Ga naar inhoud

Daantjevw

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    14

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Daantjevw

  1. Daantjevw
    Alles gedaan en goed verlopen! Nogmaals bedankt voor je hulp en je geduld!
  2. Daantjevw
    Tot nog toe gaat het goed hier! Ontzettend bedankt voor al je hulp en geduld.
  3. Daantjevw
    # AdwCleaner v3.007 - Report created 16/10/2013 at 00:55:13 # Updated 09/10/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Danielle - DANIELLE-PC001 # Running from : C:\Users\Danielle\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Nation toolbar Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\Partner Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec Folder Deleted : C:\Program Files (x86)\1ClickDownload Folder Deleted : C:\Program Files (x86)\Ask.com Folder Deleted : C:\Program Files (x86)\AVG Nation toolbar Folder Deleted : C:\Program Files (x86)\Babylon Folder Deleted : C:\Program Files (x86)\BrowserCompanion Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com Folder Deleted : C:\Program Files (x86)\myfree codec Folder Deleted : C:\Program Files (x86)\Windows Searchqu Toolbar Folder Deleted : C:\Program Files (x86)\Yontoo Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Folder Deleted : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar Folder Deleted : C:\Program Files\Babylon Folder Deleted : C:\Users\Danielle\AppData\Local\AVG Nation toolbar Folder Deleted : C:\Users\Danielle\AppData\Local\Temp\boost_interprocess Folder Deleted : C:\Users\Danielle\AppData\LocalLow\AVG Nation toolbar Folder Deleted : C:\Users\Danielle\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\Danielle\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Danielle\AppData\Roaming\dvdvideosoftiehelpers Folder Deleted : C:\Users\Danielle\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Nicky!\AppData\Local\Babylon Folder Deleted : C:\Users\Nicky!\AppData\Local\Temp\Babylon Folder Deleted : C:\Users\Nicky!\AppData\Local\Temp\boost_interprocess Folder Deleted : C:\Users\Nicky!\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Nicky!\AppData\LocalLow\SearchquTB Folder Deleted : C:\Users\Nicky!\AppData\Roaming\Babylon Folder Deleted : C:\Users\Nicky!\AppData\Roaming\Bandoo Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\Conduit Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\ConduitCommon Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\SearchquTB Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C} Folder Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\Extensions\ffxtlbr@funmoods.com Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de File Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\Extensions\plugin@yontoo.com.xpi File Deleted : C:\Users\Danielle\AppData\Local\funmoods.crx File Deleted : C:\Users\Danielle\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Babylon.xml File Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\searchplugins\my-web-search.xml File Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\searchplugins\SearchquWebSearch.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchquWebSearch.xml File Deleted : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2117678 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{148DCAEC-C91D-441D-A0E7-519A0673E7F5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F464A68D-1CF2-4991-93AB-A84351D7F676} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F464A68D-1CF2-4991-93AB-A84351D7F676} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{328D6F78-0DBB-4F17-ACD5-26A2EA4EF251} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{98623C86-E768-4C5A-B23B-EE8CE3727CD3} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Key Deleted : HKCU\Software\BrowserCompanion Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\smartbar Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar Key Deleted : HKLM\Software\Bandoo Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16611 Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [searchAssistant] -\\ Mozilla Firefox v24.0 (nl) [ File : C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\prefs.js ] Line Deleted : user_pref("CT2438727..clientLogIsEnabled", false); Line Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); Line Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); Line Deleted : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Line Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Line Deleted : user_pref("CT2438727.CT2438727.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2438727&octid=CT2438727&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_I[...] Line Deleted : user_pref("CT2438727.CTID", "CT2438727"); Line Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0"); Line Deleted : user_pref("CT2438727.ConfigurationLastCheckTime", "Wed Oct 02 2013 00:06:15 GMT+0200"); Line Deleted : user_pref("CT2438727.CurrentServerDate", "2-10-2013"); Line Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR"); Line Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Tue Oct 01 2013 23:32:34 GMT+0200"); Line Deleted : user_pref("CT2438727.DownloadReferralCookieData", ""); Line Deleted : user_pref("CT2438727.FirstServerDate", "11-1-2011"); Line Deleted : user_pref("CT2438727.FirstTime", true); Line Deleted : user_pref("CT2438727.FirstTimeFF3", true); Line Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true); Line Deleted : user_pref("CT2438727.FixPageNotFoundErrors", true); Line Deleted : user_pref("CT2438727.GroupingInvalidateCache", false); Line Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0"); Line Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0"); Line Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440); Line Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Line Deleted : user_pref("CT2438727.HasUserGlobalKeys", true); Line Deleted : user_pref("CT2438727.Initialize", true); Line Deleted : user_pref("CT2438727.InitializeCommonPrefs", true); Line Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3); Line Deleted : user_pref("CT2438727.InstalledDate", "Tue Jan 11 2011 19:35:32 GMT+0100"); Line Deleted : user_pref("CT2438727.InvalidateCache", false); Line Deleted : user_pref("CT2438727.IsGrouping", false); Line Deleted : user_pref("CT2438727.IsMulticommunity", false); Line Deleted : user_pref("CT2438727.IsOpenThankYouPage", true); Line Deleted : user_pref("CT2438727.IsOpenUninstallPage", true); Line Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Wed Oct 02 2013 00:06:14 GMT+0200"); Line Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440); Line Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx"); Line Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Sun Feb 13 2011 00:35:48 GMT+0100"); Line Deleted : user_pref("CT2438727.LastLogin_3.12.0.7", "Tue May 01 2012 23:32:43 GMT+0200"); Line Deleted : user_pref("CT2438727.LastLogin_3.12.2.3", "Wed May 30 2012 19:35:08 GMT+0200"); Line Deleted : user_pref("CT2438727.LastLogin_3.13.0.6", "Wed Jul 18 2012 18:00:36 GMT+0200"); Line Deleted : user_pref("CT2438727.LastLogin_3.14.1.0", "Tue Aug 21 2012 19:40:11 GMT+0200"); Line Deleted : user_pref("CT2438727.LastLogin_3.15.1.0", "Tue Sep 24 2013 22:07:23 GMT+0200"); Line Deleted : user_pref("CT2438727.LastLogin_3.20.0.4", "Wed Oct 02 2013 09:40:20 GMT+0200"); Line Deleted : user_pref("CT2438727.LatestVersion", "3.20.0.4"); Line Deleted : user_pref("CT2438727.Locale", "en"); Line Deleted : user_pref("CT2438727.LoginCache", 4); Line Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83"); Line Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Line Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295"); Line Deleted : user_pref("CT2438727.MyStuffEnabledAtInstallation", true); Line Deleted : user_pref("CT2438727.RadioLastCheckTime", "0"); Line Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0"); Line Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0"); Line Deleted : user_pref("CT2438727.SearchAPILastCheckTime", "Wed Oct 02 2013 00:06:15 GMT+0200"); Line Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1"); Line Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true); Line Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q="); Line Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true); Line Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440); Line Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Tue Sep 24 2013 22:07:22 GMT+0200"); Line Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID"); Line Deleted : user_pref("CT2438727.SearchInNewTabURLFromSearchAPI", "hxxp://search.conduit.com/?ctid=CT2438727&octid=CT2438727&SearchSource=15&CUI=SB_CUI&SSPV=EB_SSPV&Lay=1&UM=UM_ID"); Line Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); Line Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Wed Oct 02 2013 00:06:14 GMT+0200"); Line Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120); Line Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Wed Oct 02 2013 09:40:18 GMT+0200"); Line Deleted : user_pref("CT2438727.SettingsLastUpdate", "1380697915"); Line Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504); Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Tue Feb 01 2011 20:23:03 GMT+0100"); Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1246790578"); Line Deleted : user_pref("CT2438727.ToolbarShrinkedFromSetup", false); Line Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727"); Line Deleted : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...] Line Deleted : user_pref("CT2438727.UserID", "UN76335868441074873"); Line Deleted : user_pref("CT2438727.ValidationData_Search", 0); Line Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2); Line Deleted : user_pref("CT2438727.alertChannelId", "832836"); Line Deleted : user_pref("CT2438727.clientLogIsEnabled", true); Line Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); Line Deleted : user_pref("CT2438727.countryCode", "NL"); Line Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...] Line Deleted : user_pref("CT2438727.homepageProtectorEnableByLogin", true); Line Deleted : user_pref("CT2438727.initDone", true); Line Deleted : user_pref("CT2438727.myStuffEnabled", true); Line Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400); Line Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); Line Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440); Line Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); Line Deleted : user_pref("CT2438727.revertSettingsEnabled", true); Line Deleted : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10); Line Deleted : user_pref("CT2438727.searchProtectorEnableByLogin", true); Line Deleted : user_pref("CT2438727.testingCtid", ""); Line Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Wed Oct 02 2013 00:06:14 GMT+0200"); Line Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); Line Deleted : user_pref("CT2438727.usagesFlag", 2); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727", "\"7eb3aaabe2f58023251c0711b0c008f23\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", "\"0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"97e416bb586ce1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.20.0.4", "\"97e416bb586ce1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727", "\"9971ee9815a5fc569766cf6ddcaaca8e\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"27f9ceb6f365cb1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/7/176/CT1764407/Images/634219899986281250.gif", "\"14819e877b65cb1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"461a8601461ca1:0\""); Line Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"761a1065c089bba4e6032a22fdf81948\""); Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties"); Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727"); Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727"); Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Feb 12 2011 20:35:48 GMT+0100"); Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Line Deleted : user_pref("CommunityToolbar.alert.locale", "en"); Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sat Feb 12 2011 21:47:37 GMT+0100"); Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234"); Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false); Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Line Deleted : user_pref("CommunityToolbar.alert.userId", "{e30b17ad-2f77-4992-a174-092f40725494}"); Line Deleted : user_pref("CommunityToolbar.globalUserId", "cd37f131-ef3e-4a58-8b00-7c68d8de0580"); Line Deleted : user_pref("extensions.BabylonToolbar.aflt", "orgnl"); Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 10); Line Deleted : user_pref("extensions.BabylonToolbar.cntry", "NL"); Line Deleted : user_pref("extensions.BabylonToolbar.firstRun", false); Line Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "294EBC1942FFCEEAD28AD6775BE87B16"); Line Deleted : user_pref("extensions.BabylonToolbar.lastActv", "24"); Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 10); Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsn", "1.1.5"); Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", ""); Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "6.0"); Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true); Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb"); Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true); Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "free"); Line Deleted : user_pref("extensions.enabledAddons", "addon%40nipobase.wakoopa.com:3.2,ffxtlbr%40funmoods.com:1.5.0,%7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10,plugin%40yontoo.com:1.20.02,leethax%40leethax.net[...] Line Deleted : user_pref("extensions.enabledItems", "{222e1f77-b8c9-83c1-ecef-1d643ed96cba}:1.0,quickstores@quickstores.de:1.0.0,{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6[...] Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true); Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://isearch.avg.com/search?cid=%7Be23d4f0f-7808-439a-9d08-62d8e5394580%7D&mid=ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b[...] Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=A54BD164-39EB-4477-A02C-BED125FB9270&n=77ed53e8&ptnrS=ZJxdm048YYnl&si=CMzwu76nyK8CFUVO3godBl[...] Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.initialized", true); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.installation.installDate", "2012042216"); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.installation.partnerId", "ZJxdm048YYnl"); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.installation.partnerSubId", "CMzwu76nyK8CFUVO3godBlCfAg"); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.installation.success", true); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.installation.toolbarId", "A54BD164-39EB-4477-A02C-BED125FB9270"); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.lastActivePing", "1335105206828"); Line Deleted : user_pref("extensions.toolbar.mindspark._5qMembers_.weather.location", "10001"); Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "zwinky@mindspark.com"); Line Deleted : user_pref("extensions.toolbar.mindspark.sa.enabled", true); Line Deleted : user_pref("extensions.toolbar.mindspark.sa.owner", "zwinky@mindspark.com"); Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,BestVideoDownloader,"); Line Deleted : user_pref("extentions.y2layers.installId", "5e7e1fe1-838a-4d3c-aef5-286f753211cb"); Line Deleted : user_pref("extentions.y2layers.lastDnsTest", 371974); Line Deleted : user_pref("quickstores.toolbar.affid", "2006"); Line Deleted : user_pref("quickstores.toolbar.guid", "{12DE7A28-6B50-C259-A545-C3553CD5F027}"); [ File : C:\Users\Nicky!\AppData\Roaming\Mozilla\Firefox\Profiles\s1tgshil.default\prefs.js ] Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Line Deleted : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)"); Line Deleted : user_pref("browser.search.selectedEngine", "Search the web (Babylon)"); Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/home?AF=18826"); Line Deleted : user_pref("extensions.enabledAddons", "quickstores@quickstores.de:1.0.0,{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1410,{972ce4c6-7e08-4474-a285-3208198ce6fd}:6.0.2"); Line Deleted : user_pref("extensions.enabledItems", "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,quickstores@quickstores.de:1.0.0,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA[...] Line Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?babsrc=adbartrp&AF=18826&q="); Line Deleted : user_pref("quickstores.toolbar.affid", "2006"); Line Deleted : user_pref("quickstores.toolbar.guid", "{57B1210B-2BBE-FC1D-64D2-4EA23622738C}"); Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?publisher=SnapdoSoftonicYB&dpid=SnapdoSoftonicYB&co=NL&userid=222e1f77-b8c9-83c1-ecef-1d643ed96cba&searchtype=nt&installDate=02/10/2013"); -\\ Google Chrome v30.0.1599.69 [ File : C:\Users\Danielle\AppData\Local\Google\Chrome\User Data\Default\preferences ] [ File : C:\Users\Nicky!\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [34570 octets] - [16/10/2013 00:52:34] AdwCleaner[s0].txt - [34335 octets] - [16/10/2013 00:55:13] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [34396 octets] ##########
  4. Daantjevw
    Ik kan helaas niets invullen als ik de analyse doe. Wat jij aan geeft dat ik bij opties moet invullen. Z-Analyse V1.0.0.1 Updated 13-October-2013 Tool run by Danielle on di 15-10-2013 at 14:34:47,74. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Safe Mode NETWORK Internet Access Detected Launched: C:\Users\Danielle\Desktop\Z-Analyse.scr [Deep Scan] ==== Older Logs ====================== C:\zoek-results2013-10-11-191245.log 2637 bytes C:\zoek-results2013-10-11-194014.log 572 bytes C:\zoek-results2013-10-13-183842.log 816 bytes C:\zoek-results2013-10-13-232234.log 52775 bytes C:\zoek-results2013-10-14-150758.log 886 bytes C:\zoek-results2013-10-14-182302.log 49803 bytes C:\zoek-results2013-10-15-120906.log 822 bytes ==== Running Processes ====================== C:\Users\Danielle\Desktop\Z-Analyse.scr C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\Danielle\AppData\Local\Temp\NirCmd.exe ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3896 MB CPU Info: Intel® Core i3 CPU 530 @ 2.93GHz CPU Speed: 2934.9 MHz Sound Card: Not detected Display Adapters: | RDP Encoder Mirror Driver Monitors: 1x; Screen Resolution: 1024 X 768 - 32 bit Network: Network Present Network Adapters: Intel® 82578DC Gigabit Network Connection | 802.11n Wireless PCI Express Card LAN Adapter CD / DVD Drives: 1x (E: | ) E: ATAPI DVD A DH16AASH Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 226.0GB | D: 226.0GB Hard Disks - Free: C: 22.8GB | D: 221.7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/16/32 | ACRSYS - 20091216 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer FIH57 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spybot - Search and Destroy disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated) Default Browser: Google Chrome 30.0.1599.69 Internet Explorer Version: 10.0.9200.16618 Mozilla Firefox version: 24.0 (x86 nl) Google Chrome version: 30.0.1599.69 Adobe Reader version: 10.1.8.24 Sun Java version: 1.7.0_25 (32-bit) Flash Player version: 11.9.900.117 Shockwave Player version: 11.6.5r635 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Danielle\AppData\Local\Temp ==== 2013-10-02 07:38:40 3EA95B6413D32BBF5EB4FADACF8D8391 10365984 ----a-w- C:\Users\Danielle\AppData\Local\Temp\Installer-3-.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-10-10 12:52:06 E6446AB7A7E602CAFF51ACA3C68C1526 269312 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2013-10-10 12:52:06 D3F64318307CEC05CBDE533D99976532 16896 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll 2013-10-10 12:52:06 A9D4140B8B843D5719F7C3EED8C0F9FD 37376 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2013-10-10 12:52:06 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll 2013-10-10 12:52:06 3F853160DEE5B71B9AD2F1BAF2B1E55B 46592 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll 2013-10-10 12:52:05 40FF6C636380A87DE3A99F4E348BFDCB 1048064 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2013-10-10 12:52:04 EF1689081813A60D4610FF429530BA36 4916224 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2013-10-10 12:50:41 AF78F66116814FDD6677CEBD73035CDD 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2013-10-10 12:50:40 BFB26890612FB8AE8B0463EBEBE84B7E 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2013-10-10 12:50:40 A113AFEED3159A1ED52D78CB0226006D 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2013-10-10 12:50:39 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2013-10-09 19:12:36 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll 2013-10-09 19:12:35 CC23295DA8F7B5C53F93804D2F5D30EB 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2013-10-09 19:12:35 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2013-10-09 19:12:35 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2013-10-09 19:12:35 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2013-10-09 19:12:35 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2013-10-09 19:12:33 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2013-10-09 19:12:33 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 19:12:27 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll 2013-10-09 19:12:19 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 19:12:19 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 19:12:18 DEE3A05EB88EAFE9C5FF9643676ECC60 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 19:12:18 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-10-09 19:12:18 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2013-10-09 19:12:18 D37B27C1F5FE8CFFCCA80FFD4F91149B 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-10-09 19:12:18 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-10-09 19:12:18 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-10-09 19:12:18 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-10-09 19:12:18 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\SysWOW64\tdh.dll 2013-10-09 19:12:16 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-02 07:41:27 C624C5B08526AD52733902E33F8E8125 1641200 ----a-w- C:\Windows\SysWOW64\PerfStringBackup.INI ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-10-10 