-
Looks good.
How is computer doing?
You can reinstall AVG now.
http://dev.discussions.virtualdr.forums.relay.cool/ Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Double click on adwcleaner.exe to run the tool.
- Click on Delete.
- Confirm each time with Ok.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the contents of that logfile with your next reply.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
http://dev.discussions.virtualdr.forums.relay.cool/ Please download Junkware Removal Tool to your desktop.
- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
http://dev.discussions.virtualdr.forums.relay.cool/ Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Click the Scan All Users checkbox.
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
-
# AdwCleaner v2.300 - Verslag gemaakt op 04/05/2013 om 11:56:34
# Geactualiseerd op 28/04/2013 door Xplode
# Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Gebruiker : Meo - PC_VAN_MEO
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Meo\Desktop\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Map Verwijdert : C:\ProgramData\AVG Security Toolbar
Map Verwijdert : C:\Users\Meo\AppData\Local\AVG Security Toolbar
Map Verwijdert : C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Map Verwijdert : C:\Users\Meo\AppData\LocalLow\AVG Security Toolbar
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Sleutel Verwijdert : HKCU\Software\AVG Security Toolbar
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
***** [Browsers] *****
-\\ Internet Explorer v7.0.6001.18602
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v20.0.1 (nl)
File : C:\Users\Meo\AppData\Roaming\Mozilla\Firefox\Profiles\8ehtkf2i.default\prefs.js
Verwijdert : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Verwijdert : user_pref("browser.search.selectedEngine", "AVG Secure Search");
-\\ Google Chrome v26.0.1410.64
File : C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Preferences
Verwijdert [l.27] : icon_url = "hxxp://isearch.avg.com/favicon.ico",
Verwijdert [l.30] : keyword = "isearch.avg.com",
Verwijdert [l.34] : search_url = "hxxp://isearch.avg.com/search?cid={DF5570F4-F975-4E56-BA74-D25803B7E433}&mid=db[...]
*************************
AdwCleaner[R1].txt - [3762 octets] - [04/05/2013 11:48:53]
AdwCleaner[R2].txt - [3822 octets] - [04/05/2013 11:52:40]
AdwCleaner[S1].txt - [2975 octets] - [04/05/2013 11:56:34]
########## EOF - C:\AdwCleaner[S1].txt - [3035 octets] ##########
===
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.3 (04.29.2013:2)
OS: Windows Vista (TM) Home Premium x86
Ran by Meo on za 04-05-2013 at 11:53:33.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\bho.dll
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Meo\appdata\locallow\boost_interprocess"
~~~ FireFox
Successfully deleted the following from C:\Users\Meo\AppData\Roaming\mozilla\firefox\profiles\8ehtkf2i.default\prefs.js
user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B6279e5e4-e15c-4282-bc8b-e004207d62be%7D&mid=db4477f097ef47d1976bd16acd100928-bae3ed9ff537164695a82ca2a0aa4b5d0ae
Emptied folder: C:\Users\Meo\AppData\Roaming\mozilla\firefox\profiles\8ehtkf2i.default\minidumps [66 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on za 04-05-2013 at 11:56:06.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
===
-
OTL logfile created on: 4-5-2013 12:24:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Meo\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
3.22 Gb Total Physical Memory | 2.26 Gb Available Physical Memory | 70.31% Memory free
6.66 Gb Paging File | 5.67 Gb Available in Paging File | 85.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143.04 Gb Total Space | 9.20 Gb Free Space | 6.43% Space Free | Partition Type: NTFS
Drive D: | 139.50 Gb Total Space | 2.34 Gb Free Space | 1.68% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive G: | 931.51 Gb Total Space | 145.76 Gb Free Space | 15.65% Space Free | Partition Type: NTFS
Computer Name: PC_VAN_MEO | User Name: Meo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013-05-04 12:19:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Meo\Desktop\OTL.exe
PRC - [2013-05-04 02:07:19 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Meo\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012-12-04 11:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011-12-12 19:21:54 | 022,459,984 | ---- | M] (ooVoo LLC) -- C:\Program Files\ooVoo\ooVoo.exe
PRC - [2011-04-10 21:39:02 | 000,224,000 | ---- | M] () -- C:\Program Files\uTorrent\uTorrent.exe
PRC - [2011-03-21 23:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2009-12-02 23:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009-12-02 23:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2008-11-28 11:56:06 | 000,024,576 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
PRC - [2008-11-28 11:56:02 | 000,380,928 | ---- | M] (acer) -- C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
PRC - [2008-11-28 11:08:46 | 000,417,792 | ---- | M] (Acer Inc.) -- C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
PRC - [2008-10-29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008-10-17 14:54:38 | 000,167,936 | ---- | M] (Acer Corp.) -- C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2008-10-08 21:49:20 | 000,167,936 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
PRC - [2008-10-08 21:49:12 | 000,147,456 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2008-10-04 04:09:02 | 000,069,632 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
PRC - [2008-09-18 13:00:10 | 006,294,048 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008-09-11 23:46:38 | 000,544,768 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
PRC - [2008-07-29 18:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008-07-29 18:52:50 | 000,526,896 | ---- | M] (Egis Incorporated) -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
PRC - [2008-06-30 17:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2008-06-17 06:23:24 | 000,817,672 | ---- | M] (Dritek System Inc.) -- C:\Program Files\Launch Manager\QtZgAcer.EXE
PRC - [2008-03-18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2007-12-06 17:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
========== Modules (No Company Name) ==========
MOD - [2011-04-14 16:34:18 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\764e4a8bba4cee63ccd677c623eb50a0\System.ServiceProcess.ni.dll
MOD - [2011-04-14 16:34:11 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\95b780b82a20fb7c463b78f034329df5\System.Runtime.Remoting.ni.dll
MOD - [2011-04-14 16:34:04 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\b307fcf27673a18c3660e4f3438a454c\System.Web.ni.dll
MOD - [2011-04-14 16:33:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\fb9f4da6dd18b147baca425a0f5fe3b5\System.Configuration.ni.dll
