\SET17E.tmp

c:\windows\system32\SET183.tmp

c:\windows\system32\SET184.tmp

c:\windows\system32\SET185.tmp

c:\windows\system32\SET186.tmp

c:\windows\system32\SET187.tmp

c:\windows\system32\SET18A.tmp

c:\windows\system32\SET18D.tmp

c:\windows\system32\SET192.tmp

c:\windows\system32\SET193.tmp

c:\windows\system32\SET194.tmp

c:\windows\system32\SET196.tmp

c:\windows\system32\SET199.tmp

c:\windows\system32\SET19A.tmp

c:\windows\system32\SET19B.tmp

c:\windows\system32\SET1A1.tmp

c:\windows\system32\SET1A2.tmp

c:\windows\system32\SET1A4.tmp

c:\windows\system32\SET1A8.tmp

c:\windows\system32\SET1B1.tmp

c:\windows\system32\SET1B2.tmp

c:\windows\system32\SET1B5.tmp

c:\windows\system32\SET1B7.tmp

c:\windows\system32\SET1B8.tmp

c:\windows\system32\SET1B9.tmp

c:\windows\system32\SET1BA.tmp

c:\windows\system32\SET1BB.tmp

c:\windows\system32\SET1CB.tmp

c:\windows\system32\SET1D0.tmp

c:\windows\system32\SET1D2.tmp

c:\windows\system32\SET1D4.tmp

c:\windows\system32\SET1D5.tmp

c:\windows\system32\SET1D6.tmp

c:\windows\system32\SET1D7.tmp

c:\windows\system32\SET1D9.tmp

c:\windows\system32\SET1DA.tmp

c:\windows\system32\SET1DE.tmp

c:\windows\system32\SET1DF.tmp

c:\windows\system32\SET1E2.tmp

c:\windows\system32\SET1E3.tmp

c:\windows\system32\SET1E4.tmp

c:\windows\system32\SET1EA.tmp

c:\windows\system32\SET1EB.tmp

c:\windows\system32\SET1EC.tmp

c:\windows\system32\SET1F4.tmp

c:\windows\system32\SET1FA.tmp

c:\windows\system32\SET1FB.tmp

c:\windows\system32\SET1FC.tmp

c:\windows\system32\SET1FD.tmp

c:\windows\system32\SET1FF.tmp

c:\windows\system32\SET204.tmp

c:\windows\system32\SET205.tmp

c:\windows\system32\SET211.tmp

c:\windows\system32\SET213.tmp

c:\windows\system32\SET215.tmp

c:\windows\system32\SET216.tmp

c:\windows\system32\SET217.tmp

c:\windows\system32\SET21A.tmp

c:\windows\system32\SET21F.tmp

c:\windows\system32\SET220.tmp

c:\windows\system32\SET222.tmp

c:\windows\system32\SET224.tmp

c:\windows\system32\SET225.tmp

c:\windows\system32\SET228.tmp

c:\windows\system32\SET22A.tmp

c:\windows\system32\SET22D.tmp

c:\windows\system32\SET23C.tmp

c:\windows\system32\SET23E.tmp

c:\windows\system32\SET23F.tmp

c:\windows\system32\SET240.tmp

c:\windows\system32\SET247.tmp

c:\windows\system32\SET248.tmp

c:\windows\system32\SET24B.tmp

c:\windows\system32\SET24C.tmp

c:\windows\system32\SET24D.tmp

c:\windows\system32\SET24E.tmp

c:\windows\system32\SET24F.tmp

c:\windows\system32\SET251.tmp

c:\windows\system32\SET252.tmp

c:\windows\system32\SET253.tmp

c:\windows\system32\SET255.tmp

c:\windows\system32\SET256.tmp

c:\windows\system32\SET257.tmp

c:\windows\system32\SET259.tmp

c:\windows\system32\SET25C.tmp

c:\windows\system32\SET261.tmp

c:\windows\system32\SET262.tmp

c:\windows\system32\SET263.tmp

c:\windows\system32\SET268.tmp

c:\windows\system32\SET269.tmp

c:\windows\system32\SET26A.tmp

c:\windows\system32\SET26C.tmp

c:\windows\system32\SET26F.tmp

c:\windows\system32\SET271.tmp

c:\windows\system32\SET272.tmp

c:\windows\system32\SET275.tmp

c:\windows\system32\SET276.tmp

c:\windows\system32\SET279.tmp

c:\windows\system32\SET27C.tmp

c:\windows\system32\SET27D.tmp

c:\windows\system32\SET27F.tmp

c:\windows\system32\SET284.tmp

c:\windows\system32\SET289.tmp

c:\windows\system32\SET28D.tmp

c:\windows\system32\SET28F.tmp

c:\windows\system32\SET290.tmp

c:\windows\system32\SET294.tmp

c:\windows\system32\SET299.tmp

c:\windows\system32\SET29E.tmp

c:\windows\system32\SET2A0.tmp

c:\windows\system32\SET2A2.tmp

c:\windows\system32\SET2A3.tmp

c:\windows\system32\SET2AE.tmp

c:\windows\system32\SET2AF.tmp

c:\windows\system32\SET2B0.tmp

c:\windows\system32\SET2B1.tmp

c:\windows\system32\SET2B2.tmp

c:\windows\system32\SET2B3.tmp

c:\windows\system32\SET2B5.tmp

c:\windows\system32\SET2B7.tmp

c:\windows\system32\SET2B9.tmp

c:\windows\system32\SET2C3.tmp

c:\windows\system32\SET2C5.tmp

c:\windows\system32\SET2C7.tmp

c:\windows\system32\SET2C8.tmp

c:\windows\system32\SET2C9.tmp

c:\windows\system32\SET2CB.tmp

c:\windows\system32\SET2CD.tmp

c:\windows\system32\SET2D1.tmp

c:\windows\system32\SET2D2.tmp

c:\windows\system32\SET2D4.tmp

c:\windows\system32\SET2D5.tmp

c:\windows\system32\SET2D7.tmp

c:\windows\system32\SET2D8.tmp

c:\windows\system32\SET2DB.tmp

c:\windows\system32\SET2E6.tmp

c:\windows\system32\SET2EA.tmp

c:\windows\system32\SET2EB.tmp

c:\windows\system32\SET2EC.tmp

c:\windows\system32\SET2EF.tmp

c:\windows\system32\SET2F7.tmp

c:\windows\system32\SET2FE.tmp

c:\windows\system32\SET300.tmp

c:\windows\system32\SET302.tmp

c:\windows\system32\SET304.tmp

c:\windows\system32\SET306.tmp

c:\windows\system32\SET309.tmp

c:\windows\system32\SET318.tmp

c:\windows\system32\SET31C.tmp

c:\windows\system32\SET31E.tmp

c:\windows\system32\SET320.tmp

c:\windows\system32\SET326.tmp

c:\windows\system32\SET32A.tmp

c:\windows\system32\SET338.tmp

c:\windows\system32\SET33E.tmp

c:\windows\system32\SET340.tmp

c:\windows\system32\SET341.tmp

c:\windows\system32\SET342.tmp

c:\windows\system32\SET344.tmp

c:\windows\system32\SET347.tmp

c:\windows\system32\SET348.tmp

c:\windows\system32\SET34C.tmp

c:\windows\system32\SET356.tmp

c:\windows\system32\SET357.tmp

c:\windows\system32\SET35A.tmp

c:\windows\system32\SET35C.tmp

c:\windows\system32\SET35D.tmp

c:\windows\system32\SET35E.tmp

c:\windows\system32\SET360.tmp

c:\windows\system32\SET366.tmp

c:\windows\system32\SET367.tmp

c:\windows\system32\SET36A.tmp

c:\windows\system32\SET36F.tmp

c:\windows\system32\SET375.tmp

c:\windows\system32\SET385.tmp

c:\windows\system32\SET386.tmp

c:\windows\system32\SET38B.tmp

c:\windows\system32\SET395.tmp

c:\windows\system32\SET3A5.tmp

c:\windows\system32\SET3A8.tmp

c:\windows\system32\SET3AB.tmp

c:\windows\system32\SET3B0.tmp

c:\windows\system32\SET3B2.tmp

c:\windows\system32\SET3B6.tmp

c:\windows\system32\SET3BA.tmp

c:\windows\system32\SET3BB.tmp

c:\windows\system32\SET3BD.tmp

c:\windows\system32\SET3BE.tmp

c:\windows\system32\SET3BF.tmp

c:\windows\system32\SET3C2.tmp

c:\windows\system32\SET3C4.tmp

c:\windows\system32\SET3C5.tmp

c:\windows\system32\SET3C7.tmp

c:\windows\system32\SET3C8.tmp

c:\windows\system32\SET3CA.tmp

c:\windows\system32\SET3CC.tmp

c:\windows\system32\SET3D1.tmp

c:\windows\system32\SET3D2.tmp

c:\windows\system32\SET3DA.tmp

c:\windows\system32\SET3E0.tmp

c:\windows\system32\SET3E5.tmp

c:\windows\system32\SET3E8.tmp

c:\windows\system32\SET3EB.tmp

c:\windows\system32\SET3ED.tmp

c:\windows\system32\SET3F1.tmp

c:\windows\system32\SET3F3.tmp

c:\windows\system32\SET3F4.tmp

c:\windows\system32\SET3F5.tmp

c:\windows\system32\SET3F8.tmp

c:\windows\system32\SET3F9.tmp

c:\windows\system32\SET3FD.tmp

c:\windows\system32\SET3FE.tmp

c:\windows\system32\SET403.tmp

c:\windows\system32\SET408.tmp

c:\windows\system32\SET40B.tmp

c:\windows\system32\SET40F.tmp

c:\windows\system32\SET411.tmp

c:\windows\system32\SET413.tmp

c:\windows\system32\SET591.tmp

c:\windows\system32\SET597.tmp

c:\windows\system32\SET9D.tmp

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-07 to 2012-08-07 ))))))))))))))))))))))))))))))

.

