Jade
-
Items
20 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Jade
-
-
Hoi Mako,
Alle scans en het verwijderen is gelukt. Probleem is alleen dat het logbestand van de fix nu ook verwijderd is. Of kan ik die nog ergens terugvinden?
Groetjes!
-
Hallo Mako!
Sorry het wilde eerst niet lukken en toen had ik een hele poos geen tijd (druk druk druk). Ik kwam erachter dat de nieuw gedownloade EmiSoft scanner nog aan stond. Het is in elk geval nu wel gelukt.
Hierbij het logbestand.
-
-
Hierbij de logbestanden (van de AdwCleaner waren er twee opgeslagen, ik heb beide toegevoegd)
-
Beste Mako,
Bedankt voor je uitgebreide antwoord. Ik snap inderdaad dat er geen eenduidig antwoord voor is, maar hier heb ik zeker wat aan!
Ik hoop dat ie nog wat te versnellen valt. Bedankt voor de hulp!
Groetjes!
-
Bedankt voor de snelle reactie. Zie bijlage voor het logbestand.
-
Voor mijn studie heb ik mijn laptop hard nodig, maar hij is tegenwoordig zo langzaam dat ik hem bijna niet meer kan gebruiken. Ik heb de computer nu bijna 4 jaar, het is een Acer met Windows 7. Ik vraag me af hoe lang je het beste een computer kan hebben voordat hij aan vervanging toe is? Daarnaast hoop ik door middel van dit forum erachter te komen waarom de computer zo traag is geworden? Ik hoop dat jullie mij hierbij kunnen helpen. Het zou fantastisch zijn!
Groetjes
-
Yes, allemaal gelukt! Nogmaals bedankt! Voel me erg opgelucht!
Groetjes,
Emmy!
-
Nee volgens mij is het weg! Is daarmee alles opgelost? Echt heel erg bedankt!
Nog één vraagje, als ik een nieuwe virusscanner wil, moet ik dus McAffee verwijderen?
Groetjes
-
# AdwCleaner v3.010 - Report created 28/10/2013 at 16:43:27
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Emmy - EMMY-PC
# Running from : C:\Users\Emmy\Desktop\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4pc
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Savings Sidekick_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_inkscape_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_inkscape_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_logosmartz-logo-maker-software_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_logosmartz-logo-maker-software_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin(1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-media-player-plugin_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\smartbar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Tutorials
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Savings Sidekick
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\qone8Software
Key Deleted : HKLM\Software\Softonic
Key Deleted : HKLM\Software\Tuto4PC
Key Deleted : HKLM\Software\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSysControl
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16720
-\\ Mozilla Firefox v24.0 (nl)
[ File : C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js ]
*************************
AdwCleaner[R0].txt - [8268 octets] - [28/10/2013 16:37:26]
AdwCleaner[s0].txt - [7918 octets] - [28/10/2013 16:43:27]
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7978 octets] ##########
-
Zoek.exe Version 4.0.0.5 Updated 26-October-2013
Tool run by Emmy on ma 28-10-2013 at 15:26:25,54.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Emmy\Desktop\zoek.exe [script inserted] [Checkboxes used]
==== Older Logs ======================
C:\zoek-results2013-10-28-151039.log 4685 bytes
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\Emmy\AppData\Roaming\Publish Providers deleted successfully
C:\Users\Emmy\AppData\Local\PackageAware deleted successfully
==== Creating Sample_28-10-2013_1539.zip ======================
Copied file C:\ProgramData\MxlfprbVJsBCd.exe to sample\MxlfprbVJsBCd.exe
Copied file C:\ProgramData\YTYuWibiySyhLX.exe to sample\YTYuWibiySyhLX.exe
sample\MxlfprbVJsBCd.exe renamed to D41D8CD98F00B204E9800998ECF8427E
sample\YTYuWibiySyhLX.exe renamed to D41D8CD98F00B204E9800998ECF8427E
C:\Users\Public\Desktop\sample_28-10-2013_1539.zip created successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{0124123D-61B4-456f-AF86-78C53A0790C5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVKService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVKService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVKProxy deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AVKProxy deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVKProxy deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AVKProxy deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVKWCtl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVKWCtl deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\GDFwSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\GDFwSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\GDScan deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GDScan deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\GDScan deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\GDScan deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\WsysSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WsysSvc deleted successfully
==== FireFox Fix ======================
Deleted from C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js:
user_pref("browser.search.useDBForOrder", "false");
Added to C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\prefs.js:
ProfilePath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_28-10-2013_1540_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"G Data AntiVirus Tray Application"=-
"GDFirewallTray"=-
==== Deleting Files \ Folders ======================
C:\ProgramData\eSafe deleted
C:\ProgramData\IBUpdaterService deleted
C:\Users\Emmy\Downloads\SoftonicDownloader_voor_inkscape.exe deleted
C:\Users\Emmy\Downloads\SoftonicDownloader_voor_windows-media-player-plugin(1).exe deleted
C:\Users\Emmy\Downloads\SoftonicDownloader_voor_windows-media-player-plugin.exe deleted
C:\Users\Emmy\AppData\LocalLow\Softonic deleted
C:\Users\Emmy\AppData\LocalLow\Smartbar deleted
C:\Windows\wininit.ini deleted
C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\searchplugins\Web Search.xml deleted
C:\ProgramData\MxlfprbVJsBCd.exe deleted
C:\ProgramData\YTYuWibiySyhLX.exe deleted
"C:\Program Files (x86)\Common Files\G Data\ObjBrwse.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\ObjBrwse64.dll" not deleted
"C:\PROGRA~2\tuto4pc_pt_28\tuto4pc_pt_28.exe" deleted
"C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\ASK\GDASpam.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwsc64.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\MiniIcpt2X64.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\SysIcptx64.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Common\AVKRes.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.dll" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.exe" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvc.dac" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GdFwSvc.dat" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtRes.exe" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSys.dat" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\InitInstx64.exe" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dac" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dat" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dac" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dat" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcpt2x64.dll" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcptX64.dll" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dac" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dat" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dac" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dat" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\SqLiteGDx64.dll" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap32.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKIM.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\avksmtp.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\BehaviourService64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\BehaviourServiceResources64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\FileBlSrv.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\FileBlSrv64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdDeepAnalyse64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\gdwfpcd.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\GeoIP.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\SecSrv.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\AVKScanP.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\AvkScanPx64.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\GDScan\AVKScanPS.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\aswEngLdrOem.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1\avxdisk.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1\bdcore.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\acshort.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\algo.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCleanerDLL.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnBS.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnIS.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnOS.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswEngin.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswFiDb.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRawFS.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRep.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswScan.dll" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\certs.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_as.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_el.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_evope.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_ob2.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe2.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe3.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_sql.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_tx.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_u.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_wh2.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_xtn.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_d.txt" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_i.txt" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\lshe3.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_idx.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_nmp.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_dst.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_src.dat" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf.bin" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf1.bin" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_idx.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_nmp.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_idx.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_nmp.map" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\whitelist.db" not deleted
"C:\Program Files (x86)\G Data" not deleted
"C:\Program Files (x86)\Common Files\G Data" not deleted
"C:\PROGRA~2\tuto4pc_pt_28" deleted
"C:\Users\Emmy\AppData\Local\tuto4pc_pt_28" deleted
"C:\Program Files (x86)\G Data\InternetSecurity" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\ASK" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVK" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Common" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall" not deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Shredder" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKProxy" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP" not deleted
"C:\Program Files (x86)\Common Files\G Data\GDScan" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\BD1" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs" not deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000" not deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Emmy\AppData\Local\Temp ====
2013-10-26 23:29:36 B4F54911FD477012FDABF5EF7EFAA945 1706064 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\eGdpSvc.exe
2013-10-26 23:29:36 530F2D77C7F116FA0BD2A110C254F718 694864 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\help.exe
2013-10-17 19:06:40 3C9C391E565D6A7418964C9E9D146CD9 457296 ------w- C:\Users\Emmy\AppData\Local\Temp\is2095933935\199609084_stp\cor_ar_qone8.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-10-28 14:56:56 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe
2013-10-28 14:56:46 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe
2013-10-28 14:56:46 9B0B14B405E0EDF76B5F5E31A49EB753 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-28 14:56:46 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\SysWOW64\java.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-10-09 23:08:32 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-09 23:07:38 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-09 23:07:38 1F775DA4CF1A3A1834207E975A72E9D7 185344 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys
2013-10-09 23:07:29 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-09 23:07:29 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-09 22:47:38 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys
2013-10-09 22:47:28 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-09 22:47:28 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys
2013-10-09 22:44:26 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
2013-10-28 15:26:46 B4B4661FCD9823E9F902E60EA9A0F8C5 3100 ----a-w- C:\Windows\Sysnative\Tasks\{7C7B3737-5FC7-412B-B209-0C26306896C2}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-27 12:29:45 -------- d-----w- C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2013-10-28 14:58:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2013-10-28 14:56:30 -------- d-----w- C:\PROGRA~2\Java
======= C: =====
====== C:\Users\Emmy\AppData\Roaming ======
2013-10-28 14:38:09 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun
2013-10-26 23:29:49 -------- d-----w- C:\Users\Emmy\AppData\Local\Programs
====== C:\Users\Emmy ======
2013-10-28 14:56:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-10-28 14:30:30 40644BE06A1E87CF268EE8C33E921702 915368 ----a-w- C:\Users\Emmy\Downloads\jxpiinstall.exe
2013-10-27 12:28:21 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Emmy\Downloads\RSITx64.exe
2013-10-26 23:29:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TUTO4PC
2013-10-26 23:28:47 1C48841E422DF02EE4A9F785FE00FCD6 611648 ----a-w- C:\Users\Emmy\Downloads\le-fabuleux-destin-damelie-poulain-eng-4781112.exe
2013-10-09 20:56:23 -------- d-----w- C:\Users\Emmy\5-10 km
====== C: exe-files ==
2013-10-28 15:24:23 464692C94730F7234BE3C24A72141B00 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$ID9R3F2.exe
2013-10-28 15:23:47 AE2A651D96799156164C61C8189ACB5F 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RD9R3F2.exe
2013-10-28 15:21:09 03E88119CEA4BAB37ABCF6BA2BB6B0D1 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IA7WYPN.exe
2013-10-28 15:07:57 98A481677CA3EFC70DBBD17E646B6A7C 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RWCN002\Z-Analyse.exe
2013-10-28 15:06:17 98A481677CA3EFC70DBBD17E646B6A7C 1269248 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RA7WYPN.exe
2013-10-28 14:56:34 CE10E75E10EB6952A7D813FA587EC632 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2013-10-28 14:56:34 CC27986F45EF9FD700BC347355B002B3 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2013-10-28 14:56:34 CBFE91C51D4FA69FE9D140ABEB7E51DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2013-10-28 14:56:34 80A79264302910C7C24BA7E44267EFEF 182696 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2013-10-28 14:56:34 7F55715977ECF32633857F16980F008E 52648 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2013-10-28 14:56:34 7814B0A3E6FE8FFF31B7108D16FC4591 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2013-10-28 14:56:34 738AF811C60870FB218D47C628D350AA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2013-10-28 14:56:34 707BFE32E04720B9D50562669A30F86C 49064 ----a-w- C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2013-10-28 14:56:34 5FA3FFE74E893E8A9443C2CF3DFA7A64 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2013-10-28 14:56:34 5721DA732075E01569A287767CBCFA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\klist.exe
2013-10-28 14:56:34 555651269833A415E1F9E594E8DD829F 146344 ----a-w- C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2013-10-28 14:56:34 54A30377949D4984EE72C5510C58B83D 16296 ----a-w- C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2013-10-28 14:56:34 464358DE0429ABB319DFE3F5E5C85F77 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2013-10-28 14:56:34 3FB1EAAB3CD35126D1F3B9A0A5B7B2DC 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2013-10-28 14:56:34 15EBB4D4B54FCE42D8CB116145BB7EBA 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2013-10-28 14:56:33 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2013-10-28 14:56:33 A9743D2D69B80800FEA5F24E7C4B02B3 48040 ----a-w- C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2013-10-28 14:56:33 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2013-10-28 14:56:33 83D790AA563347A026771D50E3D07A9B 66984 ----a-w- C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2013-10-28 14:56:33 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java.exe
2013-10-28 14:56:33 2F7EBCD8FB6557997F0583508FFFE6B1 15784 ----a-w- C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2013-10-28 14:40:31 D6B709CB3C1FBE805DE8961F572A971C 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$I4KK3C8.exe
2013-10-28 14:31:32 40644BE06A1E87CF268EE8C33E921702 915368 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$R4KK3C8.exe
2013-10-27 12:29:45 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Emmy.exe
2013-10-26 23:29:36 B4F54911FD477012FDABF5EF7EFAA945 1706064 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\eGdpSvc.exe
2013-10-26 23:29:36 530F2D77C7F116FA0BD2A110C254F718 694864 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\help.exe
=== C: other files ==
2013-10-28 15:24:23 C3BA2BD8148F4E13BAF4B35832BBA7FE 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$I0HHZV1.zip
2013-10-28 15:24:23 358AB50FDB0DB39ABA1E898197363F45 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IZ63PNU.com
2013-10-28 15:23:46 D836D31D211FC1109A40490CE1995516 1393061 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RZ63PNU.com
2013-10-28 15:14:58 1D483F455EB8FEE959A17ED1979416F6 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$IIWZIR0.zip
2013-10-28 15:14:26 A299BC2E273DEAF8D7741FE0D3BC38EF 4035542 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$R0HHZV1.zip
2013-10-28 15:02:13 88F31293B1362217F718D7786E90A6A7 2521086 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2201282206-2562182534-352421686-1001\$RIWZIR0.zip
2013-10-28 14:56:35 0A35B7026416325DE4A3EEC131F6EE2C 18636 ----a-w- C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
2013-10-26 23:29:38 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DG9T4I63\1.1.6.6[1].crx
2013-10-26 23:29:38 2D0E258C08354FA84E5CB5D312B8E83F 416279 ----a-w- C:\Users\Emmy\AppData\Local\Temp\eIntaller\2F56CC494CA241ca97A65BA32FE6DEFB\newtab.crx
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-21-2201282206-2562182534-352421686-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"WebDriveTray"="C:\Program Files\WebDrive\webdrive.exe /trayicon"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"Dolby Advanced Audio v2"="C:\Dolby PCEE4\pcee4.exe -autostart"
"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"tuto4pc_pt_28"="C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"upt4pc_pt_28.exe"="C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"WebDriveTray"="C:\Program Files\WebDrive\webdrive.exe /trayicon"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll"
==== Startup Folders ======================
2011-12-15 21:09:16 1051 ----a-w- C:\Users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-01-19 12:55:19 1935 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
2013-01-18 13:28:20 2653 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-10-2013 20:34]
==== Other Scheduled Tasks ======================
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\Windows\SysNative\tasks\{610CF1B8-6945-4F11-81B2-847C255F9A5C}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe]
"C:\Windows\SysNative\tasks\{F035AC8A-7292-42B6-8945-AB9DD91A403F}" [C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" []
==== Firefox Extensions ======================
ProfilePath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- G Data BankGuard - %AppDir%\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
- G Data WebFilter - %AppDir%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897
4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash
7EF7E4C1325D533F5186E7118ABB0E7C - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll - McAfee Security Scanner +
C548328E9DE5EB73350EF292D7140662 - C:\Users\Emmy\Picasa3\npPicasa3.dll - Picasa
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhdepfaagokllfmhfbcfmocaeigmoebo - C:\Users\Emmy\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx[]
==== Chrome Fix ======================
C:\Users\Emmy\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dhdepfaagokllfmhfbcfmocaeigmoebo_0 deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{30C03312-7964-4677-8F81-FC0845ADE690} Google Url="http://www.google.nl/search?hl=nl&q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully
==== HijackThis Entries ======================
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - Unknown owner - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe (file missing)
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Emmy\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Emmy\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Emmy\AppData\Local\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\Cache emptied successfully
==== Empty Chrome Cache ======================
No Chrome Cache found
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Emmy\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Program Files (x86)\Common Files\G Data\ObjBrwse64.dll" deleted
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.dll" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwAdmin.exe" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvc.dac" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GdFwSvc.dat" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtRes.exe" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSys.dat" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\InitInstx64.exe" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dac" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\LiveStrm.dat" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dac" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Modules.dat" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcpt2x64.dll" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\PktIcptX64.dll" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dac" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Portinfo.dat" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dac" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\Protocol.dat" not found
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\SqLiteGDx64.dll" not found
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\GeoIP.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\acshort.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\algo.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCleanerDLL.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnBS.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnIS.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswCmnOS.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswEngin.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswFiDb.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRawFS.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswRep.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\aswScan.dll" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\certs.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_as.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dex.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_dyna.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_el.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elf.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_elfa.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_evope.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_java.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_js.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx4.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_mx95.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_o7.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_ob2.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe2.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_pe3.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_sql.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_swf.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_tx.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_u.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_w6.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_wh2.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\db_xtn.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_d.txt" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\list_i.txt" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\lshe3.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_idx.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\l_nmp.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_dst.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sc_src.dat" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf.bin" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\Sf1.bin" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_idx.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\sl_nmp.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_idx.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\s_nmp.map" deleted
"C:\Program Files (x86)\Common Files\G Data\AVKScanP\Avast5\defs\12092000\whitelist.db" deleted
"C:\Program Files (x86)\G Data" not found
"C:\Program Files (x86)\Common Files\G Data" deleted
==== EOF on ma 28-10-2013 at 15:59:19,90 ======================
-
Bedankt voor de snelle reactie. Ik heb inderdaad twee scanners. Alleen beide scanners zijn verlopen en niet meer actief. Na dit opgelost te hebben wil ik waarschijnlijk McAfee verlengen. Gdata mag dus wat mij betreft weg.
