Jump to content

yavanda

Members
  • Posts

    20
  • Joined

  • Last visited

Everything posted by yavanda

  1. Thanks for the help, how do I uninstall Kaspersky AVP? The only thing that I can find about that program is the setup.exe program for it.
  2. I scanned again with kaspersky & malwarebytes both don't detect any objects. the svoste.exe file that kept getting back after reboot also doesn't seem to show up anymore
  3. Okay, So the scan is finally done, however, the scan crashed and I had to reinstall the program because I couldn't find the program itself anywhere to go further with the initial scan, but this time it was done in less then an hour. Now since it crashed and I had to reinstall the program, the scan no longer shows the 2 detected trojans so there isn't any log for me to post. What do I do now?
  4. Uhm, it's been stuck at 8% for over a half day now. Scan has been going for ~9 Hours, is this normal? I will leave the computer on over night if needed.
  5. It's scanning at the moment, however it's going very slow, it says Finish time: 1 Day
  6. I uninstalled Avira and it seems to have stopped. I now have Kasperky Virus Removal Tool running, as instructed by Borislav. I'm sorry for this topic I kind of paniced when I keep seeing infection detected on multiple anti-virus softwares and I will wait on further instructions from Borislav after the Kasperky Virus Removal Tool is done running. You can remove/close this thread if you'd like.
  7. Here are the dds logs, please. What is happening now is that everytime avira is getting a detection, I click on remove and after avira is done scanning I get another detection from AVG, which says the infection is C'\Program Files(x86)\Avira\AntiVir Desktop\avscan.exe. And another one called c:\ProgramData\Avira\Antivir Desktop\TEMP\AVSCAN-20140219-some other digits and when I delete that WITH AVG, I get another infection detected from AVIRA WHAT IS GOING ON . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 18-5-2012 16:57:10 System Uptime: 19-2-2014 8:02:40 (0 hours ago) . Motherboard: Foxconn | | 2ABF Processor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 453 GiB total, 198,298 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1,587 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: LinksysbyCisco Internet Gateway Device Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446 Manufacturer: Name: LinksysbyCisco Internet Gateway Device PNP Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446 Service: . ==== System Restore Points =================== . RP229: 16-2-2014 10:41:51 - ComboFix created restore point RP230: 17-2-2014 0:02:44 - Removed Hi-Rez Studios Games RP231: 17-2-2014 23:18:14 - Windows Update . ==== Installed Programs ====================== . .sol Editor 1.1.0.1 7-Zip 9.22beta 802.11n Wireless LAN Card Adobe Flash Player 12 ActiveX Adobe Flash Player 12 Plugin Agatha Christie - Peril at End House AuthenTec TrueAPI AVG 2013 Avira Avira Free Antivirus Batman: Arkham Asylum GOTY Edition Battle.net Bejeweled 3 BitTorrent Blackhawk Striker 2 Blasterball 3 Bounce Symphony Cake Mania CCleaner Chronicles of Albian Chuzzle Deluxe Cisco Network Magic Counter-Strike: Global Offensive Cradle of Rome 2 Curse Client D3DX10 Diablo III Dota 2 Dropbox ESET Online Scanner v3 F.E.A.R. 3 f.lux Farm Frenzy FATE Final Drive: Nitro GeForce Experience NvStream Client Components Google Chrome Governor of Poker 2 Premium Edition Hearthstone Hewlett-Packard ACLM.NET v1.2.2.3 HP Auto HP Client Services HP Customer Experience Enhancements HP Games HP LinkUp HP Odometer HP Setup HP Setup Manager HP SimplePass PE 2011 HP Support Assistant HP Support Information HP Update HP Vision Hardware Diagnostics Infestation Survivor Stories version 1.0 Infestation: Survivor Stories Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Java 7 Update 45 Java Auto Updater JavaFX 2.1.1 Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update LabelPrint League of Legends Left 4 Dead 2 Magic Desktop Mah Jong Medley Malwarebytes Anti-Malware versie 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4.5 NLD Language Pack Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Mathematics Microsoft Office 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 Microsoft XNA Framework Redistributable 4.0 Minecraft1.5.2 Mozilla Firefox 19.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN Network Magic Norton Online Backup NVIDIA-configuratiescherm 331.82 NVIDIA 3D Vision controllerstuurprogramma 331.82 NVIDIA 3D Vision stuurprogramma 331.82 NVIDIA GeForce Experience 1.7.1 NVIDIA Grafisch stuurprogramma 331.82 NVIDIA HD Audio-stuurprogramma 1.3.26.4 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.0725 NVIDIA ShadowPlay 9.3.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update 9.3.21 NVIDIA Update Components NVIDIA Virtual Audio 1.2.9 Open Broadcaster Software PDF Complete Special Edition Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Poker Superstars III Polar Bowler Polar Golfer Power2Go PunkBuster Services Pure Networks Platform RaidCall Razer Naga Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver Rust Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) SHIELD Streaming Skype™ 6.11 Slingo Supreme StarCraft II Taalpakket voor Microsoft .NET Framework 4.5 - NLD TeamViewer 9 Tibia Tibia Testserver Tibiacast Update Installer for WildTangent Games App Vacation Quest - The Hawaiian Islands VC80CRTRedist - 8.0.50727.6195 Ventrilo Client VIP Access SDK (1.0.1.4) Virtual Villagers 5 - New Believers Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables VLC media player 2.0.6 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (32-bit) World of Warcraft World of Warcraft Beta Zuma Deluxe . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16518 BrowserJavaVersion: 10.45.2 Run by marco at 8:53:36 on 2014-02-19 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6125.3032 [GMT 1:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\Desktop\setup_11.0.1.1245.x01_2014_02_19_09_38.exe C:\Users\marco\AppData\Local\Temp\RarSFX0\4833685.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Users\marco\AppData\Local\Temp\2441710\4833685.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\taskhost.exe C:\Windows\System32\svchost.exe -k swprv C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe c:\program files (x86)\avira\antivir desktop\avscan.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll uRun: [F.lux] "C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash mRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min mRunOnce: [GrpConv] grpconv -o StartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\marco\AppData\Local\Temp\_uninst_55219767.bat uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D374E301-AA43-4576-807F-2805EDCEE196} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F64323230383 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F66323331373 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 212.54.40.25 212.54.35.25 Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\ . ============= SERVICES / DRIVERS =============== . R0 55219767;55219767;C:\Windows\System32\drivers\55219767.sys [2014-2-19 460888] R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952] R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-2-16 28600] R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-2-16 440376] R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-2-16 440376] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312] R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-2-16 108440] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] R2 Avira.OE.