12:52:08 7B619C36F84720CB6AB77031B6F4FA60 13312 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll 2013-10-10 12:52:08 0E894692EB8579703FB1EC8AB6908571 13312 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe 2013-10-10 12:52:07 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2013-10-10 12:52:06 E98E2152251EB2576714B2CCE01555DC 44032 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2013-10-10 12:52:06 9EB297848DAACF111C36B6048EFF5AEA 43520 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll 2013-10-10 12:52:06 09112DADA82F4700F833C2E40DFB59FC 18432 ----a-w- C:\Windows\Sysnative\wksprtPS.dll 2013-10-10 12:52:05 F059D17612BF074443C01FCCC8D5C905 54272 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll 2013-10-10 12:52:05 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll 2013-10-10 12:52:05 AE8535663AA64318D174CD7CA44ED947 62976 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2013-10-10 12:52:05 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2013-10-10 12:52:05 98C04A60A10777D99B569636C55FE91C 1123840 ----a-w- C:\Windows\Sysnative\mstsc.exe 2013-10-10 12:52:05 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2013-10-10 12:52:05 87E8244DCB33A7A0836C66389B8874B6 322560 ----a-w- C:\Windows\Sysnative\aaclient.dll 2013-10-10 12:52:05 6846ECABF7034DD97EE1DE38F1DA16B4 384000 ----a-w- C:\Windows\Sysnative\wksprt.exe 2013-10-10 12:52:04 FF16B21E5C0C46A70B2CD4F65B87D9F1 5773824 ----a-w- C:\Windows\Sysnative\mstscax.dll 2013-10-10 12:50:41 B7D42CB36C08FA017E73FF2433CD7287 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2013-10-10 12:50:41 685527DA09EBFB681E98C515978BDEE2 1448448 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2013-10-10 12:50:39 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll 2013-10-09 19:12:36 9028D1621C43DF8DFBD1C76860412A11 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll 2013-10-09 19:12:35 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 ----a-w- C:\Windows\Sysnative\atmfd.dll 2013-10-09 19:12:35 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2013-10-09 19:12:35 A5ED9421B8D09ED4F57CDA386307713E 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2013-10-09 19:12:35 796B47A4B82EF1C39F13435B88834C48 41472 ----a-w- C:\Windows\Sysnative\lpk.dll 2013-10-09 19:12:35 142671F462619CB64BA74F5B70136CB4 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2013-10-09 19:12:33 B32AB94A432289AC2DF77A3DCAD32EED 102400 ----a-w- C:\Windows\Sysnative\davclnt.dll 2013-10-09 19:12:33 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2013-10-09 19:12:29 9A9F9F1A77D6A80EE28B57664F00013E 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll 2013-10-09 19:12:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-10-09 19:12:20 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-10-09 19:12:19 A3FCC4F97551087D65F8FEE879FEF736 859648 ----a-w- C:\Windows\Sysnative\tdh.dll 2013-10-09 19:12:19 63A580C88CFAF72A92550940054569EF 878080 ----a-w- C:\Windows\Sysnative\advapi32.dll 2013-10-09 19:12:18 CAAAC014C5C56A69F710B5F1B836DE22 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-10-09 19:12:18 70833F5A59F65908698093889C34BCA2 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-10-09 19:12:16 764DF431D13537A575752009E7740F18 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 19:12:15 56661BB55AE4633677F846FFCD080ECA 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll ====== C:\Windows\Sysnative\drivers ===== 2013-10-10 12:52:06 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2013-10-10 12:52:06 17C6B51CBCCDED95B3CC14E22791F85E 57856 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2013-10-10 12:50:41 AAFCB52FE0037207FB6FBEA070D25EFE 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-10-10 12:50:41 7EFB9333E4ECCE6AE4AE9D777D9E553E 154480 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-10-09 19:12:35 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-09 19:12:34 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2013-10-09 19:12:34 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-09 19:12:34 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-09 19:12:34 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-09 19:12:33 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-09 19:12:30 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-09 19:12:29 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-09 19:12:16 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2013-10-09 19:12:14 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-10-09 19:12:14 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-10-09 19:12:14 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-10-09 19:12:14 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2013-10-09 19:12:14 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-10-09 19:12:14 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-10-09 19:12:14 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-09-30 13:37:42 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2013-09-25 19:07:30 0D75C5C4EBF3D8197448189A2F153116 148792 ----a-w- C:\Windows\Sysnative\drivers\avgdiska.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-10 22:28:42 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-10-02 07:44:20 -------- d-----w- C:\Program Files (x86)\YouTube Song Downloader 2013-09-30 13:37:39 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2013-09-30 13:37:38 -------- d-----w- C:\Program Files (x86)\AVG Nation toolbar 2013-09-24 20:06:57 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Danielle\AppData\Roaming ====== 2013-10-14 18:46:37 -------- d-----w- C:\Users\Danielle\AppData\Roaming\AVG2014 2013-10-14 18:45:51 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2014 2013-10-14 18:44:04 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014 2013-10-14 18:41:34 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2014 2013-10-14 18:39:26 -------- d-----w- C:\Users\Danielle\AppData\Local\Avg2014 2013-10-02 07:44:45 -------- d-----w- C:\Users\Danielle\AppData\Local\Abelssoft 2013-09-30 13:37:47 -------- d-----w- C:\Users\Danielle\AppData\Local\AVG Nation toolbar 2013-09-30 13:37:46 -------- d-----w- C:\Users\Danielle\AppData\Locallow\AVG Nation toolbar 2013-09-30 13:37:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Nation toolbar ====== C:\Users\Danielle ====== 2013-10-14 18:41:50 -------- d-----w- C:\ProgramData\AVG2014 2013-10-10 22:27:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danielle\Downloads\RSITx64.exe 2013-10-10 12:59:57 -------- d-----w- C:\ProgramData\Intel 2013-10-02 07:44:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader 2013-10-02 07:38:40 8C3EC810F15BC00BFB2388F3A527CADE 14135288 ----a-w- C:\Users\Danielle\Desktop\ysd.exe 2013-10-02 07:37:19 7A56E9D4ACCCCC4C3BAEF7DE51F0B1B7 400752 ----a-w- C:\Users\Danielle\Downloads\SoftonicDownloader_voor_youtube-song-downloader.exe 2013-09-30 13:37:39 -------- d-----w- C:\ProgramData\AVG Nation toolbar ====== C: exe-files == 2013-10-10 22:28:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Danielle.exe 2013-10-10 22:27:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danielle\Downloads\RSITx64.exe 2013-10-10 18:35:22 016B718797FB091D462A170649B1C0B9 5970992 ----a-w- C:\Program Files (x86)\AVG\AVG2014\avgcrema.exe 2013-10-10 12:53:19 A5DFCB0CF5171B46C6F4F94E8AC0ED03 1026840 ----a-w- C:\Program Files (x86)\Intel\Intel® Processor Graphics\uninstall\Setup.exe 2013-10-10 12:52:08 0E894692EB8579703FB1EC8AB6908571 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2013-10-10 12:52:05 AE8535663AA64318D174CD7CA44ED947 62976 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2013-10-10 12:52:05 98C04A60A10777D99B569636C55FE91C 1123840 ----a-w- C:\Windows\System32\mstsc.exe 2013-10-10 12:52:05 6846ECABF7034DD97EE1DE38F1DA16B4 384000 ----a-w- C:\Windows\System32\wksprt.exe 2013-10-10 12:52:05 40FF6C636380A87DE3A99F4E348BFDCB 1048064 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2013-10-09 19:12:20 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-10-09 19:12:19 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 19:12:19 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 19:12:18 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-10-09 19:12:18 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-10-09 19:12:18 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-10-09 16:38:27 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-09 16:38:27 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-09 16:38:25 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-09 16:34:44 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-09 16:34:42 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-09 16:34:36 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-09 16:34:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe === C: other files == 2013-10-14 18:42:23 61A7E0B02F82CFF3DB2445BBE50B3589 24144 ----a-w- C:\Program Files (x86)\AVG\AVG2014\Drivers\avgidsfilterx.sys 2013-10-14 18:42:23 0F293406F64B48D5D2F0D3A1117F3A83 29776 ----a-w- C:\Program Files (x86)\AVG\AVG2014\Drivers\avgidsfiltera.sys 2013-10-10 13:43:54 A42A5CE4220072ED8755443AB50B9B7D 248935 ----a-w- C:\Users\Danielle\Downloads\Generic UG_Acer_1.0_A_A.zip 2013-10-10 12:52:06 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2013-10-10 12:52:06 17C6B51CBCCDED95B3CC14E22791F85E 57856 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2013-10-10 12:50:41 AAFCB52FE0037207FB6FBEA070D25EFE 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-10-10 12:50:41 7EFB9333E4ECCE6AE4AE9D777D9E553E 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-10-09 19:12:35 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-10-09 19:12:34 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\System32\drivers\usbscan.sys 2013-10-09 19:12:34 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2013-10-09 19:12:34 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2013-10-09 19:12:34 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-10-09 19:12:33 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2013-10-09 19:12:30 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-10-09 19:12:29 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-10-09 19:12:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-10-09 19:12:16 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-10-09 19:12:14 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-09 19:12:14 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-09 19:12:14 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-09 19:12:14 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-10-09 19:12:14 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-09 19:12:14 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-09 19:12:14 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1280318716-3943813397-494876156-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HyvesDesktop.exe"="C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe" "ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Google Update"="C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "TNS NIPO Clicks"="C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe" "AVG-Secure-Search-Update_0913b"="C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b" "ChromeFrameHelper"="C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe --startup" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" "NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED" "ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "vProt"="C:\Program Files (x86)\AVG Nation toolbar\vprot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA&inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA∏=90&ver=9.0.872'>http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA&inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA∏=90&ver=9.0.872" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HyvesDesktop.exe"="C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe" "ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Google Update"="C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "TNS NIPO Clicks"="C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe" "AVG-Secure-Search-Update_0913b"="C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b" "ChromeFrameHelper"="C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe --startup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-10-2013 19:46] C:\Windows\tasks\FinalTorrent Update Checker.job --a------ :C:\Program Files (x86)\FinalTorrent\FTC:heC:kForUpdates.