Hierbij de Log:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Emmy at 2013-10-27 12:29:44
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 262 GB (57%) free of 461 GB
Total RAM: 3948 MB (34% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:29:55, on 27-10-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe
C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Emmy.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"
O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe
--
End of file - 14603 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe"
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe"
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 37713520
C:\ProgramData\eSafe\eGdpSvc.exe
\??\C:\Windows\system32\conhost.exe "-1757915117-705199051478481944192383376227072009683521270916130325732115442648
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe"
"C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}"
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\WebDrive\wdService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 2416
"C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe" -Embedding
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"taskhost.exe"
taskeng.exe {4FE8A9AF-28BF-4B5B-A7FE-963287F02CC0}
"C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"
"C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe" -runhelper
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\WebDrive\WebDrive.exe" /trayicon
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe"
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\DOLBY PCEE4\pcee4.exe" -autostart
"C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\Emmy\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe18_ Global\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897
prefs.js - "browser.search.useDBForOrder" - "false"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Users\Emmy\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.117 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32]
"Description"=
"Path"=C:\Windows\system32\npdeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{906305f7-aafc-45e9-8bbd-941950a84dad}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
NPOFF12.DLL
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\
{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
C:\Users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\searchplugins\
firefox-add-ons.xml
Web Search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll [2011-06-22 634376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
Snap.DoEngine - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-04 351008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-04 53536]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0124123D-61B4-456f-AF86-78C53A0790C5}]
G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll [2011-06-22 577544]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL [2010-12-20 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA3295CF-17ED-4F49-9E95-D999A0ADBFDC}]
G Data BankGuard - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll [2011-08-10 52216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIEx64.dll [2011-06-22 634376]
{ae07101b-46d4-4a98-af68-0333ea26e113} - Snap.Do - C:\Windows\system32\mscoree.dll [2010-11-21 444752]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0124123D-61B4-456f-AF86-78C53A0790C5} - G Data WebFilter - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll [2011-06-22 577544]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-05-09 168216]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-05-09 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-05-09 416024]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-07-29 2280232]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-10 11785832]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-03-09 2189416]
"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-05-10 1831528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-10-11 1140736]
"WebDriveTray"=C:\Program Files\WebDrive\webdrive.exe [2010-05-25 2442328]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [2010-09-14 283160]
"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2010-09-28 340336]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-09-17 407920]
"EgisUpdate"=C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [2010-09-17 201584]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-01 1155928]
"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-03-09 297280]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-03-14 1081424]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2011-02-03 506712]
"ArcadeMovieService"=C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [2011-02-18 177448]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-18 421736]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"G Data AntiVirus Tray Application"=C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [2011-09-22 1012232]
"GDFirewallTray"=C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [2011-09-22 1619976]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"tuto4pc_pt_28"=C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe [2013-10-11 3989488]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"upt4pc_pt_28.exe"=C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe [2013-10-11 3154416]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
vpngui.exe.lnk - C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe
C:\Users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-04-15 385024]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2013-03-20 247296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2012-08-16 6670496]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL [2012-08-16 4171424]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2013-10-27 12:29:45 ----D---- C:\Program Files\trend micro
2013-10-27 12:29:44 ----D---- C:\rsit
2013-10-26 23:30:00 ----D---- C:\ProgramData\eSafe
2013-10-26 23:29:52 ----D---- C:\Program Files (x86)\tuto4pc_pt_28
2013-10-18 16:26:34 ----D---- C:\Program Files\McAfee Security Scan
2013-10-11 13:19:37 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-10-11 13:19:36 ----A---- C:\Windows\system32\ieui.dll
2013-10-11 13:19:35 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-10-11 13:19:34 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-10-11 13:19:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-10-11 13:19:34 ----A---- C:\Windows\system32\iesetup.dll
2013-10-11 13:19:34 ----A---- C:\Windows\system32\iernonce.dll
2013-10-11 13:19:32 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-10-11 13:19:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-10-11 13:19:32 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-11 13:19:32 ----A---- C:\Windows\system32\iesysprep.dll
2013-10-11 13:19:32 ----A---- C:\Windows\system32\ie4uinit.exe
2013-10-11 13:19:31 ----A---- C:\Windows\system32\iertutil.dll
2013-10-11 13:19:29 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-10-11 13:19:29 ----A---- C:\Windows\system32\msfeeds.dll
2013-10-11 13:19:28 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-10-11 13:19:28 ----A---- C:\Windows\system32\jscript.dll
2013-10-11 13:19:27 ----A---- C:\Windows\system32\jscript9.dll
2013-10-11 13:19:26 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-10-11 13:19:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-10-11 13:19:24 ----A---- C:\Windows\system32\urlmon.dll
2013-10-11 13:19:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-10-11 13:19:22 ----A---- C:\Windows\system32\jsproxy.dll
2013-10-11 13:19:21 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-10-11 13:19:20 ----A---- C:\Windows\system32\wininet.dll
2013-10-11 13:19:19 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-10-11 13:19:18 ----A---- C:\Windows\system32\ieframe.dll
2013-10-11 13:19:15 ----A---- C:\Windows\system32\mshtml.dll
2013-10-11 13:19:12 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-10-09 23:26:31 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2013-10-09 23:26:31 ----A---- C:\Windows\system32\comctl32.dll
2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\lpk.dll
2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-10-09 23:13:47 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-10-09 23:13:47 ----A---- C:\Windows\system32\lpk.dll
2013-10-09 23:13:47 ----A---- C:\Windows\system32\fontsub.dll
2013-10-09 23:13:47 ----A---- C:\Windows\system32\dciman32.dll
2013-10-09 23:13:47 ----A---- C:\Windows\system32\atmlib.dll
2013-10-09 23:13:47 ----A---- C:\Windows\system32\atmfd.dll
2013-10-09 23:08:32 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-10-09 23:07:38 ----A---- C:\Windows\system32\drivers\usbvideo.sys
2013-10-09 23:07:38 ----A---- C:\Windows\system32\drivers\usbcir.sys
2013-10-09 23:07:29 ----A---- C:\Windows\system32\drivers\hidparse.sys
2013-10-09 23:07:29 ----A---- C:\Windows\system32\drivers\hidclass.sys
2013-10-09 22:47:38 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2013-10-09 22:47:38 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2013-10-09 22:47:38 ----A---- C:\Windows\system32\WebClnt.dll
2013-10-09 22:47:38 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2013-10-09 22:47:38 ----A---- C:\Windows\system32\davclnt.dll
2013-10-09 22:47:28 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2013-10-09 22:47:28 ----A---- C:\Windows\system32\mswsock.dll
2013-10-09 22:47:28 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-10-09 22:47:28 ----A---- C:\Windows\system32\drivers\afd.sys
2013-10-09 22:47:10 ----A---- C:\Windows\system32\win32k.sys
2013-10-09 22:47:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-10-09 22:47:05 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-10-09 22:47:04 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-10-09 22:47:04 ----A---- C:\Windows\system32\advapi32.dll
2013-10-09 22:47:03 ----A---- C:\Windows\SYSWOW64\tdh.dll
2013-10-09 22:47:03 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2013-10-09 22:47:03 ----A---- C:\Windows\system32\wow64.dll
2013-10-09 22:47:03 ----A---- C:\Windows\system32\tdh.dll
2013-10-09 22:47:03 ----A---- C:\Windows\system32\ntdll.dll
2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\user.exe
2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-10-09 22:47:02 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2013-10-09 22:44:41 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 22:44:41 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-09 22:44:26 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2013-10-09 22:44:19 ----A---- C:\Windows\system32\scavengeui.dll
======List of files/folders modified in the last 1 month======
2013-10-27 12:29:56 ----D---- C:\Windows\Prefetch
2013-10-27 12:29:51 ----D---- C:\Windows\Temp
2013-10-27 12:29:45 ----RD---- C:\Program Files
2013-10-27 12:29:43 ----D---- C:\Users\Emmy\AppData\Roaming\Dropbox
2013-10-27 12:28:53 ----D---- C:\Windows\system32\config
2013-10-27 12:01:35 ----D---- C:\Windows\System32
2013-10-27 12:01:34 ----D---- C:\Windows\inf
2013-10-27 12:01:34 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-10-27 11:58:27 ----A---- C:\Windows\SYSWOW64\log.txt
2013-10-27 11:56:27 ----D---- C:\ProgramData\clear.fi
2013-10-27 01:05:08 ----D---- C:\Users\Emmy\AppData\Roaming\Skype
2013-10-26 23:30:00 ----D---- C:\ProgramData
2013-10-26 23:29:52 ----RD---- C:\Program Files (x86)
2013-10-26 22:35:31 ----SHD---- C:\System Volume Information
2013-10-18 21:15:38 ----SHD---- C:\Windows\Installer
2013-10-18 21:15:37 ----D---- C:\ProgramData\Skype
2013-10-18 21:15:34 ----RD---- C:\Program Files (x86)\Skype
2013-10-18 16:15:38 ----D---- C:\Windows\Microsoft.NET
2013-10-18 16:15:00 ----RSD---- C:\Windows\assembly
2013-10-14 21:07:48 ----D---- C:\Windows\winsxs
2013-10-14 21:06:45 ----D---- C:\Program Files\Microsoft Silverlight
2013-10-14 21:06:43 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-10-13 23:57:09 ----D---- C:\Windows\system32\catroot2
2013-10-13 23:55:58 ----D---- C:\Windows\SysWOW64
2013-10-13 23:55:53 ----D---- C:\Program Files (x86)\Internet Explorer
2013-10-13 23:55:48 ----D---- C:\Program Files\Internet Explorer
2013-10-13 23:55:46 ----D---- C:\Windows\system32\drivers
2013-10-13 23:55:36 ----D---- C:\Windows\AppPatch