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2014-1-29 109112] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-13 15125280] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-3-5 1128952] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496] R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-5 2656280] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-5 1360960] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-26 39200] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-5 471144] R3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-12-16 126464] RUnknown 4833685drv;4833685drv; [x] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-14 111616] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-1 91352] S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-3-5 31152] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-19 1255736] S4 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-2-16 1011768] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2014-02-19 07:06:56 -------- d-----w- C:\ProgramData\Kaspersky Lab 2014-02-19 07:06:30 460888 ----a-w- C:\Windows\System32\drivers\55219767.sys 2014-02-18 08:36:16 -------- d-----w- C:\Program Files (x86)\ESET 2014-02-16 23:02:19 84720 ----a-w- C:\Windows\System32\drivers\avnetflt.sys 2014-02-16 19:57:45 -------- d-sh--w- C:\$RECYCLE.BIN 2014-02-16 19:45:46 98816 ----a-w- C:\Windows\sed.exe 2014-02-16 19:45:46 256000 ----a-w- C:\Windows\PEV.exe 2014-02-16 19:45:46 208896 ----a-w- C:\Windows\MBR.exe 2014-02-16 17:01:53 -------- d-----w- C:\Users\marco\AppData\Roaming\Avira 2014-02-16 17:01:10 28600 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-02-16 17:01:10 108440 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-02-16 16:59:27 -------- d-----w- C:\ProgramData\Avira 2014-02-16 16:59:27 -------- d-----w- C:\Program Files (x86)\Avira 2014-02-16 12:50:27 -------- d-sh--w- C:\Users\marco\b96E84lA 2014-02-16 08:42:57 -------- d-----w- C:\Users\marco\AppData\Local\{00D646FC-0E56-435E-9F9D-A882E5097489} 2014-02-15 08:25:55 -------- d-----w- C:\Users\marco\AppData\Local\{870812B5-38B5-4165-B020-30B94BA7AB53} 2014-02-14 08:11:39 -------- d-----w- C:\AdwCleaner 2014-02-14 08:06:08 10315576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\mpengine.dll 2014-02-14 08:04:36 -------- d-----w- C:\Windows\ERUNT 2014-02-13 08:17:31 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll 2014-02-05 21:02:34 -------- d-----w- C:\Users\marco\AppData\Roaming\Xfire 2014-02-05 21:02:22 -------- d-----w- C:\ProgramData\Xfire 2014-01-29 23:28:53 -------- d-----w- C:\Windows\Migration . ==================== Find3M ==================== . 2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll 2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll 2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll 2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll 2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll 2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll 2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2014-02-05 19:11:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-02-05 19:11:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-12-30 19:45:34 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-12-24 23:09:41 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll 2013-12-24 22:48:32 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll 2013-12-21 09:53:45 548864 ----a-w- C:\Windows\System32\vbscript.dll 2013-12-21 08:56:47 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll 2013-12-18 05:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe 2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll 2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll 2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll 2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll 2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll 2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll 2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll 2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll 2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe 2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe 2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll 2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll 2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll 2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll 2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll 2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe 2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe 2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe 2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe 2013-11-30 14:34:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-11-27 01:41:37 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2013-11-27 01:41:15 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2013-11-27 01:41:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2013-11-27 01:41:11 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2013-11-27 01:41:09 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2013-11-27 01:41:06 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2013-11-27 01:41:03 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2013-11-26 11:40:00 376768 ----a-w- C:\Windows\System32\drivers\netio.sys 2013-11-26 10:32:56 3156480 ----a-w- C:\Windows\System32\win32k.sys 2013-11-26 08:16:50 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll 2013-11-25 00:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll 2013-11-22 22:48:21 3928064 ----a-w- C:\Windows\System32\d2d1.dll . ============= FINISH: 8:55:02,85 ===============
  8. I keep getting a trojan horse detection from the same file: c:\users\marco\b96e85lA\svoste.exe and I can't delete it with the antivirus because it says Acces Denied, please how do I fix this?
  9. Hey I have done as you asked and here is the log, the scan took quite a while (~5 hours) C:\Users\All Users\Avira\My Avira\Temp\antivirus.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application C:\Users\marco\Downloads\avc-free.exe Win32/OpenCandy potentially unsafe application C:\Users\marco\Downloads\GraboidVideoSetup-3.11 (1).exe Win32/Graboid potentially unsafe application C:\Users\marco\Downloads\GraboidVideoSetup-3.11 (2).exe Win32/Graboid potentially unsafe application C:\Users\marco\Downloads\GraboidVideoSetup-3.11.exe Win32/Graboid potentially unsafe application C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted (after the next restart) - quarantinedC:\ProgramData\Avira\My Avira\Temp\antivirus.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantinedC:\Qoobox\Quarantine\C\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs.vir VBS/TrojanDownloader.Agent.NJF trojan cleaned by deleting - quarantinedC:\Users\marco\Downloads\ccsetup318.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantinedC:\Users\marco\Downloads\otloader (1).rar VBS/TrojanDownloader.Agent.NJF trojan deleted - quarantinedC:\Users\marco\Downloads\wbot (1).jar a variant of Java/Obfuscated.AllatoriDemo.B potentially unsafe application deleted - quarantinedC:\Users\marco\Downloads\xfire_setup.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
  10. Also, if you need any translations because some of the logs are dutch just ask