.

2012-08-07 22:43 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{9F505EF5-C8D4-4F9C-AD70-2B174E684C98}\mpengine.dll

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\X\Application Data\Malwarebytes

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-07 10:28 . 2012-08-07 10:28 -------- d-----w- c:\program files\Enigma Software Group

2012-08-07 10:27 . 2012-08-07 11:25 -------- d-----w- c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP

2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2012-08-07 10:11 . 2012-08-07 22:33 -------- d--h--r- c:\documents and settings\X\Onlangs geopend

2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client

2012-08-02 07:40 . 2012-08-02 07:40 -------- d-----w- c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm

2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP

2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax

2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax

2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax

2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll

2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll

2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll

2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll

2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll

2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll

2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll

2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll

2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll

2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll

2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax

2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll

2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll

2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll

2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll

2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll

2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll

2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll

2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll

2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple

2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update

2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent

2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe

2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe

2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll

2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax

2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll

2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm

2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll

2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll

2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax

2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax

2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll

2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll

2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec

2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]

"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]

"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

c:\documents and settings\X\Menu Start\Programma's\Opstarten\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^X^Menu Start^Programma's^Opstarten^ctfmon.lnk]

path=c:\documents and settings\X\Menu Start\Programma's\Opstarten\ctfmon.lnk

backup=c:\windows\pss\ctfmon.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^X^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\documents and settings\X\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

2008-06-19 15:20 57344 ----a-w- c:\windows\ALCMTR.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn]

2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]

2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LightScribeService"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120]

R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360]

R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]

S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18/10/2011 20:06 15232]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120]

S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\X\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\X\Bureaublad\WinStress Pro\uxddrv.sys [?]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSLC68DD99E

*Deregistered* - MpKslc68dd99e

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-18 13:43]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job

- c:\documents and settings\XX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job

- c:\documents and settings\XX\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]

.

2012-08-07 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

2012-08-07 c:\windows\Tasks\MpIdleTask.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

2012-08-07 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-08-07 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = socks=127.0.0.1:38771

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.133 195.130.130.5

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab

DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab

FF - ProfilePath - c:\documents and settings\XX\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q=

FF - prefs.js: network.proxy.type - 4

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

MSConfigStartUp-noygahzfhwzqhnr - c:\documents and settings\All Users\Application Data\noygahzf.exe

AddRemove-OVT Scanner - c:\windows\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-08-08 01:08

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(520)

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

.

Voltooingstijd: 2012-08-08 01:11:13

ComboFix-quarantined-files.txt 2012-08-07 23:11

.

Pre-Run: 37.145.907.200 bytes beschikbaar

Post-Run: 37.449.629.696 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

[spybotsd]

timeout.old=30

.

- - End Of File - - 7EE1CAA94FA44EE9EFB068EE50104D48

MO : gaf melding van actieve AVG, niettegenstaande deze gewist werd, MSE is nu de scanner?? Waar dient deze nog verwijderd te worden?

Kan ik op MSE vertrouwen? En dient Malware Anit Malware opnieuw verwijderd te worden?

Alvast bedankt voor de hulp

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm

Registry::

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Om zeker te zijn dat alle sporen van AVG verdwenen zijn, mag je de speciale Removal Tool van AVG eens laten runnen. En wat MSE betreft : ben persoonlijk geen fan van dit programma, maar dat is een uitermate persoonlijke keuze (waardoor je je niet moet laten beïnvloeden). Betrouwbaar is het programma wel, maar (net als andere AV-scanners) is 100 % veiligheid ook hiermee niet gegarandeerd.

Malwarebytes is een aanrader en een programma dat je best op de PC kan laten staan om op geregelde tijdstippen eens te laten scannen. Hou er dan wel rekening mee om steeds te updaten, zodat je over de meest actuele database kan beschikken.

En dan de hamvraag : krijg je nog meldingen van MSE over Trojaantjes ?

[guyzzmo]

logje combofix

ComboFix 12-08-07.05 - xxx 08/08/2012 9:35.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1310 [GMT 2:00]

Gestart vanuit: c:\documents and settings\guy vanzieleghem\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\xxx\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\be-flag.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\be-image.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\btn-green.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners-btn.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners1.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners2.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners3.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\corners4.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\ie6-7.css

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\jquery.main.js

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\main.html

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\McAfee.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\pays-be.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-be.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-en.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\steps-nl.png

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\style.css

c:\documents and settings\All Users\Application Data\mbskiyhnhrsponm\tabs.png

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCall.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla17.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla18.exe

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla19.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla2.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla20.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla21.dll

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseCustomCalla21.exe

c:\windows\CC1F6DA021D2425AB1B65B164A598450.TMP\WiseData.ini

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-08 to 2012-08-08 ))))))))))))))))))))))))))))))

.

.

2012-08-08 07:22 . 2012-08-08 07:22 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\offreg.dll

2012-08-08 07:22 . 2012-08-08 07:22 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\MpKslb385baf8.sys

2012-08-07 23:23 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\mpengine.dll

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\guy vanzieleghem\Application Data\Malwarebytes

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-07 10:28 . 2012-08-07 10:28 -------- d-----w- c:\program files\Enigma Software Group

2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2012-08-07 10:11 . 2012-08-08 07:28 -------- d--h--r- c:\documents and settings\xxx\Onlangs geopend

2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client

2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP

2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax

2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax

2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax

2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll

2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll

2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll

2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll

2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll

2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll

2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll

2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll

2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll

2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll

2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax

2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll

2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll

2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll

2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll

2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll

2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll

2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll

2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll

2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple

2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update

2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent

2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe

2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe

2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll

2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax

2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll

2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm

2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll

2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll

2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax

2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax

2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll

2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll

2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec

2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-07_23.09.12 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-08-08 07:14 . 2012-08-08 07:14 16384 c:\windows\Temp\Perflib_Perfdata_7e4.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]

"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]

"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programma's^Opstarten^ctfmon.lnk]

path=c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\ctfmon.lnk

backup=c:\windows\pss\ctfmon.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^xxx^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\documents and settings\xxx\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn]

2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]

2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LightScribeService"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

.

R1 MpKslb385baf8;MpKslb385baf8;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BABD084E-A7ED-423D-8D92-AF41DC42248D}\MpKslb385baf8.sys [8/08/2012 9:22 29904]

R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120]

R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360]

R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]

S3 esgiguard;esgiguard;\??\c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys --> c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [18/10/2011 20:06 15232]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120]

S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys [?]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - MPKSLB385BAF8

*NewlyCreated* - WS2IFSL

*NewlyCreated* - WUAUSERV

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-07-31 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-10-18 13:43]

.

2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job

- c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job

- c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]

.

2012-08-08 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

2012-08-08 c:\windows\Tasks\MpIdleTask.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

2012-08-07 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-08-08 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = socks=127.0.0.1:38771

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.133 195.130.130.5

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab

DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab

FF - ProfilePath - c:\documents and settings\xxx\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q=

FF - prefs.js: network.proxy.type - 4

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-08-08 09:44

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(532)

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

.

Voltooingstijd: 2012-08-08 09:48:29

ComboFix-quarantined-files.txt 2012-08-08 07:48

ComboFix2.txt 2012-08-07 23:11

.

Pre-Run: 37.401.575.424 bytes beschikbaar

Post-Run: 37.395.718.144 bytes beschikbaar

.

- - End Of File - - 3E2E6A48A6C0826808B82DE3FDCA41E6

Tijdens het opstarten Combofix was er opnieuw melding van AVG 2012 die actief zou zijn.