2013-10-13 23:55:06 ----D---- C:\Windows\system32\DriverStore
2013-10-11 20:44:49 ----D---- C:\Users\Emmy\AppData\Roaming\Spotify
2013-10-11 14:07:18 ----D---- C:\Windows\rescache
2013-10-11 13:24:02 ----D---- C:\ProgramData\Microsoft Help
2013-10-11 13:20:11 ----D---- C:\Windows\system32\catroot
2013-10-11 13:08:51 ----D---- C:\Windows\system32\MRT
2013-10-11 13:03:28 ----A---- C:\Windows\system32\MRT.exe
2013-10-11 12:56:48 ----D---- C:\Windows\system32\nl-NL
2013-10-09 20:34:59 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys [2011-10-27 50552]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-09-14 437272]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-23 59728]
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys [2011-10-27 110968]
R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys [2011-10-27 65912]
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys [2011-10-07 106488]
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys [2011-10-27 51576]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-06-08 22912]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-06-08 20328]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-06-08 62584]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
R2 WebDriveFSD;WebDrive Filesystem Driver; \??\C:\Program Files\WebDrive\wdfsd.sys [2010-05-25 118872]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\drivers\b57xdbd.sys [2011-01-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\drivers\b57xdmp.sys [2011-01-21 19496]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-03-01 4720704]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\drivers\bScsiMSa.sys [2011-01-20 52264]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [2011-10-27 59256]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-04-15 12228128]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-15 2814952]
R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]
R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-03-10 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-07-29 1383472]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-03-10 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 GdNetMon;G Data Network Monitor; \??\C:\Windows\system32\drivers\GdNetMon64.sys [2011-09-21 31448]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Apple Mobile Device;Mobiel Apple apparaat; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-09-22 1500680]
R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2011-09-22 464392]
R2 AVKWCtl;G Data Bestandssysteembewaker; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2011-05-26 1929104]
R2 Bonjour Service;Bonjour-service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-01 2804568]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-03-09 257344]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 WebDriveService;WebDrive Service; C:\Program Files\WebDrive\wdService.exe [2010-05-25 2156120]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R2 WsysSvc;Wsys Service; C:\ProgramData\eSafe\eGdpSvc.exe [2013-10-26 1706064]
R3 GDFwSvc;G Data Personal Firewall; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2011-08-10 1556816]
R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2011-09-22 448008]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-18 934760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-28 655624]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 288776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2012-09-20 30785672]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-17 118680]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
-----------------EOF-----------------
-
Beste pc-helpmedewerker,
Na het verkeerd downloaden van een bestand op internet, heb ik last van opeens verschijnende reclames en dat soort praktijken.
Het gebeurt wel alleen als ik Mozilla Firefox gebruik.
Ik heb een HiJackthisLog gemaakt en hoop dat u me kan helpen. Alvast bedankt.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:12:07, on 27-10-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16720)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe
C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O3 - Toolbar: (no name) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - (no file)
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tuto4pc_pt_28] "C:\Program Files (x86)\tuto4pc_pt_28\tuto4pc_pt_28.exe"
O4 - HKLM\..\RunOnce: [upt4pc_pt_28.exe] C:\Users\Emmy\AppData\Local\tuto4pc_pt_28\upt4pc_pt_28.exe -runonce
O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Emmy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [WebDriveTray] C:\Program Files\WebDrive\webdrive.exe /trayicon
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: vpngui.exe.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WebDrive Service (WebDriveService) - South River Technologies, LLC - C:\Program Files\WebDrive\wdService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe
--
End of file - 14987 bytes
-
Heel erg bedankt!
-
Volgens mij zijn de linkjes weg! Super! Betekent dat dat het opgelost is?
-
ComboFix 12-10-29.01 - Emmy 29-10-2012 10:18:39.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.2162 [GMT 1:00]
Gestart vanuit: c:\users\Emmy\Desktop\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Emmy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: G Data InternetSecurity 2012 *Disabled/Outdated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: G Data InternetSecurity 2012 *Disabled/Outdated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"C:\user.js"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\McAfee Security Scan
c:\program files (x86)\McAfee Security Scan\3.0.207\AVScanComponent.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\AVScanner.ini
c:\program files (x86)\McAfee Security Scan\3.0.207\avvclean.dat
c:\program files (x86)\McAfee Security Scan\3.0.207\avvnames.dat
c:\program files (x86)\McAfee Security Scan\3.0.207\avvscan.dat
c:\program files (x86)\McAfee Security Scan\3.0.207\config.dat
c:\program files (x86)\McAfee Security Scan\3.0.207\ftconfig.ini
c:\program files (x86)\McAfee Security Scan\3.0.207\McAfee.ico
c:\program files (x86)\McAfee Security Scan\3.0.207\mcbrwsr2.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
c:\program files (x86)\McAfee Security Scan\3.0.207\MCCompHostConfig.ini
c:\program files (x86)\McAfee Security Scan\3.0.207\mcscan32.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\mcuicnt.exe
c:\program files (x86)\McAfee Security Scan\3.0.207\McUpdater.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\sa_cache_sqlite.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\sa_http_win32.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\sa_mbl.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\sa_store_sqlite.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\sacore.db
c:\program files (x86)\McAfee Security Scan\3.0.207\sacore.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\sacoredata\uds_filetypes.txt
c:\program files (x86)\McAfee Security Scan\3.0.207\sacoredata\uds_hosting.txt
c:\program files (x86)\McAfee Security Scan\3.0.207\sacoredata\uds_tlds.txt
c:\program files (x86)\McAfee Security Scan\3.0.207\SecurityScanner.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\SecurityScanner_LD.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\signlic.txt
c:\program files (x86)\McAfee Security Scan\3.0.207\sqlite3.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\SSCustom_LD.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
c:\program files (x86)\McAfee Security Scan\3.0.207\WebInfoScanner.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\WMIScanner.dll
c:\program files (x86)\McAfee Security Scan\3.0.207\WmiScanner.ini
c:\program files (x86)\McAfee Security Scan\uninstall.exe
c:\program files (x86)\Softonic
c:\program files (x86)\Softonic\Softonic\1.6.7.4\escortShld.dll
c:\program files (x86)\Softonic\Softonic\1.6.7.4\SoftonicApp.dll
c:\program files (x86)\Softonic\Softonic\1.6.7.4\SoftonicEng.dll
c:\program files (x86)\Softonic\Softonic\1.6.7.4\Softonicsrv.exe
c:\program files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll
c:\program files (x86)\Softonic\Softonic\1.6.7.4\uninstall.exe
c:\program files\AVAST Software
c:\program files\AVAST Software\Avast\1043\aswClnTg.htm
c:\program files\AVAST Software\Avast\1043\aswClnTg.txt
c:\program files\AVAST Software\Avast\1043\aswInfTg.htm
c:\program files\AVAST Software\Avast\1043\aswInfTg.txt
c:\program files\AVAST Software\Avast\1043\Avast5_1043.chm
c:\program files\AVAST Software\Avast\1043\Base.dll
c:\program files\AVAST Software\Avast\1043\Boot.dll
c:\program files\AVAST Software\Avast\1043\uiLangRes.dll
c:\program files\AVAST Software\Avast\Aavm4h.dll
c:\program files\AVAST Software\Avast\AavmRpch.dll
c:\program files\AVAST Software\Avast\AavmRpch64.dll
c:\program files\AVAST Software\Avast\AhAScr.dll
c:\program files\AVAST Software\Avast\AhResBhv.dll
c:\program files\AVAST Software\Avast\AhResJs.dll
c:\program files\AVAST Software\Avast\AhResMai.dll
c:\program files\AVAST Software\Avast\AhResMes.dll
c:\program files\AVAST Software\Avast\AhResNS.dll
c:\program files\AVAST Software\Avast\AhResP2P.dll
c:\program files\AVAST Software\Avast\AhResStd.dll
c:\program files\AVAST Software\Avast\AhResWS.dll
c:\program files\AVAST Software\Avast\ashBase.dll
c:\program files\AVAST Software\Avast\ashMaiSv.dll
c:\program files\AVAST Software\Avast\ashQuick.exe
c:\program files\AVAST Software\Avast\ashServ.dll
c:\program files\AVAST Software\Avast\ashShA64.dll
c:\program files\AVAST Software\Avast\ashShell.dll
c:\program files\AVAST Software\Avast\ashTask.dll
c:\program files\AVAST Software\Avast\ashTaskEx.dll
c:\program files\AVAST Software\Avast\ashUpd.exe
c:\program files\AVAST Software\Avast\ashWebSv.dll
c:\program files\AVAST Software\Avast\ashWsFtr.dll
c:\program files\AVAST Software\Avast\asOutExt.dll
c:\program files\AVAST Software\Avast\asOutExt64.dll
c:\program files\AVAST Software\Avast\aswAra.dll
c:\program files\AVAST Software\Avast\aswAraSr.exe
c:\program files\AVAST Software\Avast\aswAux.dll
c:\program files\AVAST Software\Avast\aswChLic.exe
c:\program files\AVAST Software\Avast\aswCmnBS.dll
c:\program files\AVAST Software\Avast\aswCmnIS.dll
c:\program files\AVAST Software\Avast\aswCmnOS.dll
c:\program files\AVAST Software\Avast\aswData.dll
c:\program files\AVAST Software\Avast\aswDld.dll
c:\program files\AVAST Software\Avast\aswEngLdr.dll
c:\program files\AVAST Software\Avast\aswIdle.dll
c:\program files\AVAST Software\Avast\aswJsFlt.dll
c:\program files\AVAST Software\Avast\aswJsFlt64.dll
c:\program files\AVAST Software\Avast\aswLog.dll
c:\program files\AVAST Software\Avast\aswMonDS.sys
c:\program files\AVAST Software\Avast\aswMonVD.dll
c:\program files\AVAST Software\Avast\aswnseng.dll
c:\program files\AVAST Software\Avast\aswnsf.dll
c:\program files\AVAST Software\Avast\aswProperty.dll
c:\program files\AVAST Software\Avast\aswRegSvr.exe
c:\program files\AVAST Software\Avast\aswRegSvr64.exe
c:\program files\AVAST Software\Avast\aswRunDll.exe
c:\program files\AVAST Software\Avast\aswSidebar.gadget
c:\program files\AVAST Software\Avast\aswSqLt.dll
c:\program files\AVAST Software\Avast\aswStrm.dll
c:\program files\AVAST Software\Avast\aswUtil.dll
c:\program files\AVAST Software\Avast\aswW8ntf.dll
c:\program files\AVAST Software\Avast\aswWebRepIE.dll
c:\program files\AVAST Software\Avast\aswWebRepIE64.dll
c:\program files\AVAST Software\Avast\AvastEmUpdate.exe
c:\program files\AVAST Software\Avast\AvastGUIProxy.dll
c:\program files\AVAST Software\Avast\AvastGUIProxy64.dll
c:\program files\AVAST Software\Avast\avastSS.dll
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\AvastUI.exe
c:\program files\AVAST Software\Avast\AvSSHook.dll
c:\program files\AVAST Software\Avast\CommonRes.dll
c:\program files\AVAST Software\Avast\defs\12102801\acshort.map
c:\program files\AVAST Software\Avast\defs\12102801\algo.dll
c:\program files\AVAST Software\Avast\defs\12102801\algo64.dll
c:\program files\AVAST Software\Avast\defs\12102801\ArPot.dll