MOD - [2011-04-14 16:33:19 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\8a9c5b28b8dad1f360de1380ba72446a\Accessibility.ni.dll
MOD - [2011-04-14 03:28:38 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7b1cc9a5490437cd5c0d5fb5ea3c0e34\System.Xml.ni.dll
MOD - [2011-04-14 03:28:13 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\bd2b1592d28bd0eed480f40d5f63b86c\System.Windows.Forms.ni.dll
MOD - [2011-04-14 03:28:00 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e9f88677c9a7357c3ce76cdaae8d4654\System.Drawing.ni.dll
MOD - [2011-04-14 03:26:28 | 007,949,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d55579c9c2c8ca58c6379eda52a97c9e\System.ni.dll
MOD - [2011-04-14 03:25:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\70df10917822b8ef1379b9820e7281c1\mscorlib.ni.dll
MOD - [2011-04-10 21:39:02 | 000,224,000 | ---- | M] () -- C:\Program Files\uTorrent\uTorrent.exe
MOD - [2011-04-10 02:40:12 | 001,691,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3266.29383__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:12 | 000,278,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3266.29368__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:12 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3266.29384__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:12 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3266.29438__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:12 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3266.29380__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:12 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3266.29405__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:12 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3266.29375__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:11 | 000,466,944 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3266.29459__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:11 | 000,344,064 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3266.29424__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:11 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3266.29459__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:11 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3266.29460__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:11 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3266.29424__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:11 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3266.29374__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:11 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3266.29418__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:11 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3266.29423__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:11 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3266.29458__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3266.29408__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,716,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3266.29376__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3266.29385__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,450,560 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3266.29403__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3266.29406__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3266.29433__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:10 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3266.29417__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3266.29388__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011-04-10 02:40:10 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3266.29385__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3266.29416__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011-04-10 02:40:10 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3266.29407__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3266.29406__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3266.29388__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3266.29407__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3266.29415__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3266.29417__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011-04-10 02:40:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3218.28677__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011-04-10 02:40:10 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3218.28672__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011-04-10 02:40:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3218.28683__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011-04-10 02:40:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011-04-10 02:40:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3218.28685__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011-04-10 02:40:10 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3218.28705__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3218.28666__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011-04-10 02:40:09 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3218.28692__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011-04-10 02:40:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3218.28702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3218.28694__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3218.28664__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011-04-10 02:40:09 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3218.28685__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3218.28665__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011-04-10 02:40:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3218.28727__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011-04-10 02:40:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3218.28701__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3218.28686__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3218.28693__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3218.28687__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011-04-10 02:40:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3218.28678__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3218.28672__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3218.28689__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3218.28685__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3218.28686__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3218.28687__90ba9c70f846762e\DEM.OS.