Ik had ervoor al het removal tool laten lopen (zie hieronder). Blijkbaar zit er nog ergens een angel?

Kan ik deze ergens terugvinden en er toch afkrijgen?

Ik zie ook dat in de combofix er nog melding is van Spyhunter en Lavasoft (Ad Aware?). Deze zijn ook al verwijderd, maar bliujkbaar nog niet volledig weg... Zelfde vraag als bij AVG dus.

Betreffende Malwarebytes, hier dien ik dan alles inactief te zetten indien ik het programma behoud naast MSE?

Alvast bedankt, alleen zou ik hier noooit aan uit geraken. ;-)

Logje AVG removal :

2012-08-08 07:25:48,359 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)

2012-08-08 07:25:48,375 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)

2012-08-08 07:25:48,375 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)

2012-08-08 07:25:48,375 WARN AvgDir param empty.

2012-08-08 07:25:48,406 WARN AvgDataDir param empty.

2012-08-08 07:28:33,546 INFO AvgRemover runs in attempt number 1

2012-08-08 07:28:33,546 INFO ***** Services *****

2012-08-08 07:28:33,546 INFO Processing service avg8emc

2012-08-08 07:28:33,546 INFO Service avg8emc is not installed

2012-08-08 07:28:33,546 DEBUG Service avg8emc RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service avg8emc are not present

2012-08-08 07:28:33,546 INFO Processing service avgfws8

2012-08-08 07:28:33,546 INFO Service avgfws8 is not installed

2012-08-08 07:28:33,546 DEBUG Service avgfws8 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service avgfws8 are not present

2012-08-08 07:28:33,546 INFO Processing service avg8wd

2012-08-08 07:28:33,546 INFO Service avg8wd is not installed

2012-08-08 07:28:33,546 DEBUG Service avg8wd RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service avg8wd are not present

2012-08-08 07:28:33,546 INFO Processing service AvgWFPx

2012-08-08 07:28:33,546 INFO Service AvgWFPx is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgWFPx RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgWFPx are not present

2012-08-08 07:28:33,546 INFO Processing service AvgWFPa

2012-08-08 07:28:33,546 INFO Service AvgWFPa is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgWFPa RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgWFPa are not present

2012-08-08 07:28:33,546 INFO Processing service AvgMfx86

2012-08-08 07:28:33,546 INFO Service AvgMfx86 is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgMfx86 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgMfx86 are not present

2012-08-08 07:28:33,546 INFO Processing service AvgMfx64

2012-08-08 07:28:33,546 INFO Service AvgMfx64 is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgMfx64 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgMfx64 are not present

2012-08-08 07:28:33,546 INFO Processing service AvgLdx86

2012-08-08 07:28:33,546 INFO Service AvgLdx86 is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgLdx86 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgLdx86 are not present

2012-08-08 07:28:33,546 INFO Processing service AvgLdx64

2012-08-08 07:28:33,546 INFO Service AvgLdx64 is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgLdx64 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgLdx64 are not present

2012-08-08 07:28:33,546 INFO Processing service AvgTdiX

2012-08-08 07:28:33,546 INFO Service AvgTdiX is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgTdiX RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgTdiX are not present

2012-08-08 07:28:33,546 INFO Processing service AvgTdiA

2012-08-08 07:28:33,546 INFO Service AvgTdiA is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgTdiA RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgTdiA are not present

2012-08-08 07:28:33,546 INFO Processing service AvgRkx86

2012-08-08 07:28:33,546 INFO Service AvgRkx86 is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgRkx86 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgRkx86 are not present

2012-08-08 07:28:33,546 INFO Processing service AvgRkx64

2012-08-08 07:28:33,546 INFO Service AvgRkx64 is not installed

2012-08-08 07:28:33,546 DEBUG Service AvgRkx64 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AvgRkx64 are not present

2012-08-08 07:28:33,546 INFO Processing service avg9emc

2012-08-08 07:28:33,546 INFO Service avg9emc is not installed

2012-08-08 07:28:33,546 DEBUG Service avg9emc RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service avg9emc are not present

2012-08-08 07:28:33,546 INFO Processing service avgfws9

2012-08-08 07:28:33,546 INFO Service avgfws9 is not installed

2012-08-08 07:28:33,546 DEBUG Service avgfws9 RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service avgfws9 are not present

2012-08-08 07:28:33,546 INFO Processing service avg9wd

2012-08-08 07:28:33,546 INFO Service avg9wd is not installed

2012-08-08 07:28:33,546 DEBUG Service avg9wd RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service avg9wd are not present

2012-08-08 07:28:33,546 INFO Processing service AVGIDSAgent

2012-08-08 07:28:33,546 INFO Service AVGIDSAgent is not installed

2012-08-08 07:28:33,546 DEBUG Service AVGIDSAgent RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSAgent are not present

2012-08-08 07:28:33,546 INFO Processing service AVGIDSShimxpx

2012-08-08 07:28:33,546 INFO Service AVGIDSShimxpx is not installed

2012-08-08 07:28:33,546 DEBUG Service AVGIDSShimxpx RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSShimxpx are not present

2012-08-08 07:28:33,546 INFO Processing service AVGIDSFilterxpx

2012-08-08 07:28:33,546 INFO Service AVGIDSFilterxpx is not installed

2012-08-08 07:28:33,546 DEBUG Service AVGIDSFilterxpx RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSFilterxpx are not present

2012-08-08 07:28:33,546 INFO Processing service AVGIDSDriverxpx

2012-08-08 07:28:33,546 INFO Service AVGIDSDriverxpx is not installed

2012-08-08 07:28:33,546 DEBUG Service AVGIDSDriverxpx RegCleanup

2012-08-08 07:28:33,546 DEBUG Registry keys for service AVGIDSDriverxpx are not present

2012-08-08 07:28:33,546 INFO Processing service AVGIDSShimvtx

2012-08-08 07:28:33,562 INFO Service AVGIDSShimvtx is not installed

2012-08-08 07:28:33,562 DEBUG Service AVGIDSShimvtx RegCleanup

2012-08-08 07:28:33,562 DEBUG Registry keys for service AVGIDSShimvtx are not present

2012-08-08 07:28:33,562 INFO Processing service AVGIDSFiltervtx

2012-08-08 07:28:33,578 INFO Service AVGIDSFiltervtx is not installed

2012-08-08 07:28:33,578 DEBUG Service AVGIDSFiltervtx RegCleanup

2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSFiltervtx are not present

2012-08-08 07:28:33,578 INFO Processing service AVGIDSDrivervtx

2012-08-08 07:28:33,578 INFO Service AVGIDSDrivervtx is not installed

2012-08-08 07:28:33,578 DEBUG Service AVGIDSDrivervtx RegCleanup

2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSDrivervtx are not present

2012-08-08 07:28:33,578 INFO Processing service AVGIDSFiltervta

2012-08-08 07:28:33,578 INFO Service AVGIDSFiltervta is not installed

2012-08-08 07:28:33,578 DEBUG Service AVGIDSFiltervta RegCleanup

2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSFiltervta are not present

2012-08-08 07:28:33,578 INFO Processing service AVGIDSDrivervta

2012-08-08 07:28:33,578 INFO Service AVGIDSDrivervta is not installed

2012-08-08 07:28:33,578 DEBUG Service AVGIDSDrivervta RegCleanup

2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSDrivervta are not present

2012-08-08 07:28:33,578 INFO Processing service AVGIDSShimw7x

2012-08-08 07:28:33,578 INFO Service AVGIDSShimw7x is not installed

2012-08-08 07:28:33,578 DEBUG Service AVGIDSShimw7x RegCleanup

2012-08-08 07:28:33,578 DEBUG Registry keys for service AVGIDSShimw7x are not present

2012-08-08 07:28:33,578 INFO Processing service AVGIDSFilterw7x

2012-08-08 07:28:33,609 INFO Service AVGIDSFilterw7x is not installed

2012-08-08 07:28:33,609 DEBUG Service AVGIDSFilterw7x RegCleanup

2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSFilterw7x are not present

2012-08-08 07:28:33,609 INFO Processing service AVGIDSDriverw7x

2012-08-08 07:28:33,609 INFO Service AVGIDSDriverw7x is not installed

2012-08-08 07:28:33,609 DEBUG Service AVGIDSDriverw7x RegCleanup

2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSDriverw7x are not present

2012-08-08 07:28:33,609 INFO Processing service AVGIDSFilterw7a

2012-08-08 07:28:33,609 INFO Service AVGIDSFilterw7a is not installed

2012-08-08 07:28:33,609 DEBUG Service AVGIDSFilterw7a RegCleanup

2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSFilterw7a are not present

2012-08-08 07:28:33,609 INFO Processing service AVGIDSDriverw7a

2012-08-08 07:28:33,609 INFO Service AVGIDSDriverw7a is not installed

2012-08-08 07:28:33,609 DEBUG Service AVGIDSDriverw7a RegCleanup

2012-08-08 07:28:33,609 DEBUG Registry keys for service AVGIDSDriverw7a are not present