  11. Hey, thanks for doing this again. I did exactly as you asked, here is the log, it ran the combofix & rebooted my pc, after the reboot it said "Acces denied" in the blue combofix screen and after that it generated the log ComboFix 14-02-16.01 - marco 16-02-2014 20:47:42.2.8 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6125.4049 [GMT 1:00]Gestart vanuit: c:\users\marco\Desktop\ComboFix.exegebruikte Opdracht switches :: c:\users\marco\Desktop\CFScript.txtAV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.FILE ::"c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs"..(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))..c:\users\marco\15tyw951inc:\users\marco\15tyw951in\czesMdGH.comc:\users\marco\15tyw951in\eEWboUYIcc:\users\marco\15tyw951in\run.vbsc:\users\marco\15tyw951in\uEdI.YBHc:\users\marco\15tyw951in\UGZoMhnu.GPPc:\users\marco\7p5wnh6sb9sq15c:\users\marco\7p5wnh6sb9sq15\afViavPcA.HOEc:\users\marco\7p5wnh6sb9sq15\dLUHSYmc:\users\marco\7p5wnh6sb9sq15\nwUHnLQxxQ.ELGc:\users\marco\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dllc:\users\marco\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dllc:\users\marco\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dllc:\users\marco\AppData\Roaming\Awesomiumc:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbsc:\users\marco\b49S56oSc:\users\marco\i15Z28qVc:\users\marco\i15Z28qV\DY.SXMc:\users\marco\InterruptBarc:\users\marco\InterruptBar\InterruptBar.luac:\users\marco\InterruptBar\InterruptBar.tocc:\users\marco\mb5spidgd9dc:\users\marco\mb5spidgd9d\DWhzrNRBBM.VJSc:\users\marco\mb5spidgd9d\hfOyRTKLsIvdc:\users\marco\mb5spidgd9d\sLGZCt.QMVc:\users\marco\rgunas5426q3noc:\users\marco\rgunas5426q3no\AKDDyiMMQ.MOGc:\users\marco\rgunas5426q3no\GhkGMc:\users\marco\rgunas5426q3no\NOvCEyWrOoV.VDM..(((((((((((((((((((( Bestanden Gemaakt van 2014-01-16 to 2014-02-16 ))))))))))))))))))))))))))))))..2014-02-16 19:55 . 2014-02-16 19:55 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp2014-02-16 19:55 . 2014-02-16 19:55 -------- d-----w- c:\users\Default\AppData\Local\temp2014-02-16 17:01 . 2014-02-16 17:01 -------- d-----w- c:\users\marco\AppData\Roaming\Avira2014-02-16 17:01 . 2013-12-09 10:37 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys2014-02-16 17:01 . 2013-12-09 10:37 131576 ----a-w- c:\windows\system32\drivers\avipbb.sys2014-02-16 17:01 . 2013-12-09 10:37 108440 ----a-w- c:\windows\system32\drivers\avgntflt.sys2014-02-16 16:59 . 2014-02-16 17:01 -------- d-----w- c:\programdata\Avira2014-02-16 16:59 . 2014-02-16 17:01 -------- d-----w- c:\program files (x86)\Avira2014-02-16 12:50 . 2014-02-16 14:55 -------- d-sh--w- c:\users\marco\b96E84lA2014-02-14 08:11 . 2014-02-14 08:12 -------- d-----w- C:\AdwCleaner2014-02-14 08:06 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\mpengine.dll2014-02-14 08:04 . 2014-02-14 08:04 -------- d-----w- c:\windows\ERUNT2014-02-13 08:17 . 2013-12-06 02:30 2048 ----a-w- c:\windows\system32\msxml3r.dll2014-02-05 21:02 . 2014-02-05 21:27 -------- d-----w- c:\users\marco\AppData\Roaming\Xfire2014-02-05 21:02 . 2014-02-05 21:28 -------- d-----w- c:\programdata\Xfire2014-01-29 23:28 . 2014-01-29 23:28 -------- d-----w- c:\windows\Migration2014-01-19 09:49 . 2014-01-19 09:49 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F}...((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-02-05 19:11 . 2013-03-16 16:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe2014-02-05 19:11 . 2012-03-05 15:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl2014-01-15 23:33 . 2013-04-19 19:48 86054176 ----a-w- c:\windows\system32\MRT.exe2013-12-31 13:56 . 2013-11-26 21:08 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr2013-12-31 13:56 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe2013-12-30 19:45 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex02013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe2013-11-30 14:34 . 2013-10-13 11:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe2013-11-27 01:41 . 2014-01-15 17:10 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys2013-11-27 01:41 . 2014-01-15 17:10 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys2013-11-27 01:41 . 2014-01-15 17:10 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys2013-11-27 01:41 . 2014-01-15 17:10 325120 ----a-w- c:\windows\system32\drivers\usbport.sys2013-11-27 01:41 . 2014-01-15 17:10 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys2013-11-27 01:41 . 2014-01-15 17:10 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys2013-11-27 01:41 . 2014-01-15 17:10 7808 ----a-w- c:\windows\system32\drivers\usbd.sys2013-11-26 23:01 . 2013-11-26 23:01 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe2013-11-26 23:01 . 2013-11-26 23:01 194048 ----a-w- c:\windows\SysWow64\elshyph.dll2013-11-26 23:01 . 2013-11-26 23:01 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe2013-11-26 23:01 . 2013-11-26 23:01 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll2013-11-26 23:01 . 2013-11-26 23:01 235008 ----a-w- c:\windows\system32\elshyph.dll2013-11-26 23:01 . 2013-11-26 23:01 182272 ----a-w- c:\windows\SysWow64\msls31.dll2013-11-26 23:01 . 2013-11-26 23:01 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\SysWow64\tdc.ocx2013-11-26 23:01 . 2013-11-26 23:01 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll2013-11-26 23:01 . 2013-11-26 23:01 36352 ----a-w- c:\windows\SysWow64\imgutil.dll2013-11-26 23:01 . 2013-11-26 23:01 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll2013-11-26 23:01 . 2013-11-26 23:01 337408 ----a-w- c:\windows\SysWow64\html.iec2013-11-26 23:01 . 2013-11-26 23:01 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll2013-11-26 23:01 . 2013-11-26 23:01 151552 ----a-w- c:\windows\SysWow64\iexpress.exe2013-11-26 23:01 . 2013-11-26 23:01 139264 ----a-w- c:\windows\SysWow64\wextract.exe2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\SysWow64\mshta.exe2013-11-26 23:01 . 2013-11-26 23:01 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll2013-11-26 23:01 . 2013-11-26 23:01 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll2013-11-26 23:01 . 2013-11-26 23:01 942592 ----a-w- c:\windows\system32\jsIntl.dll2013-11-26 23:01 . 2013-11-26 23:01 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe2013-11-26 23:01 . 2013-11-26 23:01 81408 ----a-w- c:\windows\system32\icardie.dll2013-11-26 23:01 . 2013-11-26 23:01 77312 ----a-w- c:\windows\system32\tdc.ocx2013-11-26 23:01 . 2013-11-26 23:01 616104 ----a-w- c:\windows\system32\ieapfltr.dat2013-11-26 23:01 . 2013-11-26 23:01 52224 ----a-w- c:\windows\system32\msfeedsbs.dll2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\system32\mshtmler.dll2013-11-26 23:01 . 2013-11-26 23:01 453120 ----a-w- c:\windows\system32\dxtmsft.dll2013-11-26 23:01 . 2013-11-26 23:01 413696 ----a-w- c:\windows\system32\html.iec2013-11-26 23:01 . 2013-11-26 23:01 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll2013-11-26 23:01 . 2013-11-26 23:01 296960 ----a-w- c:\windows\system32\dxtrans.dll2013-11-26 23:01 . 2013-11-26 23:01 263376 ----a-w- c:\windows\system32\iedkcs32.dll2013-11-26 23:01 . 2013-11-26 23:01 247808 ----a-w- c:\windows\system32\msls31.dll2013-11-26 23:01 . 2013-11-26 23:01 243200 ----a-w- c:\windows\system32\webcheck.dll2013-11-26 23:01 . 2013-11-26 23:01 235520 ----a-w- c:\windows\system32\url.dll2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\system32\msfeedssync.exe2013-11-26 23:01 . 2013-11-26 23:01 131072 ----a-w- c:\windows\system32\IEAdvpack.dll2013-11-26 23:01 . 2013-11-26 23:01 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll2013-11-26 23:01 . 