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3218.28688__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3218.28676__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3218.28690__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3218.28688__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011-04-10 02:40:09 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011-04-10 02:40:08 | 001,073,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3266.29372__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011-04-10 02:40:08 | 000,532,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3266.29447__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011-04-10 02:40:08 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3266.29379__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011-04-10 02:40:08 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3266.29453__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011-04-10 02:40:08 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3266.29367__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011-04-10 02:40:08 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3266.29366__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011-04-10 02:40:08 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3266.29451__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011-04-10 02:40:08 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3266.29365__90ba9c70f846762e\APM.Server.dll
MOD - [2011-04-10 02:40:08 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3266.29368__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011-04-10 02:40:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011-04-10 02:40:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3266.29366__90ba9c70f846762e\AEM.Server.dll
MOD - [2011-04-10 02:40:08 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3266.29468__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011-04-10 02:40:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011-04-10 02:40:08 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3218.28675__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011-04-10 02:40:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3218.28672__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011-04-10 02:40:08 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2011-04-10 02:40:08 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3266.29452__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011-04-10 02:40:08 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3218.28681__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011-04-10 02:40:08 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011-04-10 02:40:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3218.28686__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011-04-10 02:40:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3218.28682__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011-04-10 02:40:08 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3218.28695__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011-04-10 02:40:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.3218.28670__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011-04-10 02:40:08 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3218.28678__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011-04-10 02:40:08 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011-04-10 02:40:08 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011-04-10 02:40:08 | 000,011,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.3266.29476__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2011-04-10 02:40:08 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3266.29366__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011-03-21 23:10:36 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011-03-21 23:10:00 | 001,230,704 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011-03-02 12:40:51 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009-01-15 17:07:53 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.UIComponent\3.0.3013.0__739b31b1908c49e5\Framework.UIComponent.dll
MOD - [2009-01-15 17:07:53 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3013.0__3036420f80dd6947\Framework.Library.dll
MOD - [2009-01-15 17:07:53 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3013.0__4df5dcab8860d239\Framework.Utility.dll
MOD - [2009-01-15 17:07:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3013.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
MOD - [2009-01-07 05:15:38 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008-10-30 14:20:38 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008-10-08 21:49:24 | 000,835,584 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll
MOD - [2008-10-08 21:49:18 | 000,007,680 | ---- | M] () -- C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll
MOD - [2008-09-16 00:24:41 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_nl_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2008-09-16 00:24:41 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_nl_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008-09-16 00:24:41 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_nl_b77a5c561934e089\System.resources.dll
MOD - [2008-07-29 18:52:38 | 000,227,888 | ---- | M] () -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
MOD - [2008-06-30 17:56:32 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Ser
< End of report >
-
vice)
SRV - [2013-04-12 00:14:10 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013-03-13 18:59:30 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012-12-04 11:54:14 | 000,095,232 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009-12-02 23:23:52 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009-12-02 23:23:46 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2008-11-28 11:56:06 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008-10-04 04:09:02 | 000,069,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe -- (CLHNService)
SRV - [2008-07-29 18:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008-03-18 06:27:12 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008-01-21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007-12-06 17:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\ACER\Mobility Center\MobilityService.exe -- (MobilityService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011-06-26 02:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\appliand.sys -- (appliandMP)
DRV - [2011-06-26 02:56:44 | 000,028,256 | ---- | M] (Applian Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\appliand.sys -- (appliand)
DRV - [2010-07-12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2009-12-02 23:23:52 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)
DRV - [2009-12-02 23:23:50 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)
DRV - [2009-12-02 23:23:48 | 000,195,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)
DRV - [2009-12-02 23:23:46 | 000,550,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)
DRV - [2009-01-07 05:18:46 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\ahcix86s.sys -- (ahcix86s)