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-06-2010 20:56] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-06-2010 20:56] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001Core.job --a------ C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe [14-10-2010 00:06] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001UA.job --a------ C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe [14-10-2010 00:06] C:\Windows\tasks\ROC_JAN2013_TB_rmv.job --a------ C:\Program Files (x86)\AVG SeC:ure SearC:h\PostInstall\ROC:.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FinalTorrent Update Checker" [C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001Core" [C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001UA" [C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\ROC_JAN2013_TB_rmv" [C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B8C16F4B-B1A8-4350-824A-723B83BE9174}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{13238CB7-93D1-4E25-BC70-6DF57EC5A7D3}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{49087BC7-E8F2-4F70-8B45-8A4E6B5C0A21}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{5EA35020-47C7-423C-A5DA-2BBCFBFABBC7}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{5EA7CFEE-58EE-4475-B2B0-FCA96088D5B3}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{95569DDD-58E4-40B4-988A-48557A4B3CB0}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{967AA4D6-7D19-42BE-A9C4-643E31B7D6E0}" [C:\Program Files (x86)\AVG\AVG9\avgui.exe] "C:\Windows\SysNative\tasks\{A4E9F7EC-BDE3-46C7-9C47-1F918004B897}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{B85D1233-1FEA-4FC9-A26E-ADE56B4F94B4}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{D7EF83BE-FAA4-4E28-A71F-0D3022AB430B}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{DA7A8782-4AFD-4E17-8485-FE2433F9343C}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{DC5BED7F-3B0F-431D-8F0C-DDEF5018C454}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{FA767B5D-FC0A-4B49-BD70-38B3387F9C3B}" [C:\Program Files (x86)\AVG\AVG9\avgui.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default - TNS NIPO Clicks - C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\plugins\firefox - TNS NIPO Clicks - %ProfilePath%\extensions\addon@nipobase.wakoopa.com - Funmoods.com - %ProfilePath%\extensions\ffxtlbr@funmoods.com - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} - leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi - Yontoo - %ProfilePath%\extensions\plugin@yontoo.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - QuickStores-Toolbar - %AppDir%\extensions\quickstores@quickstores.de - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 F65284ABAC78410D561587F7C66043BA - C:\Users\Danielle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin 99F97C9FE748C37528C338A423577FCB - C:\Users\Danielle\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions niapdbllcanepiiimjjndipklodoedlc - C:\Users\Danielle\AppData\Local\Temp\YontooLayers.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Danielle\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[26-10-2012 18:33] Angry Birds - Danielle - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Google Docs - Danielle - Default\Extensions\aohghmighlieiainnegkcijnfilokake Cut the Rope - Danielle - Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj TNS NIPO Clicks - Danielle - Default\Extensions\ifjikecnnihdpkgcnhecbnjpomfhjkag Halloween Theme - Danielle - Default\Extensions\mogoijmbmpeoinmdoneejmagjdoekoob Card number - Danielle - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_x3900&r=17360610ln07974380si53x501yu22" "Search Page"="http://www.bing.com/search?q={searchTerms}" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://isearch.avg.com/tab?cid={CD7659B0-732D-4451-970F-03967898B0B6}&mid=ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b〈=nl&ds=AVG&pr=fr&d=2012-01-27 20:14:38&v=9.0.0.23&sap=nt" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://isearch.avg.com/tab?cid={CD7659B0-732D-4451-970F-03967898B0B6}&mid=ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b〈=nl&ds=AVG&pr=fr&d=2012-01-27 20:14:38&v=9.0.0.23&sap=nt" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8079622c00000000000090fba64ac33e&tlver=1.4.19.19&affID=17160" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8079622c00000000000090fba64ac33e&tlver=1.4.19.19&affID=17160" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing Url="http://www.bing.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL384NL384" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Danielle\AppData\Local\Wakoopa Shared\WakoopaBHO.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe" O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA"&"inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA"&"prod=90"&"ver=9.0.872 O4 - HKCU\..\Run: [HyvesDesktop.exe] C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [Google Update] "C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b O4 - HKCU\..\Run: [ChromeFrameHelper] "C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe" --startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {357BEB5B-DC01-44C2-B011-14048C3178B1} (DocParser2 Class) - https://employees.exact.com/cab/DocParse2.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - MSN Games - Free Online Games O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\npchrome_frame.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== After Reboot ====================== ==== EOF on di 15-10-2013 at 14:42:50,74 ======================
  5. Daantjevw
    Het lukt nog steeds niet om het via zoek.exe te doen, ook niet in de veilige modus. Alleen de analyse lukt,in de veilige modus, weet niet of je die nog een keer wil hebben?
  6. Daantjevw
    Dat heeft gewerkt! Z-Analyse V1.0.0.1 Updated 13-October-2013 Tool run by Danielle on ma 14-10-2013 at 1:13:41,01. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Danielle\Desktop\Z-Analyse.scr [Deep Scan] ==== Older Logs ====================== C:\zoek-results2013-10-11-191245.log 2637 bytes C:\zoek-results2013-10-11-194014.log 572 bytes C:\zoek-results2013-10-13-183842.log 816 bytes ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\OEM\USBDECTION\USBS3S4Detection.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG Nation toolbar\vprot.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Danielle\Desktop\Z-Analyse.scr C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\Danielle\AppData\Local\Temp\NirCmd.exe ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3896 MB CPU Info: Intel® Core i3 CPU 530 @ 2.93GHz CPU Speed: 2922.7 MHz Sound Card: Speakers (Realtek High Definiti | SyncMaster (Intel® Display Au | Realtek Digital Output (Realtek | Realtek Digital Output(Optical) | Display Adapters: Intel® HD Graphics | Intel® HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 2x; Generic PnP Monitor | Algemeen PnP-beeldscherm | Screen Resolution: 1440 X 900 - 32 bit Network: Network Present Network Adapters: Intel® 82578DC Gigabit Network Connection | 802.11n Wireless PCI Express Card LAN Adapter CD / DVD Drives: 1x (E: | ) E: ATAPI DVD A DH16AASH Ports: COM3 | COM4 LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 226.0GB | D: 226.0GB Hard Disks - Free: C: 23.0GB | D: 221.7GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 08/16/32 | ACRSYS - 20091216 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer FIH57 Country: Nederland Language: NLD ==== System Specs (Software) ====================== Anti-Virus: AVG AntiVirus Free Edition 2013 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Spybot - Search and Destroy disabled (Outdated) Anti-Spyware: AVG AntiVirus Free Edition 2013 disabled (Outdated) Default Browser: Google Chrome 30.0.1599.69 Internet Explorer Version: 10.0.9200.16618 Mozilla Firefox version: 24.0 (x86 nl) Google Chrome version: 30.0.1599.69 Adobe Reader version: 10.1.8.24 Sun Java version: 1.7.0_25 (32-bit) Flash Player version: 11.9.900.117 Shockwave Player version: 11.6.5r635 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Danielle\AppData\Local\Temp ==== 2013-10-02 07:38:40 3EA95B6413D32BBF5EB4FADACF8D8391 10365984 ----a-w- C:\Users\Danielle\AppData\Local\Temp\Installer-3-.