2012-08-08 07:28:33,609 INFO Processing service AVGIDSErHrxpx

2012-08-08 07:28:33,625 INFO Service AVGIDSErHrxpx is not installed

2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrxpx RegCleanup

2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrxpx are not present

2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrvtx

2012-08-08 07:28:33,625 INFO Service AVGIDSErHrvtx is not installed

2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrvtx RegCleanup

2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrvtx are not present

2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrvta

2012-08-08 07:28:33,625 INFO Service AVGIDSErHrvta is not installed

2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrvta RegCleanup

2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrvta are not present

2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrw7x

2012-08-08 07:28:33,625 INFO Service AVGIDSErHrw7x is not installed

2012-08-08 07:28:33,625 DEBUG Service AVGIDSErHrw7x RegCleanup

2012-08-08 07:28:33,625 DEBUG Registry keys for service AVGIDSErHrw7x are not present

2012-08-08 07:28:33,625 INFO Processing service AVGIDSErHrw7a

2012-08-08 07:28:33,656 INFO Service AVGIDSErHrw7a is not installed

2012-08-08 07:28:33,656 DEBUG Service AVGIDSErHrw7a RegCleanup

2012-08-08 07:28:33,656 DEBUG Registry keys for service AVGIDSErHrw7a are not present

2012-08-08 07:28:33,656 INFO ***** Registry keys and values *****

2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions

2012-08-08 07:28:33,656 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove

2012-08-08 07:28:33,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present

2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions

2012-08-08 07:28:33,656 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove

2012-08-08 07:28:33,656 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present

2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found

2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found

2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found

2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found

2012-08-08 07:28:33,656 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found

2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}

2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found

2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:28:33,656 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:28:33,656 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify

2012-08-08 07:28:33,671 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run

2012-08-08 07:28:33,671 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove

2012-08-08 07:28:33,671 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove

2012-08-08 07:28:33,671 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found

2012-08-08 07:28:33,671 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\AvgDiagFile

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\.avgdi

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\.avgdi not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\Clients

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\Clients ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\Clients not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG8

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG9

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG IDS

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG IDS not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG

2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\AVG:DumpType Remove

2012-08-08 07:28:33,687 INFO Value SOFTWARE\AVG:DumpType is not present

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Remove

2012-08-08 07:28:33,687 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG Security Toolbar

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG8

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG8 not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG\AVG9

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG\AVG9 not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Remove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\AVG Security Toolbar

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\AVG Security Toolbar not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks

2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove

2012-08-08 07:28:33,687 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:28:33,687 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:28:33,687 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser

2012-08-08 07:28:33,687 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove

2012-08-08 07:28:33,703 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present

2012-08-08 07:28:33,703 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:28:33,703 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}

2012-08-08 07:28:33,703 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove

2012-08-08 07:28:33,703 INFO Processing registry aAvgAPI.AvgBro

2012-08-08 07:28:33,703 DEBUG Key aAvgAPI.AvgBro ForceRemove

2012-08-08 07:28:33,703 DEBUG Key aAvgAPI.AvgBro not found

2012-08-08 07:28:33,703 INFO Processing registry AVG.Office

2012-08-08 07:28:33,703 DEBUG Key AVG.Office ForceRemove

2012-08-08 07:28:33,703 DEBUG Key AVG.Office not found

2012-08-08 07:28:33,703 INFO Processing registry AVG.Office.8

2012-08-08 07:28:33,703 DEBUG Key AVG.Office.8 ForceRemove

2012-08-08 07:28:33,703 DEBUG Key AVG.Office.8 not found

2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBAR

2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove

2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBAR not found

2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button

2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove

2012-08-08 07:28:33,703 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button

2012-08-08 07:28:33,703 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove

2012-08-08 07:28:33,703 INFO Processing registry LinkScannerIE.NavFilter

2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter ForceRemove

2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter not found

2012-08-08 07:28:33,703 INFO Processing registry LinkScannerIE.NavFilter.1

2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove

2012-08-08 07:28:33,703 DEBUG Key LinkScannerIE.NavFilter.1 not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found

2012-08-08 07:28:33,703 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:28:33,703 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:28:33,703 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}

2012-08-08 07:28:33,703 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found

2012-08-08 07:28:33,703 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}

2012-08-08 07:28:33,703 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove

2012-08-08 07:28:33,703 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found

2012-08-08 07:28:33,703 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}

2012-08-08 07:28:33,718 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove

2012-08-08 07:28:33,718 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found

2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found

2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found

2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found

2012-08-08 07:28:33,718 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:28:33,718 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:28:33,718 INFO ***** Files and folders *****

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 0

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 1

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 2

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 3

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 4

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 5

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 6

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 7

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 8

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 9

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 10

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 11

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 12

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 13

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 14

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 15

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 16

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk

2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk

2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk

2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk

2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk not found

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 27

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 28

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 29

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 30

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 31

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 32

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 33

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 34

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 35

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 36

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 37

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 38

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 39

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 40

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 41

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 42

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 43

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 44

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 45

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 46

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 47

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 48

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 49

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 50

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 51

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 52

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 53

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 54

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 55

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 56

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 57

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 58

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 59

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 60

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 61

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 62

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 63

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 64

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 65

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 66

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 67

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 68

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 69

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 70

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

2012-08-08 07:28:33,718 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk

2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk not found

2012-08-08 07:28:33,718 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk

2012-08-08 07:28:33,718 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk not found

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 76

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 77

2012-08-08 07:28:33,718 DEBUG Missing ParentDir path for fileItem number 78

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 79

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 80

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 81

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 82

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 83

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 84

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 85

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 86

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 87

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 88

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 89

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 90

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 91

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 92

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 93

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 94

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 95

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 96

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 97

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 98

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 99

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 100

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 101

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 102

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 103

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 104

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 105

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 106

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 107

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 108

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 109

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 110

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 111

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 112

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 113

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 114

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 115

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 116

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 117

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 118

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 119

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 120

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 121

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 122

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 123

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 124

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 125

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 126

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 127

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 128

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 129

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 130

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 131

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 132

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 133

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 134

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 135

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 136

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 137

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 138

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 139

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 140

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 141

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 142

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 143

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 144

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 145

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 146

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 147

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 148

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 149

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 150

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 151

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 152

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 153

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 154

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 155

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 156

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 157

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 158

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 159

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 160

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 161

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 162

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 163

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 164

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 165

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 166

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 167

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 168

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 169

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 170

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 171

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 172

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 173

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 174

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 175

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 176

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 177

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 178

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 179

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 180

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 181

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 182

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 183

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 184

2012-08-08 07:28:33,734 DEBUG Missing ParentDir path for fileItem number 185

2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:28:33,734 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg

2012-08-08 07:28:33,750 INFO File C:\WINDOWS\System32\Drivers\avg\compat12.txt deleted

2012-08-08 07:28:33,765 INFO Directory C:\WINDOWS\System32\Drivers\avg deleted

2012-08-08 07:28:33,765 DEBUG Processing item C:\WINDOWS\System32

2012-08-08 07:28:33,765 DEBUG Processing item C:\Program Files\AVG

2012-08-08 07:28:33,765 INFO Directory C:\Program Files\AVG not found

2012-08-08 07:28:33,765 DEBUG Missing ParentDir path for fileItem number 194

2012-08-08 07:28:33,765 INFO ***** Avg Fw NDIS driver *****

2012-08-08 07:28:36,656 INFO FW NDIS driver not present

2012-08-08 07:30:38,437 DEBUG Avg9Uninstall\Directories key failed to open (error: e0010013)

2012-08-08 07:30:38,437 DEBUG Avg8Uninstall\Directories key failed to open (error: e0010013)

2012-08-08 07:30:38,437 DEBUG Reading HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion:ProgramFilesDir (x86) value failed (error: e001003d)

2012-08-08 07:30:38,437 WARN AvgDir param empty.

2012-08-08 07:30:38,437 WARN AvgDataDir param empty.