2013-11-26 23:01 105984 ----a-w- c:\windows\system32\iesysprep.dll2013-11-26 23:01 . 2013-11-26 23:01 84992 ----a-w- c:\windows\system32\mshtmled.dll2013-11-26 23:01 . 2013-11-26 23:01 83968 ----a-w- c:\windows\system32\MshtmlDac.dll2013-11-26 23:01 . 2013-11-26 23:01 774144 ----a-w- c:\windows\system32\jscript.dll2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\system32\pngfilt.dll2013-11-26 23:01 . 2013-11-26 23:01 48128 ----a-w- c:\windows\system32\imgutil.dll2013-11-26 23:01 . 2013-11-26 23:01 30208 ----a-w- c:\windows\system32\licmgr10.dll2013-11-26 23:01 . 2013-11-26 23:01 167424 ----a-w- c:\windows\system32\iexpress.exe2013-11-26 23:01 . 2013-11-26 23:01 147968 ----a-w- c:\windows\system32\occache.dll2013-11-26 23:01 . 2013-11-26 23:01 143872 ----a-w- c:\windows\system32\wextract.exe2013-11-26 23:01 . 2013-11-26 23:01 13824 ----a-w- c:\windows\system32\mshta.exe2013-11-26 23:01 . 2013-11-26 23:01 135680 ----a-w- c:\windows\system32\iepeers.dll2013-11-26 23:01 . 2013-11-26 23:01 101376 ----a-w- c:\windows\system32\inseng.dll2013-11-26 11:40 . 2014-01-15 17:10 376768 ----a-w- c:\windows\system32\drivers\netio.sys2013-11-26 10:32 . 2014-01-15 17:10 3156480 ----a-w- c:\windows\system32\win32k.sys2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys2013-11-23 18:26 . 2013-12-11 15:01 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll2013-11-23 17:47 . 2013-12-11 15:01 465920 ----a-w- c:\windows\system32\WMPhoto.dll..((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))..*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"F.lux"="c:\users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712]"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424]"nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]"nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2012-07-19 3076096]"Razer Naga Driver"="c:\program files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe" [2010-12-30 957840]"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"Avira Systray"="c:\program files (x86)\Avira\My Avira\Avira.OE.Systray.exe" [2014-01-29 172600]"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-09 684600].c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2012-6-11 0]Dropbox.lnk - c:\users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]"EnableShellExecuteHooks"= 1 (0x1).[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks].R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]R4 AntiVirWebService;Avira Web Protection;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]S2 AntiVirSchedulerService;Avira Scheduler;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]S2 Avira.OE.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe;c:\program files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [x]S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]..Inhoud van de 'Gedeelde Taken' map.2014-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-16 19:11].2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core.job- c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08].2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA.job- c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08].2014-01-27 c:\windows\Tasks\HPCeeScheduleForMARCO-HP$.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15].2014-02-16 c:\windows\Tasks\HPCeeScheduleFormarco.job- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll.[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-14 1064224].------- Bijkomende Scan -------.uLocal Page = c:\windows\system32\blank.htmmLocal Page = c:\windows\SysWOW64\blank.htmTrusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: DhcpNameServer = 192.168.1.1FF - ProfilePath - c:\users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\.- - - - ORPHANS VERWIJDERD - - - -.Wow6432Node-HKLM-Run-<NO NAME> - (no file)AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exeAddRemove-WildTangent hp Master Uninstall - c:\program files (x86)\HP Games\Uninstall.exeAddRemove-WildTangentGameProvider-hp-genres - c:\program files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exeAddRemove-WildTangentGameProvider-hp-main - c:\program files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exeAddRemove-WildTangentGDF-hp-gunbros - c:\program files (x86)\HP Games\Web Link - Gun Bros\Uninstall.exeAddRemove-WTA-068a32a3-e469-4c14-b78b-62ef7ae63bcc - c:\program files (x86)\HP Games\Blackhawk Striker 2\uninstall\uninstaller.exeAddRemove-WTA-1e252d85-adb9-4c4e-9ea9-40ae7f8d7e88 - c:\program files (x86)\HP Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exeAddRemove-WTA-286a9c95-c790-4a23-9568-4f846557423e - c:\program files (x86)\HP Games\Penguins!\uninstall\uninstaller.exeAddRemove-WTA-2c6df00c-d23e-4c6d-b629-72a6b5b5c6e2 - c:\program files (x86)\HP Games\Blasterball 3\uninstall\uninstaller.exeAddRemove-WTA-377ebe4b-ddf1-4d55-8994-d16dccbbe1c0 - c:\program files (x86)\HP Games\Virtual Villagers 5 - New Believers\uninstall\uninstaller.exeAddRemove-WTA-3a47674e-6286-4bd6-a4f9-fb0f04505f47 - c:\program files (x86)\HP Games\Cradle of Rome 2\uninstall\uninstaller.exeAddRemove-WTA-4b4a1c75-4fab-448d-8bf7-dc4540ffadad - c:\program files (x86)\HP Games\Bounce Symphony\uninstall\uninstaller.exeAddRemove-WTA-4eeb0c8e-3418-425d-928d-8f776496fa06 - c:\program files (x86)\HP Games\Chuzzle Deluxe\uninstall\uninstaller.exeAddRemove-WTA-4eedebef-5544-4f46-80eb-cdd700669940 - c:\program files (x86)\HP Games\Agatha Christie - Peril at End House\uninstall\uninstaller.exeAddRemove-WTA-51171669-e116-4a36-b992-5bc35e9ce9fd - c:\program files (x86)\HP Games\Namco All-Stars PAC-MAN\uninstall\uninstaller.exeAddRemove-WTA-516831ea-5764-4b40-bacc-6cca7d93bace - c:\program files (x86)\HP Games\Chronicles of Albian\uninstall\uninstaller.exeAddRemove-WTA-52927150-d423-4df5-a827-a51cfd03713a - c:\program files (x86)\HP Games\Poker Superstars III\uninstall\uninstaller.exeAddRemove-WTA-5ef2ea74-edf3-437c-8303-cc0532945e33 - c:\program files (x86)\HP Games\Jewel Quest The Sleepless Star - Collectors Edition\uninstall\uninstaller.exeAddRemove-WTA-6bc11f22-bb19-420c-9d54-29fbf930579d - c:\program files (x86)\HP Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exeAddRemove-WTA-73a29449-9398-427e-8c58-653416202cad - c:\program files (x86)\HP Games\Slingo Supreme\uninstall\uninstaller.exeAddRemove-WTA-7a96c42c-f7ba-44ce-8ae7-0df904e7de79 - c:\program files (x86)\HP Games\Mah Jong Medley\uninstall\uninstaller.exeAddRemove-WTA-90aee741-cbd9-4290-81ce-73119c45d1e2 - c:\program files (x86)\HP Games\FATE\uninstall\uninstaller.exeAddRemove-WTA-967bad6c-eafd-4912-9363-cdc71f938889 - c:\program files (x86)\HP Games\Polar Bowler\uninstall\uninstaller.exeAddRemove-WTA-96d9a103-8d41-4cd8-9ee6-118557eea107 - c:\program files (x86)\HP Games\Zuma Deluxe\uninstall\uninstaller.exeAddRemove-WTA-b12ef7f4-76e9-42d6-8507-17571cf1325c - c:\program files (x86)\HP Games\Farm Frenzy\uninstall\uninstaller.exeAddRemove-WTA-b97f9d01-f6b2-4027-b420-f03f6018b858 - c:\program files (x86)\HP Games\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exeAddRemove-WTA-ca2f47de-01ef-4782-a525-665b8d1de53d - c:\program files (x86)\HP Games\Cake Mania\uninstall\uninstaller.exeAddRemove-WTA-d19d4618-60ed-4dbe-8f0d-a827daabb525 - c:\program files (x86)\HP Games\Bejeweled 3\uninstall\uninstaller.exeAddRemove-WTA-d4532316-d7ad-4d43-84ce-5d07261e1841 - c:\program files (x86)\HP Games\Final Drive Nitro\uninstall\uninstaller.exeAddRemove-WTA-d4fee06a-821b-4ae0-95b4-0ed12535e2d7 - c:\program files (x86)\HP Games\Vacation Quest - The Hawaiian Islands\uninstall\uninstaller.exeAddRemove-WTA-f34a166f-3218-4c2a-8f90-5c2c6fcda4e3 - c:\program files (x86)\HP Games\Polar Golfer\uninstall\uninstaller.exeAddRemove-{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1 - c:\users\marco\Documents\Infestation Survivor Stories\unins000.exeAddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe...[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService".--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="FlashBroker""LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]"Enabled"=dword:00000001.[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Shockwave Flash Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]@="0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]@="ShockwaveFlash.ShockwaveFlash.11".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="ShockwaveFlash.ShockwaveFlash".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]@Denied: (A 2) (Everyone)@="Macromedia Flash Factory Object".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx""ThreadingModel"="Apartment".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]@="FlashFactory.FlashFactory.1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]@="{D27CDB6B-AE6D-11cf-96B8-444553540000}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]@="1.0".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]@="FlashFactory.FlashFactory".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]@Denied: (A 2) (Everyone)@="IFlashBroker5".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]@="{00020424-0000-0000-C000-000000000046}".[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}""Version"="1.0".[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Andere Aktieve Processen ------------------------.c:\program files (x86)\Avira\AntiVir Desktop\avguard.exec:\windows\SysWOW64\ezSharedSvcHost.exec:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exec:\windows\SysWOW64\PnkBstrA.exec:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exec:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe.**************************************************************************.Voltooingstijd: 2014-02-16 21:02:20 - machine werd herstartComboFix-quarantined-files.txt 2014-02-16 20:02ComboFix2.txt 2014-02-16 09:35.Pre-Run: 192.500.879.360 bytes beschikbaarPost-Run: 192.208.650.240 bytes beschikbaar.- - End Of File - - 401A5476FE84C44A5764514526A5E245
  12. does someone have any idea why it keeps getting it back? I also can't seem to get rid of addnapauqus.exe and server106.exe
  13. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 18-5-2012 16:57:10 System Uptime: 13-2-2014 23:15:56 (0 hours ago) . Motherboard: Foxconn | | 2ABF Processor: Intel® Core™ i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 453 GiB total, 165,423 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1,587 GiB free. E: is CDROM () F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: Description: LinksysbyCisco Internet Gateway Device Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446 Manufacturer: Name: LinksysbyCisco Internet Gateway Device PNP Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446 Service: . ==== System Restore Points =================== . RP226: 13-2-2014 9:43:15 - Gepland controlepunt . ==== Installed Programs ====================== . .sol Editor 1.1.0.1 7-Zip 9.22beta 802.11n Wireless LAN Card Adobe Flash Player 12 ActiveX Adobe Flash Player 12 Plugin Agatha Christie - Peril at End House AuthenTec TrueAPI AVG 2013 AVG Security Toolbar Batman: Arkham Asylum GOTY Edition Battle.net Bejeweled 3 Blackhawk Striker 2 Blasterball 3 Bounce Symphony Cake Mania CCleaner Chronicles of Albian Chuzzle Deluxe Cisco Network Magic Counter-Strike: Global Offensive Cradle of Rome 2 Curse Client D3DX10 Diablo III Dota 2 Dropbox F.E.A.R. 3 f.lux Farm Frenzy FATE Final Drive: Nitro GeForce Experience NvStream Client Components Google Chrome Governor of Poker 2 Premium Edition Hearthstone Hewlett-Packard ACLM.NET v1.2.2.3 Hi-Rez Studios Authenticate and Update Service HP Auto HP Client Services HP Customer Experience Enhancements HP Games HP LinkUp HP Odometer HP Setup HP Setup Manager HP SimplePass PE 2011 HP Support Assistant HP Support Information HP Update HP Vision Hardware Diagnostics Infestation Survivor Stories version 1.0 Infestation: Survivor Stories Intel® Identity Protection Technology 1.1.2.0 Intel® Management Engine Components Java 7 Update 45 Java Auto Updater JavaFX 2.1.1 Jewel Quest: The Sleepless Star - Collector's Edition Junk Mail filter update LabelPrint League of Legends Left 4 Dead 2 Magic Desktop Mah Jong Medley Malwarebytes Anti-Malware versie 1.75.0.1300 Mesh Runtime Microsoft .NET Framework 4.5 NLD Language Pack Microsoft .NET Framework 4.5.1 Microsoft Application Error Reporting Microsoft Mathematics Microsoft Office 2010 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 Microsoft XNA Framework Redistributable 4.0 Minecraft1.5.2 Mozilla Firefox 19.0 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT_amd64 Mystery of Mortlake Mansion Namco All-Stars: PAC-MAN Network Magic Norton Online Backup NVIDIA-configuratiescherm 331.82 NVIDIA 3D Vision controllerstuurprogramma 331.82 NVIDIA 3D Vision stuurprogramma 331.82 NVIDIA GeForce Experience 1.7.1 NVIDIA Grafisch stuurprogramma 331.82 NVIDIA HD Audio-stuurprogramma 1.3.26.4 NVIDIA Install Application NVIDIA LED Visualizer 1.0 NVIDIA PhysX NVIDIA PhysX systeemsoftware 9.13.0725 NVIDIA ShadowPlay 9.3.21 NVIDIA Stereoscopic 3D Driver NVIDIA Update 9.3.21 NVIDIA Update Components NVIDIA Virtual Audio 1.2.9 Open Broadcaster Software PDF Complete Special Edition Penguins! Plants vs. Zombies - Game of the Year PlayReady PC Runtime amd64 Poker Superstars III Polar Bowler Polar Golfer Power2Go PunkBuster Services Pure Networks Platform RaidCall Razer Naga Realtek High Definition Audio Driver Recovery Manager Remote Graphics Receiver Rust SHIELD Streaming Skype™ 6.11 Slingo Supreme Smite StarCraft II Taalpakket voor Microsoft .NET Framework 4.5 - NLD TeamViewer 9 Tibia Tibia Testserver Tibiacast Update Installer for WildTangent Games App Vacation Quest - The Hawaiian Islands VC80CRTRedist - 8.0.50727.6195 Ventrilo Client VIP Access SDK (1.0.1.4) Virtual Villagers 5 - New Believers Visual Studio 2008 x64 Redistributables Visual Studio 2010 x64 Redistributables VLC media player 2.0.6 WildTangent Games App (HP Games) Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources WinRAR 4.20 (32-bit) World of Warcraft World of Warcraft Beta Zuma Deluxe . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2 Run by marco at 23:50:04 on 2014-02-13 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6125.3285 [GMT 1:00] . AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG2013\avgrsa.exe C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe C:\Windows\system32\nvvsvc.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Windows\SysWOW64\PnkBstrA.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe C:\Program Files (x86)\AVG\AVG2013\avgemca.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe C:\Windows\System32\rundll32.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\System32\WUDFHost.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe C:\Users\marco\AppData\Local\Apps\2.0\CN01M3WW.VB3\PBG0W1YY.K3N\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\msiexec.