DRV - [2009-01-07 05:18:08 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009-01-07 05:17:14 | 004,172,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008-12-25 11:30:22 | 000,155,808 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008-10-01 11:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008-07-28 09:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008-07-22 13:58:00 | 000,047,616 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1E60x86.sys -- (L1E)
DRV - [2008-05-28 18:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008-03-21 06:13:00 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008-01-21 04:24:59 | 000,184,320 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\netbt.sys -- (netbt)
DRV - [2007-03-28 08:51:40 | 000,043,008 | ---- | M] (Winbond Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winbondcir.sys -- (winbondcir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...m=aspire_6530g
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=...m=aspire_6530g
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..\SearchScopes,DefaultScope = {4C0E39F5-ADB1-483E-BB80-1CE1A447A6F7}
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..\SearchScopes\{4C0E39F5-ADB1-483E-BB80-1CE1A447A6F7}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_nl
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2566207760-138600398-835594781-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1390
FF - prefs.js..extensions.enabledItems: avg@toolbar:10.0.0.7
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011-04-11 04:11:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011-04-11 04:12:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013-02-08 23:39:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-12 00:14:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-04-12 00:14:02 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013-04-12 00:14:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013-04-12 00:14:02 | 000,000,000 | ---D | M]
[2011-04-10 21:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Meo\AppData\Roaming\mozilla\Extensions
[2012-11-23 23:21:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Meo\AppData\Roaming\mozilla\Firefox\Profiles\8ehtkf2i.default\extensions
[2012-11-23 23:21:55 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Meo\AppData\Roaming\mozilla\firefox\profiles\8ehtkf2i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013-04-12 00:14:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013-04-12 00:14:01 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013-04-12 00:14:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011-04-10 21:41:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012-12-17 20:08:20 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012-12-17 20:08:20 | 000,002,616 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bolcom-nl.xml
[2012-12-17 20:08:20 | 000,004,771 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\marktplaats-nl.xml
[2012-05-30 23:32:45 | 000,001,111 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\vandale-nl.xml
[2012-12-17 20:08:20 | 000,001,262 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-nl.xml
[2012-05-30 23:32:45 | 000,001,106 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-nl.xml
========== Chrome ==========
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = http://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: SiteAdvisor = C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: DivX HiQ = C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: Skype Click to Call = C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\
CHR - Extension: AVG Security Toolbar = C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Meo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
O1 HOSTS File: ([2013-05-03 12:03:31 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [eAudio] C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe (Acer Incorporated)
O4 - HKLM..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
O4 - HKLM..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe (Acer Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE (Dritek System Inc.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-2566207760-138600398-835594781-1000..\Run: [ooVoo.exe] C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
O4 - HKU\S-1-5-21-2566207760-138600398-835594781-1000..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4 - HKU\S-1-5-21-2566207760-138600398-835594781-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe ()
O4 - HKU\S-1-5-21-2566207760-138600398-835594781-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..Trusted Domains: localhost ([]http in )
O15 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..Trusted Ranges: GD ([http] in )
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{757B1AE9-CE4A-4113-BE9A-A34A6066654C}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\Acer01.JPG
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer01.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006-09-18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010-05-06 04:47:26 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002-10-16 19:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013-05-04 12:19:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Meo\Desktop\OTL.exe
[2013-05-04 11:53:16 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013-05-04 11:53:01 | 000,000,000 | ---D | C] -- C:\JRT
[2013-05-04 11:46:43 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Meo\Desktop\JRT.exe
[2013-05-03 12:08:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013-05-03 12:03:36 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013-05-03 11:49:04 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013-05-03 11:49:04 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013-05-03 11:49:04 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013-05-03 11:48:54 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013-05-03 11:48:18 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013-05-03 11:45:25 | 005,064,153 | R--- | C] (Swearware) -- C:\Users\Meo\Desktop\ComboFix.exe
[2013-05-03 11:34:44 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013-05-03 11:29:10 | 001,081,860 | ---- | C] (OPSWAT, Inc.) -- C:\Users\Meo\Desktop\AppRemover.exe
[2013-05-02 12:46:34 | 000,000,000 | ---D | C] -- C:\FRST
[2013-05-02 11:55:53 | 001,150,947 | ---- | C] (Farbar) -- C:\Users\Meo\Desktop\FRST.exe
[2013-05-02 11:55:35 | 001,712,230 | ---- | C] (Farbar) -- C:\Users\Meo\Desktop\FRST64.exe
[2013-05-01 11:54:45 | 000,000,000 | ---D | C] -- C:\Windows\snack
[2013-05-01 11:50:39 | 000,000,000 | ---D | C] -- C:\Users\Meo\Desktop\RK_Quarantine
[2013-05-01 11:50:26 | 000,000,000 | ---D | C] -- C:\Users\Meo\Desktop\mbar
[2013-04-30 13:40:00 | 000,000,000 | ---D | C] -- C:\Users\Meo\AppData\Roaming\Malwarebytes