2012-08-08 07:30:41,484 INFO AvgRemover runs in attempt number 1

2012-08-08 07:30:41,484 INFO ***** Services *****

2012-08-08 07:30:41,484 INFO Processing service avg8emc

2012-08-08 07:30:41,484 INFO Service avg8emc is not installed

2012-08-08 07:30:41,484 DEBUG Service avg8emc RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service avg8emc are not present

2012-08-08 07:30:41,484 INFO Processing service avgfws8

2012-08-08 07:30:41,484 INFO Service avgfws8 is not installed

2012-08-08 07:30:41,484 DEBUG Service avgfws8 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service avgfws8 are not present

2012-08-08 07:30:41,484 INFO Processing service avg8wd

2012-08-08 07:30:41,484 INFO Service avg8wd is not installed

2012-08-08 07:30:41,484 DEBUG Service avg8wd RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service avg8wd are not present

2012-08-08 07:30:41,484 INFO Processing service AvgWFPx

2012-08-08 07:30:41,484 INFO Service AvgWFPx is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgWFPx RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgWFPx are not present

2012-08-08 07:30:41,484 INFO Processing service AvgWFPa

2012-08-08 07:30:41,484 INFO Service AvgWFPa is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgWFPa RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgWFPa are not present

2012-08-08 07:30:41,484 INFO Processing service AvgMfx86

2012-08-08 07:30:41,484 INFO Service AvgMfx86 is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgMfx86 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgMfx86 are not present

2012-08-08 07:30:41,484 INFO Processing service AvgMfx64

2012-08-08 07:30:41,484 INFO Service AvgMfx64 is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgMfx64 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgMfx64 are not present

2012-08-08 07:30:41,484 INFO Processing service AvgLdx86

2012-08-08 07:30:41,484 INFO Service AvgLdx86 is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgLdx86 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgLdx86 are not present

2012-08-08 07:30:41,484 INFO Processing service AvgLdx64

2012-08-08 07:30:41,484 INFO Service AvgLdx64 is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgLdx64 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgLdx64 are not present

2012-08-08 07:30:41,484 INFO Processing service AvgTdiX

2012-08-08 07:30:41,484 INFO Service AvgTdiX is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgTdiX RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgTdiX are not present

2012-08-08 07:30:41,484 INFO Processing service AvgTdiA

2012-08-08 07:30:41,484 INFO Service AvgTdiA is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgTdiA RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgTdiA are not present

2012-08-08 07:30:41,484 INFO Processing service AvgRkx86

2012-08-08 07:30:41,484 INFO Service AvgRkx86 is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgRkx86 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgRkx86 are not present

2012-08-08 07:30:41,484 INFO Processing service AvgRkx64

2012-08-08 07:30:41,484 INFO Service AvgRkx64 is not installed

2012-08-08 07:30:41,484 DEBUG Service AvgRkx64 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AvgRkx64 are not present

2012-08-08 07:30:41,484 INFO Processing service avg9emc

2012-08-08 07:30:41,484 INFO Service avg9emc is not installed

2012-08-08 07:30:41,484 DEBUG Service avg9emc RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service avg9emc are not present

2012-08-08 07:30:41,484 INFO Processing service avgfws9

2012-08-08 07:30:41,484 INFO Service avgfws9 is not installed

2012-08-08 07:30:41,484 DEBUG Service avgfws9 RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service avgfws9 are not present

2012-08-08 07:30:41,484 INFO Processing service avg9wd

2012-08-08 07:30:41,484 INFO Service avg9wd is not installed

2012-08-08 07:30:41,484 DEBUG Service avg9wd RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service avg9wd are not present

2012-08-08 07:30:41,484 INFO Processing service AVGIDSAgent

2012-08-08 07:30:41,484 INFO Service AVGIDSAgent is not installed

2012-08-08 07:30:41,484 DEBUG Service AVGIDSAgent RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSAgent are not present

2012-08-08 07:30:41,484 INFO Processing service AVGIDSShimxpx

2012-08-08 07:30:41,484 INFO Service AVGIDSShimxpx is not installed

2012-08-08 07:30:41,484 DEBUG Service AVGIDSShimxpx RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSShimxpx are not present

2012-08-08 07:30:41,484 INFO Processing service AVGIDSFilterxpx

2012-08-08 07:30:41,484 INFO Service AVGIDSFilterxpx is not installed

2012-08-08 07:30:41,484 DEBUG Service AVGIDSFilterxpx RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSFilterxpx are not present

2012-08-08 07:30:41,484 INFO Processing service AVGIDSDriverxpx

2012-08-08 07:30:41,484 INFO Service AVGIDSDriverxpx is not installed

2012-08-08 07:30:41,484 DEBUG Service AVGIDSDriverxpx RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSDriverxpx are not present

2012-08-08 07:30:41,484 INFO Processing service AVGIDSShimvtx

2012-08-08 07:30:41,484 INFO Service AVGIDSShimvtx is not installed

2012-08-08 07:30:41,484 DEBUG Service AVGIDSShimvtx RegCleanup

2012-08-08 07:30:41,484 DEBUG Registry keys for service AVGIDSShimvtx are not present

2012-08-08 07:30:41,484 INFO Processing service AVGIDSFiltervtx

2012-08-08 07:30:41,484 INFO Service AVGIDSFiltervtx is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSFiltervtx RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFiltervtx are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSDrivervtx

2012-08-08 07:30:41,500 INFO Service AVGIDSDrivervtx is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSDrivervtx RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDrivervtx are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSFiltervta

2012-08-08 07:30:41,500 INFO Service AVGIDSFiltervta is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSFiltervta RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFiltervta are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSDrivervta

2012-08-08 07:30:41,500 INFO Service AVGIDSDrivervta is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSDrivervta RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDrivervta are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSShimw7x

2012-08-08 07:30:41,500 INFO Service AVGIDSShimw7x is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSShimw7x RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSShimw7x are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSFilterw7x

2012-08-08 07:30:41,500 INFO Service AVGIDSFilterw7x is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSFilterw7x RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFilterw7x are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSDriverw7x

2012-08-08 07:30:41,500 INFO Service AVGIDSDriverw7x is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSDriverw7x RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDriverw7x are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSFilterw7a

2012-08-08 07:30:41,500 INFO Service AVGIDSFilterw7a is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSFilterw7a RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSFilterw7a are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSDriverw7a

2012-08-08 07:30:41,500 INFO Service AVGIDSDriverw7a is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSDriverw7a RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSDriverw7a are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrxpx

2012-08-08 07:30:41,500 INFO Service AVGIDSErHrxpx is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrxpx RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrxpx are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrvtx

2012-08-08 07:30:41,500 INFO Service AVGIDSErHrvtx is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrvtx RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrvtx are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrvta

2012-08-08 07:30:41,500 INFO Service AVGIDSErHrvta is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrvta RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrvta are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrw7x

2012-08-08 07:30:41,500 INFO Service AVGIDSErHrw7x is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrw7x RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrw7x are not present

2012-08-08 07:30:41,500 INFO Processing service AVGIDSErHrw7a

2012-08-08 07:30:41,500 INFO Service AVGIDSErHrw7a is not installed

2012-08-08 07:30:41,500 DEBUG Service AVGIDSErHrw7a RegCleanup

2012-08-08 07:30:41,500 DEBUG Registry keys for service AVGIDSErHrw7a are not present

2012-08-08 07:30:41,500 INFO ***** Registry keys and values *****

2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions

2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} Remove

2012-08-08 07:30:41,500 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{3f963a5b-e555-4543-90e2-c3908898db71} is not present

2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Mozilla\Firefox\Extensions

2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} Remove

2012-08-08 07:30:41,500 INFO Value SOFTWARE\Mozilla\Firefox\Extensions:{1d5287d1-8a92-0001-1f31-1cec198018d8} is not present

2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg8Alrt not found

2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\Avg9Alrt not found

2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Eventlog\Application\AvgEms not found

2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found

2012-08-08 07:30:41,500 INFO Processing registry SYSTEM\CurrentControlSet\Services\Avg

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SYSTEM\CurrentControlSet\Services\Avg not found

2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054}

2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2AF1721-312E-4B07-8B17-CEB780DCD054} not found

2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:30:41,500 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:30:41,500 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar

2012-08-08 07:30:41,500 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove

2012-08-08 07:30:41,500 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:30:41,515 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:30:41,515 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:Outlook Setup Extension is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Exchange\Client\Extensions

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Exchange\Client\Extensions:AVG Exchange Extension is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify

2012-08-08 07:30:41,515 DEBUG Reading SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs failed (error: e001003d)

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows:AppInit_DLLs Modify failed

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved:{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG8_TRAY is not present

2012-08-08 07:30:41,515 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Run

2012-08-08 07:30:41,515 DEBUG Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY Remove

2012-08-08 07:30:41,515 INFO Value SOFTWARE\Microsoft\Windows\CurrentVersion\Run:AVG9_TRAY is not present

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG8Uninstall not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG7Uninstall not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG9Uninstall not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3 not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\AvgDiagFile

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\AvgDiagFile

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\AvgDiagFile not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\.avgdi

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\.avgdi ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\.avgdi not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\piffile\shellex\ContextMenuHandlers\AVG8 Shell Extension not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\AVG8 Shell Extension not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\Classes\*\shellex\ContextMenuHandlers\AVG8 Shell Extension not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\Clients

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\Clients ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\Clients not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG8

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG9

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG IDS

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG IDS ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG IDS not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG

2012-08-08 07:30:41,531 DEBUG Value SOFTWARE\AVG:DumpType Remove

2012-08-08 07:30:41,531 INFO Value SOFTWARE\AVG:DumpType is not present

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Remove

2012-08-08 07:30:41,531 WARN Deleting key SOFTWARE\AVG failed (error e0010058), key is not empty

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG Security Toolbar

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG8

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG8 not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG\AVG9

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG\AVG9 not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Remove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\AVG Security Toolbar

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar ForceRemove

2012-08-08 07:30:41,531 DEBUG Key SOFTWARE\AVG Security Toolbar not found

2012-08-08 07:30:41,531 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks

2012-08-08 07:30:41,546 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} Remove

2012-08-08 07:30:41,546 INFO Value SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks:{A3BC75A2-1F87-4686-AA43-5347D756017C} is not present

2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser

2012-08-08 07:30:41,546 DEBUG Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Remove

2012-08-08 07:30:41,546 INFO Value SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser:{CCC7A320-B3CA-4199-B1A6-9F516DD69829} is not present

2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:30:41,546 INFO Processing registry SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C}

2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found

2012-08-08 07:30:41,546 INFO Processing registry aAvgAPI.AvgBro

2012-08-08 07:30:41,546 DEBUG Key aAvgAPI.AvgBro ForceRemove

2012-08-08 07:30:41,546 DEBUG Key aAvgAPI.AvgBro not found

2012-08-08 07:30:41,546 INFO Processing registry AVG.Office

2012-08-08 07:30:41,546 DEBUG Key AVG.Office ForceRemove

2012-08-08 07:30:41,546 DEBUG Key AVG.Office not found

2012-08-08 07:30:41,546 INFO Processing registry AVG.Office.8

2012-08-08 07:30:41,546 DEBUG Key AVG.Office.8 ForceRemove

2012-08-08 07:30:41,546 DEBUG Key AVG.Office.8 not found

2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBAR

2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBAR ForceRemove

2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBAR not found

2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBARMenu Button

2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button ForceRemove

2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARMenu Button not found

2012-08-08 07:30:41,546 INFO Processing registry avgtoolbar.AVGTOOLBARToggle Button

2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button ForceRemove

2012-08-08 07:30:41,546 DEBUG Key avgtoolbar.AVGTOOLBARToggle Button not found

2012-08-08 07:30:41,546 INFO Processing registry LinkScannerIE.NavFilter

2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter ForceRemove

2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter not found

2012-08-08 07:30:41,546 INFO Processing registry LinkScannerIE.NavFilter.1

2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter.1 ForceRemove

2012-08-08 07:30:41,546 DEBUG Key LinkScannerIE.NavFilter.1 not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{04373D9C-5ED8-44f2-BA00-7895D6A5A2DA} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{18B30EBF-6B58-425E-AC54-831C05D91B5A} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698E} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E2698F}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E2698F} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A057A204-BACC-4D26-9990-79A187E26990}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{A057A204-BACC-4D26-9990-79A187E26990} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7}

2012-08-08 07:30:41,546 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} ForceRemove

2012-08-08 07:30:41,546 DEBUG Key CLSID\{9781B2D1-AF27-474F-A3A5-C0763FBDF3B7} not found

2012-08-08 07:30:41,546 INFO Processing registry CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}

2012-08-08 07:30:41,562 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found

2012-08-08 07:30:41,562 INFO Processing registry CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:30:41,562 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:30:41,562 INFO Processing registry Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D}

2012-08-08 07:30:41,562 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key Interface\{52261B0E-CA1A-4FA9-9805-4D01202DF09D} not found

2012-08-08 07:30:41,562 INFO Processing registry Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C}

2012-08-08 07:30:41,562 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key Interface\{8EA1F9F2-997A-4832-8E09-815E3D0C0A0C} not found

2012-08-08 07:30:41,562 INFO Processing registry Interface\{7F24AABF-C822-4C18-9432-21433208F4DC}

2012-08-08 07:30:41,562 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key Interface\{7F24AABF-C822-4C18-9432-21433208F4DC} not found

2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30}

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{3E536428-8E1A-4A2C-8463-4A8F74763C30} not found

2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7}

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{5DAB1D4C-D020-41CD-936F-D63FF662E9F7} not found

2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9}

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{A0C8F0F1-DE25-4ADB-8F0B-508F6CA43DE9} not found

2012-08-08 07:30:41,562 INFO Processing registry TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} ForceRemove

2012-08-08 07:30:41,562 DEBUG Key TypeLib\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found

2012-08-08 07:30:41,562 INFO ***** Files and folders *****

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 0

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 1

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 2

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 3

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 4

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 5

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 6

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 7

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 8

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 9

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 10

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 11

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 12

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 13

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 14

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 15

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 16

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR

2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\guy vanzieleghem\Application Data\AVGTOOLBAR not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0

2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.0 not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0

2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.0 not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5

2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg 8.5 not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5

2012-08-08 07:30:41,562 INFO Directory C:\Documents and Settings\All Users\Menu Start\Programma's\avg free 8.5 not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk

2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.0.lnk not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk

2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.0.lnk not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk

2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 8.5.lnk not found

2012-08-08 07:30:41,562 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk

2012-08-08 07:30:41,562 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 8.5.lnk not found

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 27

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 28

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 29

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 30

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 31

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 32

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 33

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 34

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 35

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 36

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 37

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 38

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 39

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 40

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 41

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 42

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 43

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 44

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 45

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 46

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 47

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 48

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 49

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 50

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 51

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 52

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 53

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 54

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 55

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 56

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 57

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 58

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 59

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 60

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 61

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 62

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 63

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 64

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 65

2012-08-08 07:30:41,562 DEBUG Missing ParentDir path for fileItem number 66

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 67

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 68

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 69

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 70

2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages

2012-08-08 07:30:41,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar\Languages not found

2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar

2012-08-08 07:30:41,578 INFO Directory C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar not found

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk

2012-08-08 07:30:41,578 INFO File C:\Documents and Settings\All Users\Bureaublad\avg 9.0.lnk not found

2012-08-08 07:30:41,578 DEBUG Processing item C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk

2012-08-08 07:30:41,578 INFO File C:\Documents and Settings\All Users\Bureaublad\avg free 9.0.lnk not found

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 76

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 77

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 78

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 79

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 80

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 81

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 82

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 83

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 84

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 85

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 86

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 87

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 88

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 89

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 90

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 91

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 92

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 93

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 94

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 95

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 96

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 97

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 98

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 99

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 100

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 101

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 102

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 103

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 104

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 105

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 106

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 107

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 108

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 109

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 110

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 111

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 112

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 113

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 114

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 115

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 116

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 117

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 118

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 119

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 120

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 121

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 122

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 123

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 124

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 125

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 126

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 127

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 128

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 129

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 130

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 131

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 132

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 133

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 134

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 135

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 136

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 137

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 138

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 139

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 140

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 141

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 142

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 143

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 144

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 145

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 146

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 147

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 148

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 149

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 150

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 151

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 152

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 153

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 154

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 155

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 156

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 157

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 158

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 159

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 160

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 161

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 162

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 163

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 164

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 165

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 166

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 167

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 168

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 169

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 170

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 171

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 172

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 173

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 174

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 175

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 176

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 177

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 178

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 179

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 180

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 181

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 182

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 183

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 184

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 185

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32\Drivers\avg

2012-08-08 07:30:41,578 INFO Directory C:\WINDOWS\System32\Drivers\avg not found

2012-08-08 07:30:41,578 DEBUG Processing item C:\WINDOWS\System32

2012-08-08 07:30:41,578 DEBUG Processing item C:\Program Files\AVG

2012-08-08 07:30:41,578 INFO Directory C:\Program Files\AVG not found

2012-08-08 07:30:41,578 DEBUG Missing ParentDir path for fileItem number 194

2012-08-08 07:30:41,578 INFO ***** Avg Fw NDIS driver *****

2012-08-08 07:30:42,187 INFO FW NDIS driver not present

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\Tasks\Ad-Aware Update (Weekly).job

c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

Folder::

c:\program files\Enigma Software Group

c:\program files\Lavasoft

Driver::

esgiguard

Lavasoft Kernexplorer

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Bij Malwarebytes moet je de real-time bescherming uitschakelen, als je deze enkel op geregelde tijdstippen wil gebruiken naast je MSE. Dan scant het programma niet automatisch mee.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

8 augustus 2012 aangepast door kape

[guyzzmo]

ComboFix 12-08-07.05 - naam 08/08/2012 13:28:22.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2046.1479 [GMT 2:00]

Gestart vanuit: c:\documents and settings\naam\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\naam\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: AVG Internet Security 2012 *Disabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

FILE ::

"c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe"

"c:\windows\Tasks\Ad-Aware Update (Weekly).job"