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2013-10-10 12:52:06 E6446AB7A7E602CAFF51ACA3C68C1526 269312 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2013-10-10 12:52:06 D3F64318307CEC05CBDE533D99976532 16896 ----a-w- C:\Windows\SysWOW64\wksprtPS.dll 2013-10-10 12:52:06 A9D4140B8B843D5719F7C3EED8C0F9FD 37376 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2013-10-10 12:52:06 8999F18D38D55E34D356796507FFD639 192000 ----a-w- C:\Windows\SysWOW64\rdpendp_winip.dll 2013-10-10 12:52:06 3F853160DEE5B71B9AD2F1BAF2B1E55B 46592 ----a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll 2013-10-10 12:52:05 40FF6C636380A87DE3A99F4E348BFDCB 1048064 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2013-10-10 12:52:04 EF1689081813A60D4610FF429530BA36 4916224 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2013-10-10 12:50:41 AF78F66116814FDD6677CEBD73035CDD 247808 ----a-w- C:\Windows\SysWOW64\schannel.dll 2013-10-10 12:50:40 BFB26890612FB8AE8B0463EBEBE84B7E 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2013-10-10 12:50:40 A113AFEED3159A1ED52D78CB0226006D 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2013-10-10 12:50:39 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2013-10-09 19:12:36 75F5E1FE8D55CF8E577E0EC5F2290D3F 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll 2013-10-09 19:12:35 CC23295DA8F7B5C53F93804D2F5D30EB 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll 2013-10-09 19:12:35 8CC4638FA7B5B921B9080CF962582C0B 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2013-10-09 19:12:35 7D27E63B54DB093BB0D9E95F81094D75 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2013-10-09 19:12:35 5C6B44F9CAAC475B7B9EBBC29CB7F065 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2013-10-09 19:12:35 2342EC9254F4C60CA98441BD65C89E12 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll 2013-10-09 19:12:33 EAF4712B706936C0B10D3B5319B37E81 81920 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2013-10-09 19:12:33 75E8EBD7040CE238684333F97014762A 205824 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2013-10-09 19:12:27 E94C583CDE2348950155F2AF2876F34D 231424 ----a-w- C:\Windows\SysWOW64\mswsock.dll 2013-10-09 19:12:19 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 19:12:19 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 19:12:18 DEE3A05EB88EAFE9C5FF9643676ECC60 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-10-09 19:12:18 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-10-09 19:12:18 D67472125471784DE7147946EDA25FEB 640512 ----a-w- C:\Windows\SysWOW64\advapi32.dll 2013-10-09 19:12:18 D37B27C1F5FE8CFFCCA80FFD4F91149B 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-10-09 19:12:18 A2B0924D50F4435FD389499047CE553A 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-10-09 19:12:18 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-10-09 19:12:18 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-10-09 19:12:18 401D25136E26B237D77DA1BF1198B3BD 619520 ----a-w- C:\Windows\SysWOW64\tdh.dll 2013-10-09 19:12:16 2A01B40C8334A8124001CFAC256FCA83 102608 ----a-w- C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-02 07:41:27 C624C5B08526AD52733902E33F8E8125 1641200 ----a-w- C:\Windows\SysWOW64\PerfStringBackup.INI ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-10-10 12:52:08 7B619C36F84720CB6AB77031B6F4FA60 13312 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll 2013-10-10 12:52:08 0E894692EB8579703FB1EC8AB6908571 13312 ----a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe 2013-10-10 12:52:07 E9A0777DCA9148157E0EF9B71D7DE353 15360 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2013-10-10 12:52:06 E98E2152251EB2576714B2CCE01555DC 44032 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2013-10-10 12:52:06 9EB297848DAACF111C36B6048EFF5AEA 43520 ----a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll 2013-10-10 12:52:06 09112DADA82F4700F833C2E40DFB59FC 18432 ----a-w- C:\Windows\Sysnative\wksprtPS.dll 2013-10-10 12:52:05 F059D17612BF074443C01FCCC8D5C905 54272 ----a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll 2013-10-10 12:52:05 D346E07D62E3D4BEAB040939744EC31B 228864 ----a-w- C:\Windows\Sysnative\rdpendp_winip.dll 2013-10-10 12:52:05 AE8535663AA64318D174CD7CA44ED947 62976 ----a-w- C:\Windows\Sysnative\TSWbPrxy.exe 2013-10-10 12:52:05 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2013-10-10 12:52:05 98C04A60A10777D99B569636C55FE91C 1123840 ----a-w- C:\Windows\Sysnative\mstsc.exe 2013-10-10 12:52:05 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2013-10-10 12:52:05 87E8244DCB33A7A0836C66389B8874B6 322560 ----a-w- C:\Windows\Sysnative\aaclient.dll 2013-10-10 12:52:05 6846ECABF7034DD97EE1DE38F1DA16B4 384000 ----a-w- C:\Windows\Sysnative\wksprt.exe 2013-10-10 12:52:04 FF16B21E5C0C46A70B2CD4F65B87D9F1 5773824 ----a-w- C:\Windows\Sysnative\mstscax.dll 2013-10-10 12:50:41 B7D42CB36C08FA017E73FF2433CD7287 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2013-10-10 12:50:41 685527DA09EBFB681E98C515978BDEE2 1448448 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2013-10-10 12:50:39 973131EB99BE1E19DAC502CB724E72A5 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll 2013-10-09 19:12:36 9028D1621C43DF8DFBD1C76860412A11 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll 2013-10-09 19:12:35 E1BB958681BE311E7CFF06CFEC5F1F2B 368128 ----a-w- C:\Windows\Sysnative\atmfd.dll 2013-10-09 19:12:35 D6BAE9B4B210D71CDDADC224CEFCDB5F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2013-10-09 19:12:35 A5ED9421B8D09ED4F57CDA386307713E 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll 2013-10-09 19:12:35 796B47A4B82EF1C39F13435B88834C48 41472 ----a-w- C:\Windows\Sysnative\lpk.dll 2013-10-09 19:12:35 142671F462619CB64BA74F5B70136CB4 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2013-10-09 19:12:33 B32AB94A432289AC2DF77A3DCAD32EED 102400 ----a-w- C:\Windows\Sysnative\davclnt.dll 2013-10-09 19:12:33 0EB0E5D22B1760F2DBCE632F2DD7A54D 259584 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2013-10-09 19:12:29 9A9F9F1A77D6A80EE28B57664F00013E 327168 ----a-w- C:\Windows\Sysnative\mswsock.dll 2013-10-09 19:12:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-10-09 19:12:20 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-10-09 19:12:19 A3FCC4F97551087D65F8FEE879FEF736 859648 ----a-w- C:\Windows\Sysnative\tdh.dll 2013-10-09 19:12:19 63A580C88CFAF72A92550940054569EF 878080 ----a-w- C:\Windows\Sysnative\advapi32.dll 2013-10-09 19:12:18 CAAAC014C5C56A69F710B5F1B836DE22 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-10-09 19:12:18 70833F5A59F65908698093889C34BCA2 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-10-09 19:12:16 764DF431D13537A575752009E7740F18 124112 ----a-w- C:\Windows\Sysnative\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 19:12:15 56661BB55AE4633677F846FFCD080ECA 461312 ----a-w- C:\Windows\Sysnative\scavengeui.dll ====== C:\Windows\Sysnative\drivers ===== 2013-10-10 12:52:06 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2013-10-10 12:52:06 17C6B51CBCCDED95B3CC14E22791F85E 57856 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2013-10-10 12:50:41 AAFCB52FE0037207FB6FBEA070D25EFE 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2013-10-10 12:50:41 7EFB9333E4ECCE6AE4AE9D777D9E553E 154480 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2013-10-09 19:12:35 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2013-10-09 19:12:34 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\Sysnative\drivers\usbscan.sys 2013-10-09 19:12:34 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\Sysnative\drivers\hidparse.sys 2013-10-09 19:12:34 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\Sysnative\drivers\usbcir.sys 2013-10-09 19:12:34 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys 2013-10-09 19:12:33 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\Sysnative\drivers\mrxdav.sys 2013-10-09 19:12:30 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-10-09 19:12:29 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2013-10-09 19:12:16 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2013-10-09 19:12:14 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2013-10-09 19:12:14 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2013-10-09 19:12:14 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2013-10-09 19:12:14 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2013-10-09 19:12:14 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2013-10-09 19:12:14 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2013-10-09 19:12:14 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2013-09-30 13:37:42 A1F53D2A00E64679A1D81B61D2333D06 46368 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-10 22:28:42 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-10-02 07:44:20 -------- d-----w- C:\Program Files (x86)\YouTube Song Downloader 2013-09-30 13:37:39 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search 2013-09-30 13:37:38 -------- d-----w- C:\Program Files (x86)\AVG Nation toolbar 2013-09-24 20:06:57 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service ======= C: ===== ====== C:\Users\Danielle\AppData\Roaming ====== 2013-10-02 07:44:45 -------- d-----w- C:\Users\Danielle\AppData\Local\Abelssoft 2013-09-30 13:37:47 -------- d-----w- C:\Users\Danielle\AppData\Local\AVG Nation toolbar 2013-09-30 13:37:46 -------- d-----w- C:\Users\Danielle\AppData\Locallow\AVG Nation toolbar 2013-09-30 13:37:44 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Nation toolbar ====== C:\Users\Danielle ====== 2013-10-10 22:27:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danielle\Downloads\RSITx64.exe 2013-10-10 12:59:57 -------- d-----w- C:\ProgramData\Intel 2013-10-02 07:44:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader 2013-10-02 07:38:40 8C3EC810F15BC00BFB2388F3A527CADE 14135288 ----a-w- C:\Users\Danielle\Desktop\ysd.exe 2013-10-02 07:37:19 7A56E9D4ACCCCC4C3BAEF7DE51F0B1B7 400752 ----a-w- C:\Users\Danielle\Downloads\SoftonicDownloader_voor_youtube-song-downloader.exe 2013-09-30 13:37:39 -------- d-----w- C:\ProgramData\AVG Nation toolbar ====== C: exe-files == 2013-10-10 22:28:43 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Danielle.exe 2013-10-10 22:27:56 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Danielle\Downloads\RSITx64.exe 2013-10-10 12:53:19 A5DFCB0CF5171B46C6F4F94E8AC0ED03 1026840 ----a-w- C:\Program Files (x86)\Intel\Intel® Processor Graphics\uninstall\Setup.exe 2013-10-10 12:52:08 0E894692EB8579703FB1EC8AB6908571 13312 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe 2013-10-10 12:52:05 AE8535663AA64318D174CD7CA44ED947 62976 ----a-w- C:\Windows\System32\TSWbPrxy.exe 2013-10-10 12:52:05 98C04A60A10777D99B569636C55FE91C 1123840 ----a-w- C:\Windows\System32\mstsc.exe 2013-10-10 12:52:05 6846ECABF7034DD97EE1DE38F1DA16B4 384000 ----a-w- C:\Windows\System32\wksprt.exe 2013-10-10 12:52:05 40FF6C636380A87DE3A99F4E348BFDCB 1048064 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2013-10-09 19:12:20 5B9A6A310326D9C438F2C19FBBE97C97 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-10-09 19:12:19 813A7F5A2D6D366EB3FFB643B851BCE5 3914176 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-10-09 19:12:19 482C8CD985C727C7C78A5E9B320947F0 3969472 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-10-09 19:12:18 DA1340AC8B22D0719F47222C8D508393 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-10-09 19:12:18 8C3D064E7B7C0F3685A441A37A93C5D1 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-10-09 19:12:18 5244D544B022E70881794563D657B5EF 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-10-09 16:38:27 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-09 16:38:27 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-09 16:38:25 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-09 16:34:44 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-09 16:34:42 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-09 16:34:36 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-09 16:34:33 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe 2013-10-08 11:12:33 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-08 11:12:33 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-08 11:12:32 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-08 11:12:24 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-08 11:12:24 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-08 11:12:23 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-08 11:12:22 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Users\Danielle\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe === C: other files == 2013-10-10 13:43:54 A42A5CE4220072ED8755443AB50B9B7D 