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dll uRun: [Google Update] "C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [F.lux] "C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silent uRun: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe mRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash mRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exe mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exe mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript StartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip StartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe StartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-Explorer: EnableShellExecuteHooks = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: NameServer = 192.168.1.1 TCP: Interfaces\{D374E301-AA43-4576-807F-2805EDCEE196} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F64323230383 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F66323331373 : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 212.54.40.25 212.54.35.25 Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SSODL: WebCheck - <orphaned> SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll x64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe x64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned> x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\ FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\npsitesafety.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\marco\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll FF - plugin: C:\Users\marco\AppData\Roaming\raidcall\plugins\nprcplugin.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480] R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880] R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648] R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952] R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-16 46368] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136] R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?] R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008] R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-8-2 8704] R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568] R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-13 15125280] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-3-5 1128952] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496] R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-5 2656280] R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-8 1771544] R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-5 1360960] R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-26 39200] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-5 471144] R3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-12-16 126464] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680] S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616] S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-1 91352] S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-3-5 31152] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-19 1255736] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice] . =============== Created Last 30 ================ . 2014-02-13 21:53:46 -------- d-----w- C:\Users\marco\AppData\Local\{DB49F776-F693-46BF-929E-7354F74FA31F} 2014-02-13 21:12:27 -------- d-sh--r- C:\Users\marco\mb5spidgd9d 2014-02-13 21:11:55 -------- d-----w- C:\Users\marco\AppData\Local\{7866CC77-4CC2-4E49-A915-0181EFBFC3D9} 2014-02-13 08:12:08 -------- d-sh--w- C:\Users\marco\i15Z28qV 2014-02-13 08:11:45 -------- d-----w- C:\Users\marco\AppData\Local\{3E8F3572-06C3-446B-91C6-FE783D99F276} 2014-02-12 18:34:31 -------- d-----w- C:\Users\marco\InterruptBar 2014-02-12 07:36:11 -------- d-sh--r- C:\Users\marco\rgunas5426q3no 2014-02-12 07:36:05 -------- d-----w- C:\Users\marco\AppData\Local\{910DD5AB-D0DA-4883-877E-0C0FD559319B} 2014-02-10 21:55:53 3792 ----a-w- C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs 2014-02-10 21:55:53 -------- d-sh--r- C:\Users\marco\7p5wnh6sb9sq15 2014-02-10 10:37:41 -------- d-----w- C:\Users\marco\AppData\Local\{D342A0EE-9A3F-4ABA-8303-DB370F1CD810} 2014-02-09 09:00:15 -------- d-----w- C:\Users\marco\AppData\Local\{66DC7654-786F-4F05-8164-AEBC02A0943C} 2014-02-08 08:40:14 -------- d-----w- C:\Users\marco\AppData\Local\{CD9B9FF4-95D4-4FE7-95B4-A41C21A9E12C} 2014-02-07 08:13:20 -------- d-----w- C:\Users\marco\AppData\Local\{FCA331F4-8A47-45DC-A9DD-647B485DC461} 2014-02-06 07:48:03 -------- d-----w- C:\Users\marco\AppData\Local\{7F941768-63D6-49E1-9908-DB3C29DF4714} 2014-02-05 21:02:34 -------- d-----w- C:\Users\marco\AppData\Roaming\Xfire 2014-02-05 21:02:22 -------- d-----w- C:\ProgramData\Xfire 2014-02-04 10:27:38 -------- d-----w- C:\Users\marco\AppData\Local\{51FD153F-2573-469D-BEB6-C1225465C389} 2014-02-02 10:01:21 -------- d-----w- C:\Users\marco\AppData\Local\{EDAC6342-DE19-43CD-B4DF-D34A188E653C} 2014-02-01 09:51:27 -------- d-----w- C:\Users\marco\AppData\Local\{B898A6AD-107B-4A83-B8C7-8D3BE6B2DCA6} 2014-01-31 07:38:02 -------- d-----w- C:\Users\marco\AppData\Local\{F7061CB1-8317-457C-994A-8BD9349507F3} 2014-01-30 08:36:14 -------- d-----w- C:\Users\marco\AppData\Local\{3E56836B-856F-4A3C-8E49-66594C4854D0} 2014-01-29 23:28:53 -------- d-----w- C:\Windows\Migration 2014-01-29 08:02:26 -------- d-----w- C:\Users\marco\AppData\Local\{4C95D157-2E6A-4EEF-ACAE-C369553BF592} 2014-01-28 09:13:41 -------- d-----w- C:\Users\marco\AppData\Local\{3F6BC5A3-2D7D-4269-A46B-43129BBC2BBF} 2014-01-27 08:25:35 -------- d-----w- C:\Users\marco\AppData\Local\{5FBA23E3-0222-45A4-A078-119914705A9F} 2014-01-26 10:08:27 -------- d-----w- C:\Users\marco\AppData\Local\{92735383-7EED-45EA-BF69-9315776C127F} 2014-01-24 09:21:07 -------- d-----w- C:\Users\marco\AppData\Local\{416AE915-EFBE-42F1-A1E5-A173751B6A21} 2014-01-23 08:11:29 -------- d-----w- C:\Users\marco\AppData\Local\{0B188194-4A6A-4F66-812D-97448484836B} 2014-01-22 05:31:44 -------- d-----w- C:\Users\marco\AppData\Local\{C03C7430-8F24-4A6F-A519-26EF0E2E7315} 2014-01-21 10:42:36 -------- d-----w- C:\Users\marco\AppData\Local\{11D66729-3AC1-47EA-8DC6-F630B7FEF33B} 2014-01-19 22:53:42 -------- d-----w- C:\Program Files (x86)\Whorecraft 2014-01-19 09:49:33 -------- d-----w- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} 2014-01-19 09:35:49 -------- d-----w- C:\Users\marco\AppData\Local\{4E138510-502C-4C34-B6F9-0189B7A87233} 2014-01-18 09:44:44 -------- d-----w- C:\Users\marco\AppData\Local\{779DF3D5-BF37-438D-A0DC-F58639BB9437} 2014-01-17 08:02:09 -------- d-----w- C:\Users\marco\AppData\Local\{0A97F898-94D4-4545-8A9C-20B3D40CA4B8} 2014-01-16 08:07:46 -------- d-----w- C:\Users\marco\AppData\Local\{24BB34E0-9E0F-40FE-9B0C-27AE33F1CCB1} 2014-01-15 17:10:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-15 17:10:10 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-15 17:10:10 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-15 17:10:10 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-15 17:10:10 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-15 17:10:10 3156480 ----a-w- C:\Windows\System32\win32k.sys 2014-01-15 17:10:10 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-15 17:10:10 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-15 17:10:09 376768 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-15 08:13:43 -------- d-----w- C:\Users\marco\AppData\Local\{91FB6627-66D7-477D-8971-287249ADF53D} . ==================== Find3M ==================== . 2014-02-05 19:11:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2014-02-05 19:11:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr 2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe 2013-12-30 19:45:34 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0 2013-11-30 14:34:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe 2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll 2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll 2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll 2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll 2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl 2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll 2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-11-25 00:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys 2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll 2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll . ============= FINISH: 23:50:14,86 ===============