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\Enigma Software Group

c:\program files\Enigma Software Group\SpyHunter\gil.dat

c:\program files\Enigma Software Group\SpyHunter\INSTALL.LOG

c:\program files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20120807_122837.log

c:\program files\Enigma Software Group\SpyHunter\safeol.dat

c:\program files\Enigma Software Group\SpyHunter\scanlog.log

c:\program files\Enigma Software Group\SpyHunter\supportlog.txt

c:\program files\Enigma Software Group\SpyHunter\unkcache.dat

c:\program files\Lavasoft

c:\program files\Lavasoft\Ad-Aware\aawapi.dll

c:\program files\Lavasoft\Ad-Aware\AAWService.exe

c:\program files\Lavasoft\Ad-Aware\AAWTray.exe

c:\program files\Lavasoft\Ad-Aware\Ad-Aware.exe

c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

c:\program files\Lavasoft\Ad-Aware\Ad-AwareCommand.exe

c:\program files\Lavasoft\Ad-Aware\AutoLaunch.exe

c:\program files\Lavasoft\Ad-Aware\AWSC.exe

c:\program files\Lavasoft\Ad-Aware\AWSCUpdate.dll

c:\program files\Lavasoft\Ad-Aware\CEAPI.dll

c:\program files\Lavasoft\Ad-Aware\dbghelp.dll

c:\program files\Lavasoft\Ad-Aware\Drivers\32\AAWDriverTool.exe

c:\program files\Lavasoft\Ad-Aware\Drivers\32\DIFxAPI.dll

c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.cat

c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.inf

c:\program files\Lavasoft\Ad-Aware\Drivers\32\lbd.sys

c:\program files\Lavasoft\Ad-Aware\Drivers\64\AAWDriverTool.exe

c:\program files\Lavasoft\Ad-Aware\Drivers\64\DIFxAPI.dll

c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.cat

c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.inf

c:\program files\Lavasoft\Ad-Aware\Drivers\64\lbd.sys

c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys

c:\program files\Lavasoft\Ad-Aware\Languages\resource_de-DE.xml

c:\program files\Lavasoft\Ad-Aware\Languages\resource_en-US.xml

c:\program files\Lavasoft\Ad-Aware\Languages\resource_es-ES.xml

c:\program files\Lavasoft\Ad-Aware\Languages\resource_fr-FR.xml

c:\program files\Lavasoft\Ad-Aware\Languages\resource_it-IT.xml

c:\program files\Lavasoft\Ad-Aware\Languages\ResourceAdmin.xml

c:\program files\Lavasoft\Ad-Aware\lavalicense.dll

c:\program files\Lavasoft\Ad-Aware\lavamessage.dll

c:\program files\Lavasoft\Ad-Aware\lsdelete.exe

c:\program files\Lavasoft\Ad-Aware\Neutralize.dll

c:\program files\Lavasoft\Ad-Aware\PrivacyClean.dll

c:\program files\Lavasoft\Ad-Aware\Rebrand.dat

c:\program files\Lavasoft\Ad-Aware\Resources.dll

c:\program files\Lavasoft\Ad-Aware\Resources\Default.eGL

c:\program files\Lavasoft\Ad-Aware\RPAPI.dll

c:\program files\Lavasoft\Ad-Aware\sbap.dll

c:\program files\Lavasoft\Ad-Aware\SBRE.dll

c:\program files\Lavasoft\Ad-Aware\SBTE.dll

c:\program files\Lavasoft\Ad-Aware\ShellExt.dll

c:\program files\Lavasoft\Ad-Aware\threatwork.exe

c:\program files\Lavasoft\Ad-Aware\unrar.dll

c:\program files\Lavasoft\Ad-Aware\UpdateManager.dll

c:\program files\Lavasoft\Ad-Aware\Vipre.dll

c:\program files\Lavasoft\Ad-Aware\VipreBridge.dll

c:\windows\Tasks\Ad-Aware Update (Weekly).job

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_ESGIGUARD

-------\Legacy_LAVASOFT_KERNEXPLORER

-------\Service_esgiguard

-------\Service_Lavasoft Kernexplorer

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-07-08 to 2012-08-08 ))))))))))))))))))))))))))))))

.

.

2012-08-08 07:58 . 2012-07-16 00:41 6891424 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{6A022832-EFF8-4BE4-B0FD-A679377F9B45}\mpengine.dll

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\naam\Application Data\Malwarebytes

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-08-07 14:46 . 2012-08-07 14:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-07 14:46 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-07 10:27 . 2012-08-07 10:27 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard

2012-08-07 10:11 . 2012-08-08 11:26 -------- d--h--r- c:\documents and settings\naam\Onlangs geopend

2012-08-07 09:48 . 2012-08-07 09:48 -------- d-----w- c:\program files\Microsoft Security Client

2012-07-27 23:10 . 2012-07-27 23:10 -------- d-----w- c:\windows\system32\C2MP

2012-07-19 18:56 . 2012-07-19 18:56 1114624 ----a-w- c:\windows\system32\LAVVideo.ax

2012-07-19 18:56 . 2012-07-19 18:56 399360 ----a-w- c:\windows\system32\LAVSplitter.ax

2012-07-19 18:56 . 2012-07-19 18:56 233472 ----a-w- c:\windows\system32\LAVAudio.ax

2012-07-19 18:56 . 2012-07-19 18:56 274944 ----a-w- c:\windows\system32\IntelQuickSyncDecoder.dll

2012-07-19 18:56 . 2012-07-19 18:56 172544 ----a-w- c:\windows\system32\libbluray.dll

2012-07-19 18:56 . 2012-07-19 18:56 6894331 ----a-w- c:\windows\system32\avcodec-lav-54.dll

2012-07-19 18:56 . 2012-07-19 18:56 401685 ----a-w- c:\windows\system32\swscale-lav-2.dll

2012-07-19 18:56 . 2012-07-19 18:56 232895 ----a-w- c:\windows\system32\avutil-lav-51.dll

2012-07-19 18:56 . 2012-07-19 18:56 162743 ----a-w- c:\windows\system32\avfilter-lav-3.dll

2012-07-19 18:56 . 2012-07-19 18:56 1111581 ----a-w- c:\windows\system32\avformat-lav-54.dll

2012-07-19 18:56 . 2012-07-19 18:56 101820 ----a-w- c:\windows\system32\avresample-lav-0.dll

2012-07-17 08:35 . 2012-07-17 08:35 3978240 ----a-w- c:\windows\system32\ffmpeg.dll

2012-07-17 08:34 . 2012-07-17 08:34 112640 ----a-w- c:\windows\system32\ff_vfw.dll

2012-07-17 08:34 . 2012-07-17 08:34 3479552 ----a-w- c:\windows\system32\ffdshow.ax

2012-07-17 08:33 . 2012-07-17 08:33 271360 ----a-w- c:\windows\system32\TomsMoComp_ff.dll

2012-07-17 08:33 . 2012-07-17 08:33 99840 ----a-w- c:\windows\system32\ff_wmv9.dll

2012-07-17 08:33 . 2012-07-17 08:33 157184 ----a-w- c:\windows\system32\ff_unrar.dll

2012-07-17 08:33 . 2012-07-17 08:33 211968 ----a-w- c:\windows\system32\ff_libdts.dll

2012-07-17 08:33 . 2012-07-17 08:33 1525760 ----a-w- c:\windows\system32\ff_samplerate.dll

2012-07-17 08:33 . 2012-07-17 08:33 147456 ----a-w- c:\windows\system32\ff_libmad.dll

2012-07-17 08:33 . 2012-07-17 08:33 114688 ----a-w- c:\windows\system32\ff_liba52.dll

2012-07-17 08:33 . 2012-07-17 08:33 330240 ----a-w- c:\windows\system32\ff_libfaad2.dll

2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Common Files\Apple

2012-07-13 20:23 . 2012-07-13 20:23 -------- d-----w- c:\program files\Apple Software Update

2012-07-13 08:01 . 2012-07-13 08:01 -------- d-----w- c:\program files\uTorrent

2012-07-10 21:02 . 2012-07-11 13:13 -------- d-----w- c:\program files\GridinSoft Trojan Killer

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-02 16:44 . 2012-03-31 17:39 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-02 16:44 . 2011-07-07 18:59 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-17 21:15 . 2012-06-17 21:15 198144 ----a-w- c:\windows\system32\spdif_test.exe

2012-06-17 21:14 . 2012-06-17 21:14 97792 ----a-w- c:\windows\system32\ac3config.exe

2012-06-17 21:14 . 2012-06-17 21:14 1021440 ----a-w- c:\windows\system32\ac3filter_intl.dll

2012-06-17 21:12 . 2012-06-17 21:12 1406976 ----a-w- c:\windows\system32\ac3filter.ax

2012-06-17 21:10 . 2012-06-17 21:10 276992 ----a-w- c:\windows\system32\BugTrap.dll

2012-06-17 21:10 . 2012-06-17 21:10 965120 ----a-w- c:\windows\system32\ac3filter.acm