248935 ----a-w- C:\Users\Danielle\Downloads\Generic UG_Acer_1.0_A_A.zip 2013-10-10 12:52:06 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys 2013-10-10 12:52:06 17C6B51CBCCDED95B3CC14E22791F85E 57856 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys 2013-10-10 12:50:41 AAFCB52FE0037207FB6FBEA070D25EFE 458712 ----a-w- C:\Windows\System32\drivers\cng.sys 2013-10-10 12:50:41 7EFB9333E4ECCE6AE4AE9D777D9E553E 154480 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2013-10-09 19:12:35 E2C933EDBC389386EBE6D2BA953F43D8 785624 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2013-10-09 19:12:34 9661DA76B4531B2DA272ECCE25A8AF24 42496 ----a-w- C:\Windows\System32\drivers\usbscan.sys 2013-10-09 19:12:34 856E76B3641746ABBC2946BED1372098 32896 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2013-10-09 19:12:34 80B0F7D5CCF86CEB5D402EAAF61FEC31 100864 ----a-w- C:\Windows\System32\drivers\usbcir.sys 2013-10-09 19:12:34 597C3699384E53CC59587ED50CCE5CA2 76800 ----a-w- C:\Windows\System32\drivers\hidclass.sys 2013-10-09 19:12:33 1A4F75E63C9FB84B85DFFC6B63FD5404 140800 ----a-w- C:\Windows\System32\drivers\mrxdav.sys 2013-10-09 19:12:30 40AF23633D197905F03AB5628C558C51 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-10-09 19:12:29 314C17917AC8523EC77A710215012A65 497152 ----a-w- C:\Windows\System32\drivers\afd.sys 2013-10-09 19:12:24 19320B121BFE7462EADD50A42C81AFD0 3155968 ----a-w- C:\Windows\System32\win32k.sys 2013-10-09 19:12:16 88612F1CE3BF42256913BF6E61C70D52 983488 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2013-10-09 19:12:14 E73A7A04FDAC9DD46EE2A4257F09E91C 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-10-09 19:12:14 ACCEA6BC68D0C9A78EB97EE159028B4E 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-10-09 19:12:14 A83D0EC9AE4C31704442099D40BA2471 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-10-09 19:12:14 9406D801042FAF859CF81B2C886413DC 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-10-09 19:12:14 861C197502A5057E68F0AC75D9EFCDD7 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-10-09 19:12:14 311C1DD1088E55BEAE15954D17F50646 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-10-09 19:12:14 280E90CBF4B2DDD169F0728CB44D726F 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1280318716-3943813397-494876156-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HyvesDesktop.exe"="C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe" "ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Google Update"="C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "TNS NIPO Clicks"="C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe" "AVG-Secure-Search-Update_0913b"="C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b" "ChromeFrameHelper"="C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe --startup" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" "NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED" "ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "RIMBBLaunchAgent.exe"="C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "vProt"="C:\Program Files (x86)\AVG Nation toolbar\vprot.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"="cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA&inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA∏=90&ver=9.0.872'>http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA&inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA∏=90&ver=9.0.872" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HyvesDesktop.exe"="C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe" "ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" "Google Update"="C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe /c" "KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s" "MobileDocuments"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe" "TNS NIPO Clicks"="C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe" "AVG-Secure-Search-Update_0913b"="C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b" "ChromeFrameHelper"="C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe --startup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" "mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09-10-2013 19:46] C:\Windows\tasks\FinalTorrent Update Checker.job --a------ C:\Program Files (x86)\FinalTorrent\FTCheckForUpdatesC:exeC:\Program Files (x86)\FinalTorrent\Danielle00 [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-06-2010 20:56] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18-06-2010 20:56] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001Core.job --a------ C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe [14-10-2010 00:06] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001UA.job --a------ C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe [14-10-2010 00:06] C:\Windows\tasks\ROC_JAN2013_TB_rmv.job --a------ C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FinalTorrent Update Checker" [C:\Program Files (x86)\FinalTorrent\FTCheckForUpdates.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001Core" [C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001UA" [C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\ROC_JAN2013_TB_rmv" [C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{B8C16F4B-B1A8-4350-824A-723B83BE9174}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{13238CB7-93D1-4E25-BC70-6DF57EC5A7D3}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{49087BC7-E8F2-4F70-8B45-8A4E6B5C0A21}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{5EA35020-47C7-423C-A5DA-2BBCFBFABBC7}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{5EA7CFEE-58EE-4475-B2B0-FCA96088D5B3}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{95569DDD-58E4-40B4-988A-48557A4B3CB0}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{967AA4D6-7D19-42BE-A9C4-643E31B7D6E0}" [C:\Program Files (x86)\AVG\AVG9\avgui.exe] "C:\Windows\SysNative\tasks\{A4E9F7EC-BDE3-46C7-9C47-1F918004B897}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{B85D1233-1FEA-4FC9-A26E-ADE56B4F94B4}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{D7EF83BE-FAA4-4E28-A71F-0D3022AB430B}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{DA7A8782-4AFD-4E17-8485-FE2433F9343C}" [C:\Program Files (x86)\Barbie® idesign Ultimate Stylist\BarbieFashionCards.exe] "C:\Windows\SysNative\tasks\{DC5BED7F-3B0F-431D-8F0C-DDEF5018C454}" [C:\Program Files (x86)\EA GAMES\De Sims 2\TSBin\Sims2.exe] "C:\Windows\SysNative\tasks\{FA767B5D-FC0A-4B49-BD70-38B3387F9C3B}" [C:\Program Files (x86)\AVG\AVG9\avgui.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default - TNS NIPO Clicks - C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\plugins\firefox - TNS NIPO Clicks - %ProfilePath%\extensions\addon@nipobase.wakoopa.com - Funmoods.com - %ProfilePath%\extensions\ffxtlbr@funmoods.com - Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} - leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi - Yontoo - %ProfilePath%\extensions\plugin@yontoo.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - QuickStores-Toolbar - %AppDir%\extensions\quickstores@quickstores.de - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default 4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Users\Danielle\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17 F65284ABAC78410D561587F7C66043BA - C:\Users\Danielle\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 3D3CAF586124C4E8102764C8B3063BB6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director FC5866F7793AF2CBCD425CC4B8D32A9E - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin 99F97C9FE748C37528C338A423577FCB - C:\Users\Danielle\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions niapdbllcanepiiimjjndipklodoedlc - C:\Users\Danielle\AppData\Local\Temp\YontooLayers.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Danielle\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[26-10-2012 18:33] Angry Birds - Danielle - Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Google Docs - Danielle - Default\Extensions\aohghmighlieiainnegkcijnfilokake Cut the Rope - Danielle - Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj Halloween Theme - Danielle - Default\Extensions\mogoijmbmpeoinmdoneejmagjdoekoob Card number - Danielle - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=aspire_x3900&r=17360610ln07974380si53x501yu22" "Search Page"="http://www.bing.com/search?q={searchTerms}" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://isearch.avg.com/tab?cid={CD7659B0-732D-4451-970F-03967898B0B6}&mid=ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b〈=nl&ds=AVG&pr=fr&d=2012-01-27 20:14:38&v=9.0.0.23&sap=nt" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://isearch.avg.com/tab?cid={CD7659B0-732D-4451-970F-03967898B0B6}&mid=ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b〈=nl&ds=AVG&pr=fr&d=2012-01-27 20:14:38&v=9.0.0.23&sap=nt" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8079622c00000000000090fba64ac33e&tlver=1.4.19.19&affID=17160" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8079622c00000000000090fba64ac33e&tlver=1.4.19.19&affID=17160" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {006ee092-9658-4fd6-bd8e-a21a348e59f5} Bing Url="http://www.bing.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL384NL384" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {C91885A5-7B0A-4209-A94F-7ACDF218BBCF} AVG Secure Search Url="http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=nl&nt=1" ==== HijackThis Entries ====================== C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Danielle\AppData\Local\Wakoopa Shared\WakoopaBHO.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe" O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA"&"inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA"&"prod=90"&"ver=9.0.872 O4 - HKCU\..\Run: [HyvesDesktop.exe] C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [Google Update] "C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b O4 - HKCU\..\Run: [ChromeFrameHelper] "C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe" --startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {357BEB5B-DC01-44C2-B011-14048C3178B1} (DocParser2 Class) - https://employees.exact.com/cab/DocParse2.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - MSN Games - Free Online Games O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\npchrome_frame.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== After Reboot ====================== ==== EOF on ma 14-10-2013 at 1:22:34,13 ======================
  7. Daantjevw
    Het lukt me niet hoor, ook niet in de veilige modus. Wat doe ik dan toch verkeerd, het blijft maar staan.
  8. Daantjevw
    Nou ik weet het niet maar ik heb precies gedaan wat er staat maar er gebeurt niets. het enigste dat ik zie nadat ik op runscript heb geklikt is het volgende : Zoek.exe is running now. Do not start any browser windows, they will be closed automatically. Please wait! This window will close when finished. A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log En dit heb ik zo een uur laten staan. Afsluiten lukt ook niet.
  9. Daantjevw
    Super Bedankt voor je hulp Jean-Pierre!!!