c:\program files\AVAST Software\Avast\defs\12102801\aspColl.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswAR.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswBoot.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswBoot64.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswCleanerDLL.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswCmnBS.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswCmnIS.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswCmnIS64.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswCmnOS.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswEngin.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswFiDb.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswRawFS.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswRawFS64.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswRep.dll
c:\program files\AVAST Software\Avast\defs\12102801\aswScan.dll
c:\program files\AVAST Software\Avast\defs\12102801\certs.map
c:\program files\AVAST Software\Avast\defs\12102801\db_as.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_bhv.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_bhv.map
c:\program files\AVAST Software\Avast\defs\12102801\db_dex.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_dex.map
c:\program files\AVAST Software\Avast\defs\12102801\db_dsql.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_dsql.map
c:\program files\AVAST Software\Avast\defs\12102801\db_dyna.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_dyna.map
c:\program files\AVAST Software\Avast\defs\12102801\db_el.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_elf.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_elf.map
c:\program files\AVAST Software\Avast\defs\12102801\db_elfa.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_elfa.map
c:\program files\AVAST Software\Avast\defs\12102801\db_evope.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_java.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_java.map
c:\program files\AVAST Software\Avast\defs\12102801\db_js.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_js.map
c:\program files\AVAST Software\Avast\defs\12102801\db_mx4.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_mx4.map
c:\program files\AVAST Software\Avast\defs\12102801\db_mx95.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_mx95.map
c:\program files\AVAST Software\Avast\defs\12102801\db_o7.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_o7.map
c:\program files\AVAST Software\Avast\defs\12102801\db_ob2.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_pe2.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_pe3.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_swf.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_swf.map
c:\program files\AVAST Software\Avast\defs\12102801\db_tx.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_u.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_w6.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_w6.map
c:\program files\AVAST Software\Avast\defs\12102801\db_wh2.dat
c:\program files\AVAST Software\Avast\defs\12102801\db_xtn.map
c:\program files\AVAST Software\Avast\defs\12102801\def.ini
c:\program files\AVAST Software\Avast\defs\12102801\dllcc.dat
c:\program files\AVAST Software\Avast\defs\12102801\exts.dll
c:\program files\AVAST Software\Avast\defs\12102801\fwAux.dll
c:\program files\AVAST Software\Avast\defs\12102801\l_idx.map
c:\program files\AVAST Software\Avast\defs\12102801\l_nmp.map
c:\program files\AVAST Software\Avast\defs\12102801\list_d.txt
c:\program files\AVAST Software\Avast\defs\12102801\list_i.txt
c:\program files\AVAST Software\Avast\defs\12102801\lshe3.map
c:\program files\AVAST Software\Avast\defs\12102801\prodproc.bin
c:\program files\AVAST Software\Avast\defs\12102801\s_idx.map
c:\program files\AVAST Software\Avast\defs\12102801\s_nmp.map
c:\program files\AVAST Software\Avast\defs\12102801\sc_dst.dat
c:\program files\AVAST Software\Avast\defs\12102801\sc_src.dat
c:\program files\AVAST Software\Avast\defs\12102801\Sf.bin
c:\program files\AVAST Software\Avast\defs\12102801\Sf1.bin
c:\program files\AVAST Software\Avast\defs\12102801\sl_idx.map
c:\program files\AVAST Software\Avast\defs\12102801\sl_nmp.map
c:\program files\AVAST Software\Avast\defs\12102801\spmdb.dat
c:\program files\AVAST Software\Avast\defs\12102801\uiext.dll
c:\program files\AVAST Software\Avast\defs\12102801\whitelist.db
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000000.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000001.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000002.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000003.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000004.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000005.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000006.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000007.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000008.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000009.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000a.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000b.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000c.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000d.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000000.bin
c:\program files\AVAST Software\Avast\defs\aswdefs.ini
c:\program files\AVAST Software\Avast\flash\amcharts_key.txt
c:\program files\AVAST Software\Avast\flash\amline.swf
c:\program files\AVAST Software\Avast\flash\ammap\ammap.swf
c:\program files\AVAST Software\Avast\flash\ammap\ammap_key.txt
c:\program files\AVAST Software\Avast\flash\ammap\ammap_settings_summary.xml
c:\program files\AVAST Software\Avast\flash\ammap\ammap_settings_tracert.xml
c:\program files\AVAST Software\Avast\flash\ammap\empty_map.xml
c:\program files\AVAST Software\Avast\flash\ammap\icons\arrow.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\bubble.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\cross.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\flag.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\pin.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\zoom_out.swf
c:\program files\AVAST Software\Avast\flash\ammap\maps\world.swf
c:\program files\AVAST Software\Avast\License\EULA_Avast_Free.txt
c:\program files\AVAST Software\Avast\sched.exe
c:\program files\AVAST Software\Avast\screenhooks32.dll
c:\program files\AVAST Software\Avast\Setup\ais_core-4c3.vpx
c:\program files\AVAST Software\Avast\Setup\ais_dll_dut-3bd.vpx
c:\program files\AVAST Software\Avast\Setup\ais_res-40a.vpx
c:\program files\AVAST Software\Avast\Setup\ais_x64-56a.vpx
c:\program files\AVAST Software\Avast\Setup\Components.ini
c:\program files\AVAST Software\Avast\Setup\history.ini
c:\program files\AVAST Software\Avast\Setup\INF\Aavmker4.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswKbd.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswMon.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswMon2.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys
c:\program files\AVAST Software\Avast\Setup\INF\AswRdr.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswSnx.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswSP.sys
c:\program files\AVAST Software\Avast\Setup\INF\AswTdi.sys
c:\program files\AVAST Software\Avast\Setup\INF\whql_x64\aswnet.cat
c:\program files\AVAST Software\Avast\Setup\INF\whql_x64\aswnet.inf
c:\program files\AVAST Software\Avast\Setup\INF\whql_x64\aswRdr2.cat
c:\program files\AVAST Software\Avast\Setup\INF\whql_x64\aswRdr2.inf
c:\program files\AVAST Software\Avast\Setup\INF\whql_x64\x64\aswnet.sys
c:\program files\AVAST Software\Avast\Setup\INF\whql_x64\x64\aswRdr2.sys
c:\program files\AVAST Software\Avast\Setup\INF\whql_x86\aswnet.cat
c:\program files\AVAST Software\Avast\Setup\INF\whql_x86\aswnet.inf
c:\program files\AVAST Software\Avast\Setup\INF\whql_x86\AswRdr2.cat
c:\program files\AVAST Software\Avast\Setup\INF\whql_x86\AswRdr2.inf
c:\program files\AVAST Software\Avast\Setup\INF\whql_x86\x86\aswnet.sys
c:\program files\AVAST Software\Avast\Setup\INF\whql_x86\x86\AswRdr2.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\Aavmker4.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswFsBlk.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswKbd.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswMon2.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswMonFlt.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswRdr.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswSnx.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswSP.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswTdi.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe
c:\program files\AVAST Software\Avast\Setup\jrog-a7.vpx
c:\program files\AVAST Software\Avast\Setup\jrog2-629.vpx
c:\program files\AVAST Software\Avast\Setup\part-jrog-a7.vpx
c:\program files\AVAST Software\Avast\Setup\part-jrog2-629.vpx
c:\program files\AVAST Software\Avast\Setup\part-prg_ais-5c1.vpx
c:\program files\AVAST Software\Avast\Setup\part-setup_ais-5c1.vpx
c:\program files\AVAST Software\Avast\Setup\part-vps_win32-12102801.vpx
c:\program files\AVAST Software\Avast\Setup\prod-ais.vpx
c:\program files\AVAST Software\Avast\Setup\servers.def
c:\program files\AVAST Software\Avast\Setup\servers.def.lkg
c:\program files\AVAST Software\Avast\Setup\servers.def.vpx
c:\program files\AVAST Software\Avast\Setup\setif_ais-5c1.vpx
c:\program files\AVAST Software\Avast\Setup\setiface.dll
c:\program files\AVAST Software\Avast\Setup\setiface.ovr
c:\program files\AVAST Software\Avast\Setup\settings.ori
c:\program files\AVAST Software\Avast\Setup\setup.ini
c:\program files\AVAST Software\Avast\Setup\setup.log
c:\program files\AVAST Software\Avast\Setup\setup.ovr
c:\program files\AVAST Software\Avast\Setup\setup_ais-5c1.vpx
c:\program files\AVAST Software\Avast\Setup\summary.txt
c:\program files\AVAST Software\Avast\Setup\vps_32-933.vpx
c:\program files\AVAST Software\Avast\Setup\vps_win32-946.vpx
c:\program files\AVAST Software\Avast\Setup\vps_win64-5d6.vpx
c:\program files\AVAST Software\Avast\Setup\winsys-6.vpx
c:\program files\AVAST Software\Avast\snxhk.dll
c:\program files\AVAST Software\Avast\snxhk64.dll
c:\program files\AVAST Software\Avast\VisthAux.exe
c:\program files\AVAST Software\Avast\WebRep\Chrome\AswWebRepChrome.crx
c:\program files\AVAST Software\Avast\WebRep\Chrome\AswWebRepChrome.ver
c:\program files\AVAST Software\Avast\WebRep\FF\chrome.manifest
c:\program files\AVAST Software\Avast\WebRep\FF\content\about.xul
c:\program files\AVAST Software\Avast\WebRep\FF\content\dateFormat.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\jquery.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\avastwrc.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\dateFormat.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\jquery-1.5.2.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\jquery.1.8.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\jquery.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\pbj.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\protobuf.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\query.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\libs\wrc_gpb.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\log.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\overlay.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\overlay.xul
c:\program files\AVAST Software\Avast\WebRep\FF\content\pbj.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\protobuf.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\query.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\ratings.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\rules.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\wrc_gpb.js
c:\program files\AVAST Software\Avast\WebRep\FF\defaults\preferences\pref.js
c:\program files\AVAST Software\Avast\WebRep\FF\install.rdf
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\skin\avast_logo.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\background-body.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\background-sitecorrect.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\close.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey0-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey0-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jp