  14. I seem to get a object detected called svoste.exe everytime I scan with malwarebytes saying it's a Trojan.AI, I delete it, and the next time I scan the scan detects it again, it keeps coming back I don't know what is is or how to delete it. ________________________________ Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Databaseversie: v2014.02.16.02 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16518marco :: MARCO-HP [administrator] 16-2-2014 13:29:25mbam-log-2014-02-16 (13-29-25).txt Scan type: Snelle scanIngeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUMUitgeschakelde scan opties: P2PObjecten gescand: 263590Verstreken tijd: 13 minuut/minuten, 3 seconde(n) Geheugenprocessen gedetecteerd: 1C:\Users\marco\b49S56oS\svoste.exe (Trojan.Agent.AI) -> 5264 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 3C:\Users\marco\b49S56oS\svoste.exe (Trojan.Agent.AI) -> Zal worden verwijderd tijdens het herstarten.C:\Users\marco\AppData\Local\Temp\addnapauqus.exe (Trojan.Agent.AI) -> Succesvol in quarantaine geplaatst en verwijderd.C:\Users\marco\Local Settings\Temporary Internet Files\Content.IE5\G2DGBYUS\server106[1].exe (Trojan.Agent.AI) -> Succesvol in quarantaine geplaatst en verwijderd. (einde)________________________________________________________
  15. I seem to be getting the same object detected again, this time it's "svoste.exe" I keep getting this every time, category file & memory progress trojan.agent.AI :S
  16. ComboFix 14-02-14.01 - marco 16-02-2014 10:28:18.1.8 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6125.4436 [GMT 1:00] Gestart vanuit: c:\users\marco\Desktop\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((( Bestanden Gemaakt van 2014-01-16 to 2014-02-16 )))))))))))))))))))))))))))))) . . 2014-02-16 09:34 . 2014-02-16 09:34 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2014-02-16 09:34 . 2014-02-16 09:34 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-02-16 08:42 . 2014-02-16 09:09 -------- d-sh--w- c:\users\marco\b49S56oS 2014-02-15 12:02 . 2014-02-15 12:02 -------- d-----w- c:\users\marco\AppData\Roaming\Awesomium 2014-02-14 08:52 . 2014-02-14 08:52 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\offreg.dll 2014-02-14 08:11 . 2014-02-14 08:12 -------- d-----w- C:\AdwCleaner 2014-02-14 08:06 . 2013-12-16 00:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CB5E52E7-D0AD-452E-A096-802EA82D2AF5}\mpengine.dll 2014-02-14 08:04 . 2014-02-14 08:04 -------- d-----w- c:\windows\ERUNT 2014-02-14 08:01 . 2014-02-15 08:26 -------- d-sh--r- c:\users\marco\15tyw951in 2014-02-13 21:12 . 2014-02-13 22:34 -------- d-sh--r- c:\users\marco\mb5spidgd9d 2014-02-13 08:12 . 2014-02-13 21:10 -------- d-sh--w- c:\users\marco\i15Z28qV 2014-02-12 18:34 . 2013-10-03 08:32 -------- d-----w- c:\users\marco\InterruptBar 2014-02-12 07:36 . 2014-02-13 21:09 -------- d-sh--r- c:\users\marco\rgunas5426q3no 2014-02-10 21:55 . 2014-02-11 09:27 -------- d-sh--r- c:\users\marco\7p5wnh6sb9sq15 2014-02-10 21:55 . 2014-02-10 18:00 3792 ----a-w- c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs 2014-02-05 21:02 . 2014-02-05 21:27 -------- d-----w- c:\users\marco\AppData\Roaming\Xfire 2014-02-05 21:02 . 2014-02-05 21:28 -------- d-----w- c:\programdata\Xfire 2014-01-29 23:28 . 2014-01-29 23:28 -------- d-----w- c:\windows\Migration 2014-01-19 09:49 . 2014-01-19 09:49 -------- d-----w- c:\programdata\{18165758-115C-4DC0-9EC2-FF89F725767F} . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-02-05 19:11 . 2013-03-16 16:21 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2014-02-05 19:11 . 2012-03-05 15:50 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2014-01-15 23:33 . 2013-04-19 19:48 86054176 ----a-w- c:\windows\system32\MRT.exe 2013-12-31 13:56 . 2013-11-26 21:08 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-12-31 13:56 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-12-30 19:45 . 2013-10-13 11:02 291128 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 2013-12-18 05:13 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe 2013-11-30 14:34 . 2013-10-13 11:02 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-11-27 01:41 . 2014-01-15 17:10 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys 2013-11-27 01:41 . 2014-01-15 17:10 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2013-11-27 01:41 . 2014-01-15 17:10 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys 2013-11-27 01:41 . 2014-01-15 17:10 325120 ----a-w- c:\windows\system32\drivers\usbport.sys 2013-11-27 01:41 . 2014-01-15 17:10 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys 2013-11-27 01:41 . 2014-01-15 17:10 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2013-11-27 01:41 . 2014-01-15 17:10 7808 ----a-w- c:\windows\system32\drivers\usbd.sys 2013-11-26 23:01 . 2013-11-26 23:01 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2013-11-26 23:01 . 2013-11-26 23:01 194048 ----a-w- c:\windows\SysWow64\elshyph.dll 2013-11-26 23:01 . 2013-11-26 23:01 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe 2013-11-26 23:01 . 2013-11-26 23:01 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll 2013-11-26 23:01 . 2013-11-26 23:01 235008 ----a-w- c:\windows\system32\elshyph.dll 2013-11-26 23:01 . 2013-11-26 23:01 182272 ----a-w- c:\windows\SysWow64\msls31.dll 2013-11-26 23:01 . 2013-11-26 23:01 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe 2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\SysWow64\tdc.ocx 2013-11-26 23:01 . 2013-11-26 23:01 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll 2013-11-26 23:01 . 2013-11-26 23:01 36352 ----a-w- c:\windows\SysWow64\imgutil.dll 2013-11-26 23:01 . 2013-11-26 23:01 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll 2013-11-26 23:01 . 2013-11-26 23:01 337408 ----a-w- c:\windows\SysWow64\html.iec 2013-11-26 23:01 . 2013-11-26 23:01 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll 2013-11-26 23:01 . 2013-11-26 23:01 151552 ----a-w- c:\windows\SysWow64\iexpress.exe 2013-11-26 23:01 . 2013-11-26 23:01 139264 ----a-w- c:\windows\SysWow64\wextract.exe 2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\SysWow64\mshta.exe 2013-11-26 23:01 . 2013-11-26 23:01 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll 2013-11-26 23:01 . 2013-11-26 23:01 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll 2013-11-26 23:01 . 2013-11-26 23:01 942592 ----a-w- c:\windows\system32\jsIntl.dll 2013-11-26 23:01 . 2013-11-26 23:01 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll 2013-11-26 23:01 . 2013-11-26 23:01 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2013-11-26 23:01 . 2013-11-26 23:01 81408 ----a-w- c:\windows\system32\icardie.dll 2013-11-26 23:01 . 