  10. Daantjevw
    Logfile of random's system information tool 1.09 (written by random/random) Run by Danielle at 2013-10-11 00:28:38 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 11 GB (5%) free of 231 GB Total RAM: 3895 MB (23% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 0:28:58, on 11-10-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16611) Boot mode: Normal Running processes: C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG Nation toolbar\vprot.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE C:\Program Files (x86)\AVG\AVG2013\avgcsrvx.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Danielle.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/search?q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms} R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/search?q={searchTerms} R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/search?q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=8079622c00000000000090fba64ac33e&tlver=1.4.19.19&affID=17160 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll (file missing) O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TNS NIPO Clicks - {FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773} - C:\Users\Danielle\AppData\Local\Wakoopa Shared\WakoopaBHO.dll O3 - Toolbar: Searchqu Toolbar - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll (file missing) O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file) O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe" O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYASwBQAEMAQgAtADYAQgBXAEYATQAtAFQAUgBMAFEAUgAtAEIAUgBVAEgAUAAtAEMAUAA4ADYARwA"&"inst=NwA3AC0ANAA5ADEAMAA4ADUANgA2ADAALQBCAEEAUgA5AEcAKwAxAC0ARgBMACsAOQAtAEYAOQBNADYAKwAxAC0AWABPADMANgArADEALQBGADkATQA3AEMAKwA1AA"&"prod=90"&"ver=9.0.872 O4 - HKCU\..\Run: [HyvesDesktop.exe] C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [Google Update] "C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe O4 - HKCU\..\Run: [TNS NIPO Clicks] C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe O4 - HKCU\..\Run: [AVG-Secure-Search-Update_0913b] C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b O4 - HKCU\..\Run: [ChromeFrameHelper] "C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe" --startup O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Danielle\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {357BEB5B-DC01-44C2-B011-14048C3178B1} (DocParser2 Class) - https://employees.exact.com/cab/DocParse2.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - MSN Games - Free Online Games O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\npchrome_frame.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing) O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.1\ViProtocol.dll (file missing) O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Boonty Games - BOONTY - C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: USBS3S4Detection - Unknown owner - C:\OEM\USBDECTION\USBS3S4Detection.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater17.0.1 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 19202 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=b4a4744d-1555-4238-bad5-1c3ad643be79 /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\071bfc66-9bfd-471c-a8bb-f124478f2409-1d4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\" %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Acer\Registration\GregHSRW.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Acer\Acer Updater\UpdaterService.exe" C:\OEM\USBDECTION\USBS3S4Detection.exe "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" WLIDSvcM.exe 2468 "C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-6ab1481d-db5d-48c7-8d95-c26f1fcb6bd7 -SystemEventPortName:HostProcess-f8495c9a-c05f-4e26-9ae9-d2ec921afc0f -IoCancelEventPortName:HostProcess-14cffe50-f73c-4423-871e-7eb3fbec113c -NonStateChangingEventPortName:HostProcess-59a75c9a-017e-470d-9d73-8fe787ecec1b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:499ee2fb-2243-497b-b0bc-2b74dd350974 -DeviceGroupId:WpdFsGroup "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe" "C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Windows\System32\igfxtray.exe" C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Windows\System32\hkcmd.exe" "C:\Windows\System32\igfxpers.exe" "C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" "C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe" "C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe" --startup "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k "C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY "C:\Program Files (x86)\iTunes\iTunesHelper.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\AVG Nation toolbar\vprot.exe" "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" taskeng.exe {A4F6FDCD-FE90-47EB-9130-C8EF099EF202} "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" /autoupdate /silent /autoclose "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4208.0.1947004750\12210372" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,9,18,24,26 --gpu-vendor-id=0x8086 --gpu-device-id=0x0042 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2622 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOff/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4208.5.1486271701\1084943119" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="4208.7.363867842\705255584" --ppapi-flash-args --lang=en-US --ignored=" --type=renderer " /prefetch:-632637702 "C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE" C:\Program Files (x86)\AVG\AVG2013\avgcsrvx.exe /pipeName=b7dd3060-497c-4d5c-bcd2-842e5f20d039 /coreSdkOptions=8192 /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Users\Danielle\AppData\Local\Avg2013\temp\" /dataPath="C:\ProgramData\AVG2013\" /userDataPath="C:\Users\Danielle\AppData\Local\Avg2013\" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOff/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4208.10.509903114\988642960" /prefetch:673131151 "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:7688 CREDAT:267521 /prefetch:2 C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe -Embedding "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4912.c425600.1978747646 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4912 "\\.\pipe\gecko-crash-server-pipe.4912" plugin "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --proxy-stub-channel=Flash8296.1011F308.20774 --host-broker-channel=Flash8296.1011F308.30134 --host-pid=8296 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe" --channel=2864.0040F910.705842194 --proxy-stub-channel=Flash8296.1011F308.20774 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll" --host-npapi-version=27 --type=renderer "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOff/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/OutdatedInstallCheck/12WeeksOutdatedInstall/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --instant-process --enable-threaded-compositing --disable-html-notifications --channel="4208.14.47003854\800753342" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R1/CookieRetentionPriorityStudy/ExperimentOff/ForceCompositingMode/thread/InfiniteCache/No/InstantExtended/Group2 pct:10a stable:pp1 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/NewMenuStyle/Compact2/OmniboxStopTimer/UseStopTimer/OutdatedInstallCheck/12WeeksOutdatedInstall/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-1-Percent/group_08/UMA-Uniformity-Trial-10-Percent/group_01/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/" --renderer-print-preview --enable-threaded-compositing --disable-html-notifications --channel="4208.16.1499850476\1525682349" /prefetch:673131151 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe38_ Global\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528 "C:\Users\Danielle\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FinalTorrent Update Checker.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1280318716-3943813397-494876156-1001UA.job C:\Windows\tasks\ROC_JAN2013_TB_rmv.job =========Mozilla firefox========= ProfilePath - C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "about:home" prefs.js - "extensions.enabledItems" - "{222e1f77-b8c9-83c1-ecef-1d643ed96cba}:1.0, quickstores@quickstores.de:1.0.0, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374, ffxtlbr@babylon.com:1.1.3, {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17" prefs.js - "keyword.URL" - "http://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.1\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.FestiveBar_3g.com/Plugin] "Description"=FestiveBar Plugin "Path"=C:\Program Files (x86)\FestiveBar_3gEI\Installr\1.bin\NP3gEISB.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.25.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@rim.com/npappworld] "Description"= "Path"=C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0] "Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers "Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@zylom.com/ZylomGamesPlayer] "Description"=Zylom Games Player 1.00 "Path"=C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.117 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ quickstores@quickstores.de C:\Program Files (x86)\Mozilla Firefox\components\ nsIQTScriptablePlugin.xpt nsIZylomPlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ npkimi.dll NPOFF12.DLL nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll npzylomgamesplayer.dll QuickTimePlugin.class C:\Program Files (x86)\Mozilla Firefox\searchplugins\ avg-secure-search.xml babylon.xml SearchquWebSearch.xml C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\extensions\ ffxtlbr@funmoods.com {ACAA314B-EEBA-48e4-AD47-84E31C44796C} C:\Users\Danielle\AppData\Roaming\Mozilla\Firefox\Profiles\qkzq36x0.default\searchplugins\ Google.xml my-web-search.xml SearchquWebSearch.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13 3214392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-22 463272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FF99715-3016-4381-84CE-E4E4C9673020}] Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-22 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4D29C1-82DE-4b80-8BB0-A7CDDDCD2773}] TNS NIPO Clicks - C:\Users\Danielle\AppData\Local\Wakoopa Shared\WakoopaBHO.dll [2012-10-25 237920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {7FF99715-3016-4381-84CE-E4E4C9673020} - Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\ToolBar\SearchquDx.dll [] {ae07101b-46d4-4a98-af68-0333ea26e113} [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-10-13 186904] "mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-10 349480] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-09-02 8098848] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-01-10 167704] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-01-10 392984] "Persistence"=C:\Windows\system32\igfxpers.exe [2012-01-10 417560] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HyvesDesktop.exe"=C:\Program Files (x86)\Hyves Desktop\bin\HyvesDesktop.exe [] "ISUSPM"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler [] "Google Update"=C:\Users\Danielle\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-14 136176] "KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-03-20 21416] "KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2012-02-22 943504] "MobileDocuments"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [] "TNS NIPO Clicks"=C:\Users\Danielle\AppData\Local\TNS NIPO Clicks\TNS NIPO Clicks.exe [2013-08-29 962912] "AVG-Secure-Search-Update_0913b"=C:\Users\Danielle\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid ca6f701b08a147d6b25a41b2e0ae2acd-562f0e2bd8ab49d27aa40327fdaef6c231a15b9b --CMPID 0913b [] "ChromeFrameHelper"=C:\Users\Danielle\AppData\Local\Google\Chrome\Application\30.0.1599.69\chrome_frame_helper.exe [2013-10-03 83408] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-08-13 261888] "Hotkey Utility"=C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2009-08-18 629280] "EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464] "NortonOnlineBackupReminder"=C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-07-25 588648] "ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-11-10 128296] "PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-11-03 181480] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-11-28 59280] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2012-02-22 3508624] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "RIMBBLaunchAgent.exe"=C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [2011-02-18 79192] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-08-15 4411440] "QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2012-10-25 421888] "iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2012-12-12 152544] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2012-11-13 3825176] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816] "vProt"=C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2013-10-01 2403144] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] "AvgUninstallURL"=cmd.exe /c start Uninstallation survey | AVG Nederland [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2012-01-10 390656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "MSVideo8"=VfWWDM32.