[2013-04-30 13:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013-04-30 13:39:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013-04-30 13:39:50 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013-04-30 13:39:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013-04-30 13:39:17 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Meo\Desktop\dds.com
[2013-04-29 14:18:27 | 000,000,000 | ---D | C] -- C:\Users\Meo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mega Codec Pack
[2013-04-29 14:18:22 | 000,000,000 | ---D | C] -- C:\Program Files\Mega Codec Pack
[2013-04-12 00:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013-04-11 02:12:03 | 000,000,000 | ---D | C] -- C:\Users\Meo\AppData\Roaming\LibreOffice
[2013-04-10 20:36:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.0
[2013-04-10 20:26:24 | 000,000,000 | ---D | C] -- C:\Program Files\LibreOffice 4.0
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013-05-04 12:19:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Meo\Desktop\OTL.exe
[2013-05-04 12:05:46 | 000,667,796 | ---- | M] () -- C:\Windows\System32\perfh013.dat
[2013-05-04 12:05:46 | 000,587,622 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013-05-04 12:05:46 | 000,127,040 | ---- | M] () -- C:\Windows\System32\perfc013.dat
[2013-05-04 12:05:46 | 000,101,436 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013-05-04 12:04:01 | 000,000,358 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_Meo.job
[2013-05-04 12:04:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013-05-04 12:04:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013-05-04 12:01:47 | 000,000,000 | ---- | M] () -- C:\Windows\System32\LogConfigTemp.xml
[2013-05-04 11:59:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013-05-04 11:59:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013-05-04 11:59:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-05-04 11:52:00 | 000,166,400 | ---- | M] () -- C:\Users\Meo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013-05-04 11:46:44 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Meo\Desktop\JRT.exe
[2013-05-04 11:45:53 | 000,628,743 | ---- | M] () -- C:\Users\Meo\Desktop\adwcleaner.exe
[2013-05-04 02:59:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-05-03 12:03:31 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013-05-03 11:45:44 | 005,064,153 | R--- | M] (Swearware) -- C:\Users\Meo\Desktop\ComboFix.exe
[2013-05-03 11:29:12 | 001,081,860 | ---- | M] (OPSWAT, Inc.) -- C:\Users\Meo\Desktop\AppRemover.exe
[2013-05-02 15:53:10 | 073,722,750 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm.old
[2013-05-02 11:55:56 | 001,150,947 | ---- | M] (Farbar) -- C:\Users\Meo\Desktop\FRST.exe
[2013-05-02 11:55:39 | 001,712,230 | ---- | M] (Farbar) -- C:\Users\Meo\Desktop\FRST64.exe
[2013-05-01 14:19:43 | 000,000,680 | ---- | M] () -- C:\Users\Meo\AppData\Local\d3d9caps.dat
[2013-05-01 11:57:04 | 000,184,320 | ---- | M] () -- C:\Windows\System32\drivers\netbt.sys.dump
[2013-05-01 11:41:35 | 012,917,756 | ---- | M] () -- C:\Users\Meo\Desktop\mbar-1.05.0.1001.zip
[2013-05-01 11:40:23 | 000,816,128 | ---- | M] () -- C:\Users\Meo\Desktop\RogueKiller.exe
[2013-04-30 13:39:52 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-04-30 13:39:18 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Meo\Desktop\dds.com
[2013-04-17 19:09:41 | 000,001,561 | ---- | M] () -- C:\Users\Meo\Documents\Motivatie Kpn Save.rtf
[2013-04-11 19:04:12 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013-04-11 01:30:07 | 000,352,536 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013-04-10 20:36:15 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\LibreOffice 4.0.lnk
[2013-04-04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013-05-04 11:45:52 | 000,628,743 | ---- | C] () -- C:\Users\Meo\Desktop\adwcleaner.exe
[2013-05-03 11:49:04 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013-05-03 11:49:04 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013-05-03 11:49:04 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013-05-03 11:49:04 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013-05-03 11:49:04 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013-05-01 11:54:45 | 000,184,320 | ---- | C] () -- C:\Windows\System32\drivers\netbt.sys.dump
[2013-05-01 11:41:29 | 012,917,756 | ---- | C] () -- C:\Users\Meo\Desktop\mbar-1.05.0.1001.zip
[2013-05-01 11:40:21 | 000,816,128 | ---- | C] () -- C:\Users\Meo\Desktop\RogueKiller.exe
[2013-04-30 13:39:52 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013-04-10 20:36:15 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\LibreOffice 4.0.lnk
[2012-05-03 17:26:42 | 000,000,356 | ---- | C] () -- C:\Users\Meo\AppData\Roaming\wklnhst.dat
[2011-12-16 04:50:49 | 000,000,510 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011-08-24 17:28:29 | 000,000,680 | ---- | C] () -- C:\Users\Meo\AppData\Local\d3d9caps.dat
[2011-04-27 19:38:36 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011-04-10 05:24:41 | 000,166,400 | ---- | C] () -- C:\Users\Meo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006-11-02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011-01-21 17:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009-03-03 06:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-01-21 04:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009-01-15 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2009-01-15 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009-01-15 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Acer GameZone Console
[2011-06-29 00:31:40 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\AVG10
[2011-12-13 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\AVG2012
[2013-03-10 15:52:03 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Kingsoft
[2013-04-11 02:12:03 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\LibreOffice
[2012-01-15 01:26:57 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\ooVoo Details
[2011-05-19 02:26:44 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\PowerCinema
[2012-08-06 19:11:17 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Replay Media Catcher 4
[2011-05-11 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\SoftDMA
[2013-04-16 21:59:59 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\SoftGrid Client
[2012-05-03 17:32:59 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Template
[2012-03-16 03:19:41 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\TP
[2013-05-04 12:31:48 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\uTorrent
[2013-02-01 03:35:30 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\XMind
[2012-03-16 03:16:10 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\{90140011-0061-0413-0000-0000000FF1CE}
========== Purity Check ==========
-
-
So far so good. il go reinstall AVG
and taker for a spin tonight.