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\close.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\green1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\green2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\green3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\grey.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\orange1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\orange2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\orange3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\red1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\red2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\red3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jp
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jp
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\logo.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\overlay.css
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-header.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-bottom.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-top.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-right.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\bg-window.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\Button-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\button-middle.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\close-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\close.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-bottom.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-top.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-bottom.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-top.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corporate.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\drugs.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\gambling.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green1-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green2-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green3-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey-0.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line-white.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\icon_incorrect.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\illegal.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\it.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\kenny.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\limet-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\limet-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\limet.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\line-dark-horizontal.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\line-light-horizontal.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\logo.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\news.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\orange-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\orange-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\orange.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\****ography-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\****ography-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\****ography.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-1-108.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red1-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red2-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red3-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\shopping.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\social.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\vertical-line.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\violence.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\Warning.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\window-wrc.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\wrc ico 16x16px a 24x24px.zip
c:\program files\AVAST Software\Avast\WebRep\Opera\wrc.oex
c:\program files\AVAST Software\Avast\WebRep\Safari\wrc.safariextz
c:\programdata\McAfee Security Scan
c:\programdata\McAfee Security Scan\ftstate.ini
C:\user.js
c:\users\Emmy\AppData\Local\Smartbar
c:\users\Emmy\AppData\Local\Smartbar\Application\0Extension.crx
c:\users\Emmy\AppData\Local\Smartbar\Application\1Extension.crx
c:\users\Emmy\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\BrowserHelper.exe
c:\users\Emmy\AppData\Local\Smartbar\Application\BrowserHelper.exe.config
c:\users\Emmy\AppData\Local\Smartbar\Application\Configs\QueryParameters.xml
c:\users\Emmy\AppData\Local\Smartbar\Application\Configs\XmlSideBySideProtocol.xml
c:\users\Emmy\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome.manifest
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\externalJS.js
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FBImagePreview.js
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.css
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.js
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.xul
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-1.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-2.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-3.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\fb.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\fblike.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\gmail.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-1.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-2.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-3.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\left.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-1.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-2.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-3.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\mgsplusvideo.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-1.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-2.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-3.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\pinit.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\right.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-1.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-2.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-3.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\twitter.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-1.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-2.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-3.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\InternalJS.js
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\jquery-1.5.1.min.js
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\publisherDefinitions.js
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo_small.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo128.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\SnapDo16.png
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\ISmartbarFireFoxRemotePlugin.xpt
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_10.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_11.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_12.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_13.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_14.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_15.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_16.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_5.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_6.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_7.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_8.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_9.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\helperbar@helperbar.com\install.rdf
c:\users\Emmy\AppData\Local\Smartbar\Application\IEButton.png
c:\users\Emmy\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Interop.WMPLib.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Microsoft.mshtml.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Common.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Microsoft.Practices.ObjectBuilder.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\NDde.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\RegAsm.exe
c:\users\Emmy\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.BrowserHelperUtils.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\SmartbarInstallationIcon.ico
c:\users\Emmy\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll
c:\users\Emmy\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe
c:\users\Emmy\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.config
c:\users\Emmy\AppData\Local\Smartbar\Application\SnapDo.exe
c:\users\Emmy\AppData\Local\Smartbar\Application\SnapDo.exe.config
c:\users\Emmy\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\Configs\UserInfo.xml
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00c.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00cPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABE.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307f.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2C.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Chover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6eba.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8f.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876F.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cd.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212E.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580de.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29B.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7b.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00cpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABE.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BC.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BChover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BCpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2C.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Chover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBE.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBEHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBEPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066B.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1.PNG
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1HOVER.PNG
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1PRESS.PNG
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876F.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cd.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212E.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29B.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aef.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefHover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefPress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.ico
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\youtube.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\youtubehover.png
c:\users\Emmy\AppData\Local\Smartbar\Common\iconsWide\youtubepress.png
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.UninstallProductsPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll
c:\users\Emmy\AppData\Local\Smartbar\DistributionFiles\Configs\IconsSettings.xml
c:\users\Emmy\AppData\Local\Smartbar\DistributionFiles\Configs\LocalMethods.xml
c:\users\Emmy\AppData\Local\Smartbar\DistributionFiles\Configs\ProfileManager.xml
c:\users\Emmy\AppData\Local\Smartbar\DistributionFiles\Configs\PublisherSettings.xml
c:\users\Emmy\AppData\Local\Smartbar\DistributionFiles\Configs\UserSettings.xml
c:\users\Emmy\AppData\Local\Smartbar\DistributionFiles\Profiles\126BDF16-CA6D-4A3A-B278-347ED37364C6.xml
c:\users\Emmy\AppData\Local\Smartbar\SnapDo.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.2.0.0\user.config
c:\users\Emmy\AppData\Roaming\OpenCandy
c:\users\Emmy\AppData\Roaming\OpenCandy\B58A646177E645EB9715B0D2BCEDF4C1\TuneUpUtilities2013-2200257-p2v1.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ASWFSBLK
-------\Legacy_ASWMONFLT
-------\Legacy_ASWSNX
-------\Legacy_ASWSP
-------\Service_aswFsBlk
-------\Service_aswMonFlt
-------\Service_aswSnx
-------\Service_aswSP
-------\Service_McComponentHostService
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-29 ))))))))))))))))))))))))))))))
.