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-10-11 00:28:42 ----D---- C:\Program Files\trend micro 2013-10-11 00:28:38 ----D---- C:\rsit 2013-10-10 15:31:24 ----D---- C:\Windows\SoftwareDistribution 2013-10-10 14:59:57 ----D---- C:\ProgramData\Intel 2013-10-10 14:52:08 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2013-10-10 14:52:08 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2013-10-10 14:52:07 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll 2013-10-10 14:52:06 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll 2013-10-10 14:52:06 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2013-10-10 14:52:06 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll 2013-10-10 14:52:06 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll 2013-10-10 14:52:06 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2013-10-10 14:52:06 ----A---- C:\Windows\system32\wksprtPS.dll 2013-10-10 14:52:06 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll 2013-10-10 14:52:06 ----A---- C:\Windows\system32\tsgqec.dll 2013-10-10 14:52:06 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys 2013-10-10 14:52:06 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys 2013-10-10 14:52:05 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2013-10-10 14:52:05 ----A---- C:\Windows\system32\wksprt.exe 2013-10-10 14:52:05 ----A---- C:\Windows\system32\TSWbPrxy.exe 2013-10-10 14:52:05 ----A---- C:\Windows\system32\rdpudd.dll 2013-10-10 14:52:05 ----A---- C:\Windows\system32\rdpendp_winip.dll 2013-10-10 14:52:05 ----A---- C:\Windows\system32\rdpcorets.dll 2013-10-10 14:52:05 ----A---- C:\Windows\system32\mstsc.exe 2013-10-10 14:52:05 ----A---- C:\Windows\system32\MsRdpWebAccess.dll 2013-10-10 14:52:05 ----A---- C:\Windows\system32\aaclient.dll 2013-10-10 14:52:04 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2013-10-10 14:52:04 ----A---- C:\Windows\system32\mstscax.dll 2013-10-10 14:50:41 ----A---- C:\Windows\SYSWOW64\schannel.dll 2013-10-10 14:50:41 ----A---- C:\Windows\system32\schannel.dll 2013-10-10 14:50:41 ----A---- C:\Windows\system32\lsasrv.dll 2013-10-10 14:50:41 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2013-10-10 14:50:41 ----A---- C:\Windows\system32\drivers\cng.sys 2013-10-10 14:50:40 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2013-10-10 14:50:40 ----A---- C:\Windows\SYSWOW64\secur32.dll 2013-10-10 14:50:39 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2013-10-10 14:50:39 ----A---- C:\Windows\system32\qdvd.dll 2013-10-09 21:12:36 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-09 21:12:36 ----A---- C:\Windows\system32\comctl32.dll 2013-10-09 21:12:35 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-09 21:12:35 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-09 21:12:35 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-09 21:12:35 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-09 21:12:35 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-09 21:12:35 ----A---- C:\Windows\system32\lpk.dll 2013-10-09 21:12:35 ----A---- C:\Windows\system32\fontsub.dll 2013-10-09 21:12:35 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-09 21:12:35 ----A---- C:\Windows\system32\dciman32.dll 2013-10-09 21:12:35 ----A---- C:\Windows\system32\atmlib.dll 2013-10-09 21:12:35 ----A---- C:\Windows\system32\atmfd.dll 2013-10-09 21:12:34 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-09 21:12:34 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-09 21:12:34 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-09 21:12:34 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-09 21:12:33 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-09 21:12:33 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-09 21:12:33 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-09 21:12:33 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-09 21:12:33 ----A---- C:\Windows\system32\davclnt.dll 2013-10-09 21:12:30 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-09 21:12:29 ----A---- C:\Windows\system32\mswsock.dll 2013-10-09 21:12:29 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-09 21:12:27 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-09 21:12:24 ----A---- C:\Windows\system32\win32k.sys 2013-10-09 21:12:20 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-09 21:12:19 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-09 21:12:19 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-09 21:12:19 ----A---- C:\Windows\system32\tdh.dll 2013-10-09 21:12:19 ----A---- C:\Windows\system32\advapi32.dll 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-09 21:12:18 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-09 21:12:18 ----A---- C:\Windows\system32\wow64.dll 2013-10-09 21:12:18 ----A---- C:\Windows\system32\ntdll.dll 2013-10-09 21:12:16 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 21:12:16 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 21:12:16 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-09 21:12:15 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbport.sys 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbohci.sys 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbhub.sys 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbehci.sys 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbd.sys 2013-10-09 21:12:14 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2013-10-02 09:44:20 ----D---- C:\Program Files (x86)\YouTube Song Downloader 2013-10-02 09:41:27 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-09-30 15:37:45 ----D---- C:\ProgramData\AVG Security Toolbar 2013-09-30 15:37:42 ----A---- C:\Windows\system32\drivers\avgtpx64.sys 2013-09-30 15:37:39 ----D---- C:\ProgramData\AVG Nation toolbar 2013-09-30 15:37:38 ----D---- C:\Program Files (x86)\AVG Nation toolbar 2013-09-24 22:06:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2013-09-12 12:41:53 ----A---- C:\Windows\system32\drivers\ataport.sys 2013-09-12 12:41:51 ----A---- C:\Windows\system32\KernelBase.dll 2013-09-12 12:41:50 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2013-09-12 12:41:50 ----A---- C:\Windows\system32\kernel32.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-09-12 12:41:48 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-09-12 12:41:48 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2013-09-12 12:41:48 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2013-09-12 12:41:48 ----A---- C:\Windows\system32\winsrv.dll 2013-09-12 12:41:48 ----A---- C:\Windows\system32\smss.exe 2013-09-12 12:41:48 ----A---- C:\Windows\system32\csrsrv.dll 2013-09-12 12:41:48 ----A---- C:\Windows\system32\conhost.exe 2013-09-12 12:41:47 ----A---- C:\Windows\system32\apisetschema.dll 2013-09-12 12:41:42 ----A---- C:\Windows\system32\shell32.dll 2013-09-12 12:41:41 ----A---- C:\Windows\SYSWOW64\shell32.dll 2013-09-12 12:41:40 ----A---- C:\Windows\SYSWOW64\shdocvw.dll 2013-09-12 12:41:40 ----A---- C:\Windows\system32\shdocvw.dll ======List of files/folders modified in the last 1 month====== 2013-10-11 00:28:56 ----D---- C:\Windows\Prefetch 2013-10-11 00:28:42 ----RD---- C:\Program Files 2013-10-11 00:15:40 ----D---- C:\Windows\Temp 2013-10-10 20:38:50 ----D---- C:\Windows\System32 2013-10-10 20:38:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-10 20:15:46 ----SHD---- C:\System Volume Information 2013-10-10 18:10:27 ----D---- C:\ProgramData\MFAData 2013-10-10 17:13:39 ----D---- C:\Windows\system32\config 2013-10-10 16:49:30 ----D---- C:\Windows\rescache 2013-10-10 16:19:56 ----SD---- C:\ProgramData\Microsoft 2013-10-10 16:13:12 ----RSD---- C:\Windows\assembly 2013-10-10 16:13:12 ----D---- C:\Windows\Microsoft.NET 2013-10-10 15:31:29 ----D---- C:\Windows 2013-10-10 14:59:57 ----HD---- C:\ProgramData 2013-10-10 14:59:42 ----D---- C:\Windows\winsxs 2013-10-10 14:59:24 ----A---- C:\Windows\SYSWOW64\log.txt 2013-10-10 14:59:16 ----D---- C:\Windows\SysWOW64 2013-10-10 14:57:04 ----D---- C:\Windows\SYSWOW64\wbem 2013-10-10 14:57:04 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-10-10 14:57:04 ----D---- C:\Windows\system32\wbem 2013-10-10 14:57:04 ----D---- C:\Windows\system32\nl-NL 2013-10-10 14:57:04 ----D---- C:\Windows\system32\drivers\nl-NL 2013-10-10 14:57:04 ----D---- C:\Windows\system32\drivers 2013-10-10 14:57:04 ----D---- C:\Windows\PolicyDefinitions 2013-10-10 14:57:03 ----D---- C:\Windows\system32\DriverStore 2013-10-10 14:57:02 ----D---- C:\Windows\inf 2013-10-10 14:53:29 ----D---- C:\Windows\system32\catroot 2013-10-10 14:53:19 ----D---- C:\Program Files (x86)\Intel 2013-10-10 14:52:20 ----D---- C:\Windows\system32\catroot2 2013-10-10 13:45:32 ----D---- C:\Windows\system32\NDF 2013-10-10 13:41:30 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-10 13:41:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-10 13:39:27 ----D---- C:\Windows\AppPatch 2013-10-10 13:39:26 ----D---- C:\Windows\SYSWOW64\drivers 2013-10-10 13:38:05 ----SHD---- C:\Windows\Installer 2013-10-10 13:38:05 ----SHD---- C:\Config.Msi 2013-10-10 13:37:14 ----D---- C:\ProgramData\Microsoft Help 2013-10-10 13:23:39 ----D---- C:\Windows\system32\MRT 2013-10-10 13:23:37 ----A---- C:\Windows\system32\MRT.exe 2013-10-09 19:46:22 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-10-09 18:38:38 ----RD---- C:\Program Files (x86) 2013-10-08 00:44:10 ----D---- C:\Windows\Logs 2013-10-07 14:55:52 ----D---- C:\Windows\Minidump 2013-10-02 10:20:36 ----RD---- C:\Users 2013-10-02 09:44:39 ----D---- C:\Program Files (x86)\K-Lite Codec Pack 2013-09-30 15:38:16 ----D---- C:\Windows\system32\Tasks 2013-09-30 15:38:15 ----D---- C:\Windows\Tasks 2013-09-30 15:37:39 ----D---- C:\Program Files (x86)\Common Files 2013-09-24 22:07:02 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-09-16 20:36:25 ----D---- C:\Windows\system32\wfp 2013-09-16 20:35:34 ----D---- C:\Windows\SYSWOW64\Macromed 2013-09-16 20:35:32 ----D---- C:\Windows\AppCompat 2013-09-16 20:35:32 ----D---- C:\Users\Danielle\AppData\Roaming\FinalTorrent 2013-09-16 20:35:31 ----D---- C:\ProgramData\Symantec 2013-09-16 20:35:29 ----D---- C:\Windows\registration ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-09-05 45880] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-10-13 409624] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-09-30 46368] R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-02 22576] R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-02 20016] R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-02 60464] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k62x64.sys [2009-09-23 283824] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-01-10 12311904] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-09-02 1994272] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-10-30 244736] R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-02-25 2426672] R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2009-01-09 31744] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264] R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896] S0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2010-12-21 36328] S3 cpuz132;cpuz132; \??\C:\Users\Danielle\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 flashusb;flashusb; C:\Windows\system32\DRIVERS\flashusb.sys [2011-10-27 19968] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 ivusb;Initio Driver for USB Default Controller; C:\Windows\system32\DRIVERS\ivusb.sys [2010-03-10 29720] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920] S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-12-21 136264] S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-12-21 19016] S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-12-21 172104] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\drivers\usb8023x.sys [2013-02-12 19968] S3 USB28xxBGA;PCTV 330e/800e Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-08 576640] S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-08 54528] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-09-28 53760] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 vmcam325av;Vimicro USB2.0 PC Camera(VC0323); C:\Windows\System32\Drivers\Vm323av64.sys [2007-03-27 163840] S3 vvftav323;vvftav323; C:\Windows\system32\drivers\vvftav323.sys [2007-03-27 301824] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-10-13 354840] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-09-30 268824] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-08-13 62208] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-11-13 1103392] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-11-13 1369624] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-11-13 168384] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-09-30 2320920] R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160] R2 USBS3S4Detection;USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [2009-12-09 76320] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-12-12 641504] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] S2 vToolbarUpdater17.0.1;vToolbarUpdater17.0.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376] S3 Boonty Games;Boonty Games; C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe [2010-09-13 69120] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-06-18 135664] S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-09-11 118680] S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-10 305448] S3 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-08-25 935208] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-27 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
  11. Daantjevw
    ja dat zou ook een optie kunnen zijn. mij maakt het niet uit wil gewoon dat het weer soepel loopt staat ook veels te veel "troep" op.
  12. Daantjevw
    Ja super ik heb hem gevonden!!! Ik moet nog even wat spullen veilig stellen daarna ga ik het proberen! Laat je weten hoe het af loopt, als je niets meer hoort dan uh heb ik het niet goed gedaan xD:D
  13. Daantjevw
    bedoel je dit?
  14. Daantjevw
    Hallo, Wie kan en wil mij helpen. Ik heb een Acer Aspire X3900 desktop, 64 bit. Ik wil deze heel graag opnieuw installeren, want het loopt heel slecht. echter weet ik niet waar te beginnen. Geen recovery cd. Als ik bij computer kijk zie ik 2 schijven (C:) en (D:) maar hier staat geen recovery bij. Graag wel in "blondjes" taal xD Groetjes, Danielle
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.