Anything left to do to unsure my comps safety? are we out of the woods?
Thanks for all the help so far man
-
http://dev.discussions.virtualdr.forums.relay.cool/ Make sure AVG is back on.
http://dev.discussions.virtualdr.forums.relay.cool/ OTL log is incomplete.
There is more following this line:
========== Purity Check ==========
-
OK i rechecked the OTL log it was done besides the words end of report. i Pasted it below
One thing that has changed though since the virus is when i start my computer it boots up gets to the user login for windows - i sign in press enter and it switches to a black screen for about 2-3 straight minutes maybe 5 il have to time its pretty long . then it skips away and goes into starting up windows the software the tray the toolbars etc and the computer becomes usable.
I keep forgetting about avg gonna do that right now.
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008-01-21 04:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009-01-15 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2009-01-15 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
[2009-01-15 17:47:25 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Acer GameZone Console
[2011-06-29 00:31:40 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\AVG10
[2011-12-13 22:52:13 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\AVG2012
[2013-03-10 15:52:03 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Kingsoft
[2013-04-11 02:12:03 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\LibreOffice
[2012-01-15 01:26:57 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\ooVoo Details
[2011-05-19 02:26:44 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\PowerCinema
[2012-08-06 19:11:17 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Replay Media Catcher 4
[2011-05-11 18:10:40 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\SoftDMA
[2013-04-16 21:59:59 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\SoftGrid Client
[2012-05-03 17:32:59 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\Template
[2012-03-16 03:19:41 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\TP
[2013-05-04 12:31:48 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\uTorrent
[2013-02-01 03:35:30 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\XMind
[2012-03-16 03:16:10 | 000,000,000 | ---D | M] -- C:\Users\Meo\AppData\Roaming\{90140011-0061-0413-0000-0000000FF1CE}
========== Purity Check ==========
< End of report >
-
http://dev.discussions.virtualdr.forums.relay.cool/ Did you reinstall AVG?
http://dev.discussions.virtualdr.forums.relay.cool/ Run OTL
- Under the Custom Scans/Fixes box at the bottom, paste in the following
Code:
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
FF - user.js - File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O4 - HKU\S-1-5-21-2566207760-138600398-835594781-1000..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O15 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..Trusted Domains: localhost ([]http in )
O15 - HKU\S-1-5-21-2566207760-138600398-835594781-1000\..Trusted Ranges: GD ([http] in )
:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
- Then click the Run Fix button at the top
- Let the program run unhindered, reboot the PC when it is done
- You will get a log that shows the results of the fix. Please post it.
NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.
Last scans...
http://dev.discussions.virtualdr.forums.relay.cool/ Download Security Check from here or here and save it to your Desktop.
- Double-click SecurityCheck.exe
- Follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.
http://dev.discussions.virtualdr.forums.relay.cool/ Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
- Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
- Windows Defender
- Other Services
- Press "Scan".
- It will create a log (FSS.txt) in the same directory the tool is run.
- Please copy and paste the log to your reply.
http://dev.discussions.virtualdr.forums.relay.cool/ Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
- Double click on TFC.exe to run the program.
- Click on Start button to begin cleaning process.
- TFC will close all running programs, and it may ask you to restart computer.
http://dev.discussions.virtualdr.forums.relay.cool/ Please run a free online scan with the ESET Online Scanner
- Disable your antivirus program
- Tick the box next to YES, I accept the Terms of Use
- Click Start
- Accept any security warnings from your browser.
- Check Scan archives
- Click Start
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, click on List of found threats
- Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
- NOTE. If Eset won't find any threats, it won't produce any log.
-
-
NEw problem.
Installed avg yesterday night, responded back on the thread and went to bed.
Today my internet doesnt work.
It clearly does work since im on somebody elses laptop now from the same internet network.
The only thing that changed was installing avg.
Il do the scans you said and post back
-
Ok did OTL and fss , the other download links (both) were down and the fss scanner is online witch icant use because of my not functioning Internet
Both logs below.
All processes killed
========== OTL ==========
Service NwlnkFwd stopped successfully!
Service NwlnkFwd deleted successfully!
File system32\DRIVERS\nwlnkfwd.sys not found.
Service NwlnkFlt stopped successfully!
Service NwlnkFlt deleted successfully!
File system32\DRIVERS\nwlnkflt.sys not found.
Service IpInIp stopped successfully!
Service IpInIp deleted successfully!