2012-06-13 13:55 . 2009-01-03 14:15 1866240 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:49 . 2009-01-27 20:35 1372672 ------w- c:\windows\system32\msxml6.dll

2012-06-05 15:49 . 2006-04-10 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2009-01-03 14:15 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2009-01-02 21:32 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2006-09-27 15:27 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2006-09-27 15:27 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2006-09-27 15:27 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2006-10-30 13:05 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2006-09-27 15:27 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2006-09-27 15:27 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2006-04-10 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2009-01-02 21:32 15896 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2006-09-27 15:27 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2009-01-02 21:32 24088 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2006-09-27 15:27 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:19 . 2009-05-13 08:45 18160 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-06-02 13:18 . 2009-05-13 08:45 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 13:18 . 2005-05-26 03:19 214256 ----a-w- c:\windows\system32\muweb.dll

2012-05-31 13:22 . 2006-04-10 12:00 602624 ----a-w- c:\windows\system32\crypt32.dll

2012-05-31 10:25 . 2012-07-08 09:59 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-05-26 16:15 . 2012-05-26 16:15 440832 ----a-w- c:\windows\system32\FLVSplitter.ax

2012-05-26 16:15 . 2012-05-26 16:15 377344 ----a-w- c:\windows\system32\cdxareader.ax

2012-05-16 15:09 . 2006-04-10 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-12 22:42 . 2012-05-12 22:42 146432 ----a-w- c:\windows\system32\avutil-51.dll

2012-05-12 22:42 . 2012-05-12 22:42 1272320 ----a-w- c:\windows\system32\avcodec-53.dll

2012-05-11 14:44 . 2006-04-10 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:44 . 2006-04-10 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:39 . 2006-04-10 12:00 385024 ----a-w- c:\windows\system32\html.iec

2012-07-27 23:03 . 2011-05-01 18:43 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-08-07_23.09.12 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-08-08 11:38 . 2012-08-08 11:38 16384 c:\windows\Temp\Perflib_Perfdata_88.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-04-28 68856]

"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 204288]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]

"HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-07-28 188416]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-05-18 1311312]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-10-08 16744256]

"NvMediaCenter"="NvMCTray.dll" [2011-10-08 203072]

"nwiz"="c:\program files\NVIDIA Corporation\nview\nwiz.exe" [2011-10-08 1632360]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]

.

c:\documents and settings\naam\Menu Start\Programma's\Opstarten\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]

2010-05-06 09:29 64592 ----a-w- c:\program files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^naam^Menu Start^Programma's^Opstarten^ctfmon.lnk]

path=c:\documents and settings\naam\Menu Start\Programma's\Opstarten\ctfmon.lnk

backup=c:\windows\pss\ctfmon.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^naam^Menu Start^Programma's^Opstarten^OneNote 2007 Schermopname en Snel starten.lnk]

path=c:\documents and settings\naam\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

backup=c:\windows\pss\OneNote 2007 Schermopname en Snel starten.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

2012-02-20 19:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantOn]

2006-06-21 15:29 93640 ------w- c:\program files\CyberLink\PowerCinema Linux\ion_install.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]

2006-05-18 10:29 49152 ----a-w- c:\program files\Home Cinema\PowerDVD\Language\Language.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2006-01-12 15:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-04-18 18:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2008-11-17 15:08 17676288 ----a-w- c:\windows\RTHDCPL.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"LightScribeService"=2 (0x2)

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

.

R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [12/06/2010 15:39 10448]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/08/2012 16:46 655944]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [17/12/2011 16:45 2253120]

R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [30/10/2006 11:14 1105664]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/08/2012 16:46 22344]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [17/12/2011 16:30 119656]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [28/01/2009 0:42 47360]

R3 WsAudio_DeviceS(1);WsAudio_DeviceS(1);c:\windows\system32\drivers\WsAudio_DeviceS(1).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(2);WsAudio_DeviceS(2);c:\windows\system32\drivers\WsAudio_DeviceS(2).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(3);WsAudio_DeviceS(3);c:\windows\system32\drivers\WsAudio_DeviceS(3).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(4);WsAudio_DeviceS(4);c:\windows\system32\drivers\WsAudio_DeviceS(4).sys [27/10/2010 13:15 25704]

R3 WsAudio_DeviceS(5);WsAudio_DeviceS(5);c:\windows\system32\drivers\WsAudio_DeviceS(5).sys [27/10/2010 13:15 25704]

R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [30/10/2006 11:22 7040]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]

S2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]

S3 APL531;OVT Scanner;c:\windows\system32\drivers\ov550i.sys [31/07/2006 14:44 580992]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/02/2010 20:59 135664]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/04/2012 18:28 113120]

S3 uxddrv;Dynamically loaded UxdDrv;\??\c:\documents and settings\naam\Bureaublad\WinStress Pro\uxddrv.sys --> c:\documents and settings\guy vanzieleghem\Bureaublad\WinStress Pro\uxddrv.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2010-07-21 10:20 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]

.

2012-08-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 18:59]

.

2012-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005Core.job

- c:\documents and settings\naam\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]

.

2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071409926-97419054-2703505791-1005UA.job

- c:\documents and settings\guy vanzieleghem\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-02 12:59]

.

2012-08-08 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

2012-08-08 c:\windows\Tasks\MpIdleTask.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 15:03]

.

2012-08-07 c:\windows\Tasks\OGADaily.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

2012-08-08 c:\windows\Tasks\OGALogon.job

- c:\windows\system32\OGAVerify.exe [2008-12-31 15:04]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

uInternet Settings,ProxyOverride = *.local

uInternet Settings,ProxyServer = socks=127.0.0.1:38771

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 195.130.131.133 195.130.130.5

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} - hxxp://photoservice.fujicolor.eu/ips-opdata/objects/jordan.cab

DPF: {3CA45906-EF10-4E4E-9BE4-B444D220FCB0} - hxxp://ua.foto.com/ImageUploader6.cab

FF - ProfilePath - c:\documents and settings\naam\Application Data\Mozilla\Firefox\Profiles\edpdrpq8.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.google.be/webhp?client=firefox-a&rls=org.mozilla:nl:official&channel=s&hl=nl&source=hp&btnG=Google+zoeken

FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B7183295e-73aa-4c22-b248-f51db1593aff%7D&mid=e0973a4daf625d5a84a627e5afc9488c-06ce4fc639803a2e3563922518183d8e94088cb9&ds=AVG&v=11.0.0.10〈=nl&pr=fr&d=2012-07-11%2015%3A25%3A33&sap=ku&q=

FF - prefs.js: network.proxy.type - 4

FF - user.js: network.cookie.cookieBehavior - 0

FF - user.js: privacy.clearOnShutdown.cookies - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: security.warn_viewing_mixed.show_once - false

FF - user.js: security.warn_submit_insecure - false

FF - user.js: security.warn_submit_insecure.show_once - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-08-08 13:39

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(520)

c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

.

- - - - - - - > 'explorer.exe'(172)

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll

c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL

c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_dut.nlr

c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\windows\system32\nvsvc32.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\progra~1\COMMON~1\X10\Common\x10nets.exe

c:\windows\ehome\mcrdsvc.exe

c:\program files\Windows Media Player\WMPNetwk.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\RunDLL32.exe

c:\windows\eHome\ehmsas.exe

c:\program files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

c:\windows\system32\dllhost.exe

.

**************************************************************************

.

Voltooingstijd: 2012-08-08 13:45:23 - machine werd herstart

ComboFix-quarantined-files.txt 2012-08-08 11:45

ComboFix2.txt 2012-08-08 07:48

ComboFix3.txt 2012-08-07 23:11

.

Pre-Run: 37.400.662.016 bytes beschikbaar

Post-Run: 37.220.954.112 bytes beschikbaar

.

- - End Of File - - 6C61B4D1349F9DC0485E922C2E20F21A

Ccleaner laten lopen (die gebruik ik al regelmatig), gaf niks terug van AVG problemen.

Heb wel een map teruggevonden onder de 'alle gebruikers', en deze voorlopig in de prullenbak gezet.

Kan dit de hapering zijn die bleef hangen?

Nog eens scan laten uitvoeren door MSE, ik kreeg geen meldingen meer van Trojans.

Kan ik er dan van uitgaan dat problemen van de baan zijn, of kijk ik nog verder iets na?

[kape]

Lijkt er heel sterk op dat de problemen van de baan zijn : dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht/Programma’s en bestanden zoeken en typ daar: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). In XP doe je dit via Start -> Configuratiescherm -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

Indien dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

[guyzzmo]

perfect verlopen, alles lijkt normaal te werken. Snelheid hapert nog beetje.

Kreeg bij verwijderen combofix wel de melding opnieuw dat AVG nog actief stond.

Ik heb de remover van AVG afgehaald, mogelijk is het hiermee verwijderd

Alvast bedankt voor de deskundige hulp en begeleiding