.
2012-10-29 09:40 . 2012-10-29 09:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-28 10:01 . 2012-10-28 10:01 -------- d-----w- c:\users\Emmy\AppData\Roaming\Malwarebytes
2012-10-28 10:00 . 2012-10-28 10:00 -------- d-----w- c:\programdata\Malwarebytes
2012-10-28 10:00 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-28 10:00 . 2012-10-28 10:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-27 20:08 . 2012-10-23 10:18 364096 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-27 20:08 . 2012-10-23 10:18 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-27 20:08 . 2012-10-23 10:18 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-27 20:08 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-27 20:08 . 2012-10-23 10:18 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-27 20:08 . 2012-10-23 10:18 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-27 20:08 . 2012-10-23 10:17 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-27 20:07 . 2012-10-23 10:17 41224 ----a-w- c:\windows\avastSS.scr
2012-10-27 20:07 . 2012-10-23 10:17 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-27 20:07 . 2012-10-27 20:07 -------- d-----w- c:\programdata\AVAST Software
2012-10-27 19:10 . 2012-10-27 19:10 388096 ----a-r- c:\users\Emmy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-27 19:10 . 2012-10-27 19:10 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-26 14:25 . 2012-10-26 14:25 -------- d-----w- c:\programdata\IBUpdaterService
2012-10-26 14:25 . 2012-10-26 14:25 -------- d-----w- c:\users\Emmy\AppData\Roaming\inkscape
2012-10-26 14:19 . 2012-10-26 14:24 -------- d-----w- c:\program files (x86)\Inkscape
2012-10-26 09:07 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3688C115-CF82-4BF2-BF18-164F6BC097EB}\mpengine.dll
2012-10-11 08:57 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-11 08:57 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-11 08:57 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-11 08:57 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-11 08:55 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-11 08:55 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-11 08:55 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 08:55 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-11 08:55 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 08:55 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 08:55 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 08:55 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-11 08:55 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-11 08:55 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 08:39 . 2012-10-05 10:19 -------- d-----w- c:\users\Emmy\wekafiles
2012-10-04 08:38 . 2012-10-04 08:38 544032 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-04 08:38 . 2012-10-04 08:38 525600 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-04 08:38 . 2012-10-04 08:38 191264 ----a-w- c:\windows\system32\javaws.exe
2012-10-04 08:38 . 2012-10-04 08:38 172320 ----a-w- c:\windows\system32\javaw.exe
2012-10-04 08:38 . 2012-10-04 08:38 172320 ----a-w- c:\windows\system32\java.exe
2012-10-04 08:38 . 2012-10-04 08:38 -------- d-----w- c:\program files\Java
2012-10-04 08:36 . 2012-10-04 08:39 -------- d-----w- c:\program files\Weka-3-7
2012-10-04 07:26 . 2012-10-04 07:26 -------- d-----w- c:\users\Emmy\AppData\Local\Macromedia
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 20:32 . 2011-09-02 11:15 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-08 20:05 . 2012-04-06 10:18 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-08 20:05 . 2011-08-30 18:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-24 11:15 . 2012-09-26 21:20 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-26 21:20 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-26 21:20 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-26 21:20 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-26 21:20 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-26 21:20 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-26 21:20 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-26 21:20 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-26 21:20 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-26 21:20 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-26 21:20 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-26 21:20 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-26 21:20 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-26 21:20 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-26 21:20 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-26 21:20 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-26 21:20 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-26 21:20 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-26 21:20 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-26 21:20 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-26 21:20 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-26 21:20 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:54 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:55 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:54 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:54 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:03 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-11 08:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 11:55 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 11:55 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-03-09 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-02-03 506712]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-02-18 177448]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2011-09-22 1012232]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2011-09-22 1619976]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon64.sys [2011-09-21 31448]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-10-27 50552]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-10-27 110968]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2011-10-27 65912]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-10-07 106488]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-10-27 51576]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-06-08 22912]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-06-08 20328]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-06-08 62584]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-09-22 1500680]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2011-09-22 464392]
S2 AVKWCtl;G Data Bestandssysteembewaker;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2011-05-26 1929104]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-03-09 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\drivers\b57xdbd.sys [2011-01-21 67624]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\drivers\b57xdmp.sys [2011-01-21 19496]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\drivers\bScsiMSa.sys [2011-01-20 52264]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2011-08-10 1556816]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-10-27 59256]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2011-09-22 448008]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
Inhoud van de 'Gedeelde Taken' map
.
2012-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 20:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 416024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-09 2189416]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 131.180.0.25 131.180.0.26
FF - ProfilePath - c:\users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - ExtSQL: 2012-10-14 16:00; {906305f7-aafc-45e9-8bbd-941950a84dad}; c:\program files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
FF - ExtSQL: 2012-10-14 16:00; {9AA46F4F-4DC7-4c06-97AF-5035170633FE}; c:\program files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
FF - ExtSQL: 2012-10-23 12:45; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-10-26 16:25; crossriderapp5060@crossrider.com; c:\users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\crossriderapp5060@crossrider.com
FF - ExtSQL: 2012-10-27 22:08; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-avast - c:\program files\AVAST Software\Avast\avastUI.exe
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - c:\program files\AVAST Software\Avast\ashShA64.dll
AddRemove-avast - c:\program files\AVAST Software\Avast\aswRunDll.exe
AddRemove-Eusing Free Registry Cleaner - c:\progra~2\EUSING~1\UNWISE.EXE
AddRemove-McAfee Security Scan - c:\program files (x86)\McAfee Security Scan\uninstall.exe
AddRemove-Savings Sidekick - c:\program files (x86)\Savings Sidekick\Uninstall.exe
AddRemove-Softonic - c:\program files (x86)\Softonic\Softonic\1.6.7.4\uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Voltooingstijd: 2012-10-29 10:53:41 - machine werd herstart
ComboFix-quarantined-files.txt 2012-10-29 09:53
.
Pre-Run: 355.571.134.464 bytes beschikbaar
Post-Run: 355.140.026.368 bytes beschikbaar
.
- - End Of File - - E3C3AD7283DEDDDDD5E888787D361DD7
-
Ik weet niet of het goed gegaan is, omdat sommige antivirusprogramma's na een tijdje weer inschakelden. Helaas zijn de rare linkjes nog niet weg. Hier is het logje:
ComboFix 12-10-26.05 - Emmy 28-10-2012 19:48:41.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3948.1832 [GMT 1:00]
Gestart vanuit: c:\users\Emmy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: G Data InternetSecurity 2012 *Disabled/Outdated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: G Data InternetSecurity 2012 *Disabled/Outdated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Savings Sidekick
c:\program files (x86)\Savings Sidekick\ButtonUtil.dll
c:\program files (x86)\Savings Sidekick\Savings Sidekick-bg.exe
c:\program files (x86)\Savings Sidekick\Savings Sidekick.exe
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ico
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ini
c:\program files (x86)\Savings Sidekick\Savings SidekickInstaller.log
c:\program files (x86)\Savings Sidekick\Uninstall.exe
c:\programdata\FullRemove.exe
c:\programdata\Simio
c:\programdata\Simio\Server.lic
c:\programdata\Simio\Simio.Settings
c:\users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\{092EAE8B-B8C0-423F-83C4-87E1E3721EDF}.xps
c:\users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\{26DDA1D7-982B-44E9-9D3B-46A5B52872B3}.xps
c:\users\Emmy\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EBD343D8-9EF0-4DB8-A509-F5BF6D9213A6}.xps
c:\users\Emmy\AppData\Local\Savings Sidekick
c:\users\Emmy\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx
c:\users\Emmy\AppData\Roaming\Microsoft\Protect\s32.txt
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NVSvc
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-28 ))))))))))))))))))))))))))))))
.
.