File system32\DRIVERS\ipinip.sys not found.
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\ComboFix\catchme.sys not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_USERS\S-1-5-21-2566207760-138600398-835594781-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ProductReg deleted successfully.
C:\Program Files\Acer\WR_PopUp\ProductReg.exe moved successfully.
Registry key HKEY_USERS\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\localhost\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2566207760-138600398-835594781-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\GD\\http deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Meo
->Temp folder emptied: 111348827 bytes
->Temporary Internet Files folder emptied: 133218566 bytes
->Java cache emptied: 19891 bytes
->FireFox cache emptied: 87506041 bytes
->Google Chrome cache emptied: 305180484 bytes
->Flash cache emptied: 262067 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 23176 bytes
RecycleBin emptied: 939125476 bytes
Total Files Cleaned = 1
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Meo
->Java cache emptied: 0 bytes
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default
User: Default User
User: Meo
->Flash cache emptied: 0 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05082013_141237
Files\Folders moved on Reboot...
C:\Users\Meo\AppData\Local\Temp\CVHLauncher(20130508140751434).log moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
-
Farbar Service Scanner Version: 14-04-2013
Ran by Meo (administrator) on 08-05-2013 at 14:25:38
Running from "C:\Users\Meo\Desktop"
Windows Vista (TM) Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error.
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error.
Attempt to access Yahoo.com returned error: Other errors
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2011-04-10 21:56] - [2010-06-16 17:59] - 0898952 ____A (Microsoft Corporation) 782568AB6A43160A159B6215B70BCCE9
C:\Windows\system32\dnsrslvr.dll
[2011-04-14 00:45] - [2011-03-02 16:49] - 0086528 ____A (Microsoft Corporation) 4805D9A6D281C7A7DEFD9094DEC6AF7D
C:\Windows\system32\mpssvc.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0393216 ____A (Microsoft Corporation) D1639BA315B0D79DEC49A4B0E1FB929B
C:\Windows\system32\bfe.dll
[2008-01-21 04:23] - [2008-01-21 04:23] - 0328704 ____A (Microsoft Corporation) 8582E233C346AEFE759833E8A30DD697
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe
[2008-01-21 04:23] - [2008-01-21 04:23] - 1054720 ____A (Microsoft Corporation) D5FB73D19C46ADE183F968E13F186B23
C:\Windows\system32\wscsvc.dll
[2008-01-21 04:23] - [2008-01-21 04:23] - 0061440 ____A (Microsoft Corporation) 683DD16B590372F2C9661D277F35E49C
C:\Windows\system32\wbem\WMIsvc.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2008-01-21 04:25] - [2008-01-21 04:25] - 0758272 ____A (Microsoft Corporation) 02ED7B4DBC2A3232A389106DA7515C3D
C:\Windows\system32\es.dll
[2009-01-15 15:44] - [2008-04-18 07:48] - 0269312 ____A (Microsoft Corporation) 3CB3343D720168B575133A0A20DC2465
C:\Windows\system32\cryptsvc.dll
[2008-01-21 04:24] - [2008-01-21 04:24] - 0128000 ____A (Microsoft Corporation) 6DE363F9F99334514C46AEC02D3E3678
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2011-04-10 22:00] - [2009-03-03 06:39] - 0551424 ____A (Microsoft Corporation) 301AE00E12408650BADDC04DBC832830
**** End of log ****
-
Please download MiniToolBox, save it to your desktop and run it.
Checkmark following boxes:
- Report IE Proxy Settings
- Report FF Proxy Settings
- List content of Hosts
- List IP configuration
- List Winsock Entries
- List last 10 Event Viewer log
- List Devices (do NOT change any settings)
- List Restore Points
Click Go and post the result.
-
ok
done and, pasted below
MiniToolBox by Farbar Version:21-04-2013
Ran by Meo (administrator) on 09-05-2013 at 01:18:49
Running from "C:\Users\Meo\Desktop"
Windows Vista (TM) Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
========================= FF Proxy Settings: ==============================
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Atheros AR5B91 Wireless Network Adapter = Draadloze netwerkverbinding (Connected)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = LAN-verbinding (Media disconnected)
# ----------------------------------
# IPv4-configuratie
# ----------------------------------
pushd interface ipv4
reset
set global
popd
# Einde van IPv4-configuratie
Windows IP-configuratie
Hostnaam . . . . . . . . . . . . : PC_van_Meo
Primair DNS-achtervoegsel . . . . :
Knooppunttype . . . . . . . . . . : hybride
IP-routering ingeschakeld . . . . : nee
WINS-proxy ingeschakeld . . . . . : nee
Tunnel-adapter LAN-verbinding* 6:
Mediumstatus. . . . . . . . . . . : medium ontkoppeld
Verbindingsspec. DNS-achtervoegsel:
Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fysiek adres. . . . . . . . . . . : 02-00-54-55-4E-01
DHCP ingeschakeld . . . . . . . . : nee
Autom. configuratie ingeschakeld : ja
Server: UnKnown
Address: 127.0.0.1
Ping-aanvraag kan host google.com niet vinden.