2012-10-28 19:33 . 2012-10-28 19:33 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3688C115-CF82-4BF2-BF18-164F6BC097EB}\offreg.dll
2012-10-28 19:19 . 2012-10-28 19:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-28 19:19 . 2012-10-28 19:19 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-10-28 10:01 . 2012-10-28 10:01 -------- d-----w- c:\users\Emmy\AppData\Roaming\Malwarebytes
2012-10-28 10:00 . 2012-10-28 10:00 -------- d-----w- c:\programdata\Malwarebytes
2012-10-28 10:00 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-28 10:00 . 2012-10-28 10:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-27 20:08 . 2012-10-23 10:18 364096 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-27 20:08 . 2012-10-23 10:18 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-27 20:08 . 2012-10-23 10:18 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-27 20:08 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-27 20:08 . 2012-10-23 10:18 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-27 20:08 . 2012-10-23 10:18 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-27 20:08 . 2012-10-23 10:17 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-27 20:07 . 2012-10-23 10:17 41224 ----a-w- c:\windows\avastSS.scr
2012-10-27 20:07 . 2012-10-23 10:17 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-27 20:07 . 2012-10-27 20:07 -------- d-----w- c:\programdata\AVAST Software
2012-10-27 20:07 . 2012-10-27 20:07 -------- d-----w- c:\program files\AVAST Software
2012-10-27 19:10 . 2012-10-27 19:10 388096 ----a-r- c:\users\Emmy\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-27 19:10 . 2012-10-27 19:10 -------- d-----w- c:\program files (x86)\Trend Micro
2012-10-26 14:25 . 2012-10-26 14:25 -------- d-----w- c:\programdata\IBUpdaterService
2012-10-26 14:25 . 2012-10-26 14:25 -------- d-----w- c:\users\Emmy\AppData\Roaming\inkscape
2012-10-26 14:19 . 2012-10-26 14:24 -------- d-----w- c:\program files (x86)\Inkscape
2012-10-26 09:07 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3688C115-CF82-4BF2-BF18-164F6BC097EB}\mpengine.dll
2012-10-23 10:20 . 2012-10-23 10:21 -------- d-----w- c:\users\Emmy\AppData\Local\Smartbar
2012-10-23 10:18 . 2012-10-23 10:18 -------- d-----w- c:\users\Emmy\AppData\Roaming\OpenCandy
2012-10-11 08:57 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-11 08:57 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-11 08:57 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-11 08:57 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-11 08:55 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-11 08:55 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-11 08:55 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-11 08:55 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-11 08:55 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-11 08:55 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-11 08:55 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-11 08:55 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-11 08:55 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-11 08:55 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 08:39 . 2012-10-05 10:19 -------- d-----w- c:\users\Emmy\wekafiles
2012-10-04 08:38 . 2012-10-04 08:38 544032 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-04 08:38 . 2012-10-04 08:38 525600 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-04 08:38 . 2012-10-04 08:38 191264 ----a-w- c:\windows\system32\javaws.exe
2012-10-04 08:38 . 2012-10-04 08:38 172320 ----a-w- c:\windows\system32\javaw.exe
2012-10-04 08:38 . 2012-10-04 08:38 172320 ----a-w- c:\windows\system32\java.exe
2012-10-04 08:38 . 2012-10-04 08:38 -------- d-----w- c:\program files\Java
2012-10-04 08:36 . 2012-10-04 08:39 -------- d-----w- c:\program files\Weka-3-7
2012-10-04 07:26 . 2012-10-04 07:26 -------- d-----w- c:\users\Emmy\AppData\Local\Macromedia
2012-10-04 07:25 . 2012-10-04 07:25 -------- d-----w- c:\programdata\McAfee Security Scan
2012-10-04 07:25 . 2012-10-04 08:40 -------- d-----w- c:\program files (x86)\McAfee Security Scan
2012-10-04 07:18 . 2012-10-04 07:18 109 ----a-w- C:\user.js
2012-10-04 07:18 . 2012-10-04 07:18 -------- d-----w- c:\program files (x86)\Softonic
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-15 20:32 . 2011-09-02 11:15 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-08 20:05 . 2012-04-06 10:18 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-08 20:05 . 2011-08-30 18:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-24 11:15 . 2012-09-26 21:20 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-26 21:20 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-26 21:20 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-26 21:20 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-26 21:20 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-26 21:20 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-26 21:20 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-26 21:20 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-26 21:20 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-26 21:20 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-26 21:20 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-26 21:20 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-26 21:20 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-26 21:20 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-26 21:20 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-26 21:20 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-26 21:20 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-26 21:20 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-26 21:20 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-26 21:20 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-26 21:20 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-26 21:20 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:54 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:55 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:54 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:54 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:03 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-11 08:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 11:55 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 11:55 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 94208 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-09-28 340336]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-09-17 407920]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-09-17 201584]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2011-03-09 297280]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-03-14 1081424]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-02-03 506712]
"ArcadeMovieService"="c:\program files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" [2011-02-18 177448]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-18 421736]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"G Data AntiVirus Tray Application"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2011-09-22 1012232]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2011-09-22 1619976]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-23 4297136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Emmy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2010-09-28 172912]
R3 GdNetMon;G Data Network Monitor;c:\windows\system32\drivers\GdNetMon64.sys [2011-09-21 31448]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-09-01 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-10-27 50552]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-10-27 110968]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys [2011-10-27 65912]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [2011-10-07 106488]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-10-27 51576]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2011-06-08 22912]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2011-06-08 20328]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-06-08 62584]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-23 71600]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2011-09-22 1500680]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2011-09-22 464392]
S2 AVKWCtl;G Data Bestandssysteembewaker;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2011-05-26 1929104]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-03-14 352336]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2011-05-10 872552]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2011-05-26 29696]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2011-01-31 244624]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-03-09 257344]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\drivers\b57xdbd.sys [2011-01-21 67624]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\drivers\b57xdmp.sys [2011-01-21 19496]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\drivers\bScsiMSa.sys [2011-01-20 52264]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-01-14 85544]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2011-08-10 1556816]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-10-27 59256]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [2011-09-22 448008]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2011-01-17 412712]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - ASWSNX
*NewlyCreated* - WS2IFSL
.
Inhoud van de 'Gedeelde Taken' map
.
2012-10-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 20:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-23 10:17 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-12-05 19:17 97792 ----a-w- c:\users\Emmy\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-05-09 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-05-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-05-09 416024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-09 2189416]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2011-05-10 1831528]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
FF - prefs.js: keyword.URL - hxxp://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q=
FF - ExtSQL: 2012-10-14 16:00; {906305f7-aafc-45e9-8bbd-941950a84dad}; c:\program files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
FF - ExtSQL: 2012-10-14 16:00; {9AA46F4F-4DC7-4c06-97AF-5035170633FE}; c:\program files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
FF - ExtSQL: 2012-10-23 12:45; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-10-26 16:25; crossriderapp5060@crossrider.com; c:\users\Emmy\AppData\Roaming\Mozilla\Firefox\Profiles\rk2x3u5n.default-1350988910897\extensions\crossriderapp5060@crossrider.com
FF - ExtSQL: 2012-10-27 22:08; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Eusing Free Registry Cleaner - c:\progra~2\EUSING~1\UNWISE.EXE
AddRemove-Savings Sidekick - c:\program files (x86)\Savings Sidekick\Uninstall.exe
AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\bm_installer.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
c:\program files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
.
**************************************************************************
.
Voltooingstijd: 2012-10-28 21:42:45 - machine werd herstart
ComboFix-quarantined-files.txt 2012-10-28 20:42
.
Pre-Run: 355.545.374.720 bytes beschikbaar
Post-Run: 356.106.121.216 bytes beschikbaar
.
- - End Of File - - 6082D1BE74F8CB2726FC408F51820590
-
Bedankt voor de reactie.
Bij de mbam-scan hoefde ik niet de computer opnieuw op te starten. Hier wel het logje en het hiJackThis log:
Malwarebytes Anti-Malware 1.65.1.1000
Malwarebytes : Free anti-malware download
Databaseversie: v2012.10.28.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Emmy :: EMMY-PC [administrator]
28-10-2012 11:11:36
mbam-log-2012-10-28 (11-11-36).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 227746
Verstreken tijd: 10 minuut/minuten, 14 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 1
HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Data: Savings Sidekick -> Succesvol in quarantaine geplaatst en verwijderd.
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:30:25, on 28-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2201282206-2562182534-352421686-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2201282206-2562182534-352421686-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 15676 bytes
-
Hallo!
Na de downloads van verschillende programma's van internet gebeuren er vreemde dingen op mijn computer. Er komen bv verschillende toolbars (van snap.do en bing?) tevoorschijn en er verschijnen rare linkjes in normale stukjes tekst van internetpagina's. Ik heb geen idee wat ik hiermee moet. Hopelijk kan iemand mij helpen, alvast heel erg bedankt. Mijn HijackThis logje is:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:15:57, on 27-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Users\Emmy\AppData\Local\Smartbar\Application\SnapDo.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Users\Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Bing
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=DownloadX&dpid=DownloadX&co=NL&userid=37d9d4fd-2ca0-412d-8010-4f954b191109&searchtype=ds&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: G Data WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: G Data BankGuard - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G Data\AVKProxy\BanksafeBHO.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: G Data WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\WebFilter\AVKWebIE.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll
O3 - Toolbar: Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [ArcadeMovieService] "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [browser Infrastructure Helper] C:\Users\Emmy\AppData\Local\Smartbar\Application\SnapDo.exe startup
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2201282206-2562182534-352421686-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2201282206-2562182534-352421686-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Startup: 1ea9c16da.dat
O4 - Startup: Dropbox.lnk = Emmy\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Mobiel Apple apparaat (Apple Mobile Device) - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
O23 - Service: G Data Bestandssysteembewaker (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel® Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel® Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17275 bytes
Trage computer
in Archief Windows 7
Geplaatst:
Beste Mako,
Oké heel erg bedankt! Hij is in elk geval een stuk sneller nu, helemaal top
Groetjes!