Controleer de naam en probeer het opnieuw.
Server: UnKnown
Address: 127.0.0.1
Ping-aanvraag kan host yahoo.com niet vinden.
Controleer de naam en probeer het opnieuw.
Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
Ping-statistieken voor 127.0.0.1:
Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
(0% verlies).
De gemiddelde tijd voor het uitvoeren van ‚‚n bewerking in milliseconden:
Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
===========================================================================
Interfacelijst
1 ........................... Software Loopback Interface 1
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 routetabel
===========================================================================
Actieve routes:
Netwerkadres Netmasker Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Permanente routes:
Geen
IPv6 routetabel
===========================================================================
Actieve routes:
Indien metrische netwerkbestemming Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Permanente routes:
Geen
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (05/08/2013 02:36:09 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/08/2013 02:22:13 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/08/2013 02:10:30 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=15:app=Microsoft Word 2010 9014006104130000:tid=72C}
Toepassing kan niet worden gesloten (thread wordt nog steeds gestart)
Error: (05/08/2013 01:07:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/06/2013 10:08:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/06/2013 10:07:37 PM) (Source: Windows Search Service) (User: )
Description: De vermelding <C:\USERS\MEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\8EHTKF2I.DEFAULT\CACHE\7> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing , catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
Error: (05/06/2013 10:07:37 PM) (Source: Windows Search Service) (User: )
Description: De vermelding <C:\USERS\MEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\8EHTKF2I.DEFAULT\CACHE\7> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing , catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
Error: (05/06/2013 10:07:37 PM) (Source: Windows Search Service) (User: )
Description: De vermelding <C:\USERS\MEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\8EHTKF2I.DEFAULT\CACHE\6> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing , catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
Error: (05/06/2013 10:07:37 PM) (Source: Windows Search Service) (User: )
Description: De vermelding <C:\USERS\MEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\8EHTKF2I.DEFAULT\CACHE\6> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing , catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
Error: (05/06/2013 10:07:36 PM) (Source: Windows Search Service) (User: )
Description: De vermelding <C:\USERS\MEO\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\8EHTKF2I.DEFAULT\CACHE\5> in de hash-toewijzing kan niet worden bijgewerkt.
Context: toepassing , catalogus SystemIndex
Details:
Een apparaat dat op het systeem is aangesloten, werkt niet. (0x8007001f)
System errors:
=============
Error: (05/08/2013 02:36:09 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization HandlerApplication Virtualization Client%%1070
Error: (05/08/2013 02:36:09 PM) (Source: Service Control Manager) (User: )
Description: Internet Connection Sharing (ICS)
Error: (05/08/2013 02:36:09 PM) (Source: Service Control Manager) (User: )
Description: Application Virtualization Client
Error: (05/08/2013 02:33:26 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (05/08/2013 02:31:22 PM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5
Error: (05/08/2013 02:22:13 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization HandlerApplication Virtualization Client%%1070
Error: (05/08/2013 02:22:13 PM) (Source: Service Control Manager) (User: )
Description: Internet Connection Sharing (ICS)
Error: (05/08/2013 02:22:13 PM) (Source: Service Control Manager) (User: )
Description: Application Virtualization Client
Error: (05/08/2013 02:19:30 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos
Error: (05/08/2013 02:17:09 PM) (Source: Service Control Manager) (User: )
Description: ScRegSetValueExWFailureActions%%5
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-05-04 12:34:29.491
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\SysHook.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-04 12:34:29.302
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\SysHook.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-04 12:34:25.952
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\atiumdag.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-04 12:34:25.807
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\atiumdag.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-04 12:34:25.633
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\PROGRA~1\McAfee\SITEAD~1\sahook.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-04 12:34:25.630
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\PROGRA~1\McAfee\SITEAD~1\sahook.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-03 11:34:22.838
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-03 11:34:22.682
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-03 11:34:22.511
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2013-05-03 11:34:22.214
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files\AVG\AVG10\Drivers\Vista\AVGIDSDriver.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
========================= Devices: ================================
========================= Restore Points ==================================
07-05-2013 23:01:01 Installed AVG 2013
07-05-2013 23:02:07 Installed AVG 2013
08-05-2013 14:54:21 Gepland herstelpunt
**** End of log ****