2013-11-26 23:01 77312 ----a-w- c:\windows\system32\tdc.ocx 2013-11-26 23:01 . 2013-11-26 23:01 616104 ----a-w- c:\windows\system32\ieapfltr.dat 2013-11-26 23:01 . 2013-11-26 23:01 52224 ----a-w- c:\windows\system32\msfeedsbs.dll 2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll 2013-11-26 23:01 . 2013-11-26 23:01 48640 ----a-w- c:\windows\system32\mshtmler.dll 2013-11-26 23:01 . 2013-11-26 23:01 453120 ----a-w- c:\windows\system32\dxtmsft.dll 2013-11-26 23:01 . 2013-11-26 23:01 413696 ----a-w- c:\windows\system32\html.iec 2013-11-26 23:01 . 2013-11-26 23:01 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll 2013-11-26 23:01 . 2013-11-26 23:01 296960 ----a-w- c:\windows\system32\dxtrans.dll 2013-11-26 23:01 . 2013-11-26 23:01 263376 ----a-w- c:\windows\system32\iedkcs32.dll 2013-11-26 23:01 . 2013-11-26 23:01 247808 ----a-w- c:\windows\system32\msls31.dll 2013-11-26 23:01 . 2013-11-26 23:01 243200 ----a-w- c:\windows\system32\webcheck.dll 2013-11-26 23:01 . 2013-11-26 23:01 235520 ----a-w- c:\windows\system32\url.dll 2013-11-26 23:01 . 2013-11-26 23:01 13312 ----a-w- c:\windows\system32\msfeedssync.exe 2013-11-26 23:01 . 2013-11-26 23:01 131072 ----a-w- c:\windows\system32\IEAdvpack.dll 2013-11-26 23:01 . 2013-11-26 23:01 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll 2013-11-26 23:01 . 2013-11-26 23:01 105984 ----a-w- c:\windows\system32\iesysprep.dll 2013-11-26 23:01 . 2013-11-26 23:01 84992 ----a-w- c:\windows\system32\mshtmled.dll 2013-11-26 23:01 . 2013-11-26 23:01 83968 ----a-w- c:\windows\system32\MshtmlDac.dll 2013-11-26 23:01 . 2013-11-26 23:01 774144 ----a-w- c:\windows\system32\jscript.dll 2013-11-26 23:01 . 2013-11-26 23:01 62464 ----a-w- c:\windows\system32\pngfilt.dll 2013-11-26 23:01 . 2013-11-26 23:01 48128 ----a-w- c:\windows\system32\imgutil.dll 2013-11-26 23:01 . 2013-11-26 23:01 30208 ----a-w- c:\windows\system32\licmgr10.dll 2013-11-26 23:01 . 2013-11-26 23:01 167424 ----a-w- c:\windows\system32\iexpress.exe 2013-11-26 23:01 . 2013-11-26 23:01 147968 ----a-w- c:\windows\system32\occache.dll 2013-11-26 23:01 . 2013-11-26 23:01 143872 ----a-w- c:\windows\system32\wextract.exe 2013-11-26 23:01 . 2013-11-26 23:01 13824 ----a-w- c:\windows\system32\mshta.exe 2013-11-26 23:01 . 2013-11-26 23:01 135680 ----a-w- c:\windows\system32\iepeers.dll 2013-11-26 23:01 . 2013-11-26 23:01 101376 ----a-w- c:\windows\system32\inseng.dll 2013-11-26 11:40 . 2014-01-15 17:10 376768 ----a-w- c:\windows\system32\drivers\netio.sys 2013-11-26 10:32 . 2014-01-15 17:10 3156480 ----a-w- c:\windows\system32\win32k.sys 2013-11-25 00:48 . 2013-11-25 00:48 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys 2013-11-23 18:26 . 2013-12-11 15:01 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll 2013-11-23 17:47 . 2013-12-11 15:01 465920 ----a-w- c:\windows\system32\WMPhoto.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 131248 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "F.lux"="c:\users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-15 1016712] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-05-06 658424] "nmctxth"="c:\program files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files (x86)\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] "RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2012-07-19 3076096] "Razer Naga Driver"="c:\program files (x86)\Razer\Naga Epic\NagaEpicSysTray.exe" [2010-12-30 957840] "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-11-20 4411952] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . c:\users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ CurseClientStartup.ccip [2012-6-11 0] Dropbox.lnk - c:\users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328] mdwhuzmxv.vbs [2014-2-10 3792] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks] . R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] R3 pmxdrv;pmxdrv;c:\windows\system32\drivers\pmxdrv.sys;c:\windows\SYSNATIVE\drivers\pmxdrv.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x] R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x] S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x] S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x] S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x] S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x] S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x] S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x] S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x] S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x] S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x] S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x] S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x] . . Inhoud van de 'Gedeelde Taken' map . 2014-02-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-16 19:11] . 2014-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000Core.job - c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08] . 2014-02-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-909820617-2155926707-2901132751-1000UA.job - c:\users\marco\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-18 15:08] . 2014-01-27 c:\windows\Tasks\HPCeeScheduleForMARCO-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . 2014-02-16 c:\windows\Tasks\HPCeeScheduleFormarco.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-09-10 23:54 164016 ----a-w- c:\users\marco\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384] "ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-14 1064224] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-01-28 21720] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\ . - - - - ORPHANS VERWIJDERD - - - - . Wow6432Node-HKCU-Run-Overwolf - c:\program files (x86)\Overwolf\Overwolf.exe Wow6432Node-HKCU-Run-Xfire - c:\program files (x86)\Xfire2\Xfire.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe Wow6432Node-HKLM-Run-Xfire - c:\program files (x86)\Xfire2\Xfire.exe HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe AddRemove-WildTangent hp Master Uninstall - c:\program files (x86)\HP Games\Uninstall.exe AddRemove-WildTangentGameProvider-hp-genres - c:\program files (x86)\HP Games\Game Explorer Categories - genres\Uninstall.exe AddRemove-WildTangentGameProvider-hp-main - c:\program files (x86)\HP Games\Game Explorer Categories - main\Uninstall.exe AddRemove-WildTangentGDF-hp-gunbros - c:\program files (x86)\HP Games\Web Link - Gun Bros\Uninstall.exe AddRemove-WTA-068a32a3-e469-4c14-b78b-62ef7ae63bcc - c:\program files (x86)\HP Games\Blackhawk Striker 2\uninstall\uninstaller.exe AddRemove-WTA-1e252d85-adb9-4c4e-9ea9-40ae7f8d7e88 - c:\program files (x86)\HP Games\Mystery of Mortlake Mansion\uninstall\uninstaller.exe AddRemove-WTA-286a9c95-c790-4a23-9568-4f846557423e - c:\program files (x86)\HP Games\Penguins!\uninstall\uninstaller.exe AddRemove-WTA-2c6df00c-d23e-4c6d-b629-72a6b5b5c6e2 - c:\program files (x86)\HP Games\Blasterball 3\uninstall\uninstaller.exe AddRemove-WTA-377ebe4b-ddf1-4d55-8994-d16dccbbe1c0 - c:\program files (x86)\HP Games\Virtual Villagers 5 - New Believers\uninstall\uninstaller.exe AddRemove-WTA-3a47674e-6286-4bd6-a4f9-fb0f04505f47 - c:\program files (x86)\HP Games\Cradle of Rome 2\uninstall\uninstaller.exe AddRemove-WTA-4b4a1c75-4fab-448d-8bf7-dc4540ffadad - c:\program files (x86)\HP Games\Bounce Symphony\uninstall\uninstaller.exe AddRemove-WTA-4eeb0c8e-3418-425d-928d-8f776496fa06 - c:\program files (x86)\HP Games\Chuzzle Deluxe\uninstall\uninstaller.exe AddRemove-WTA-4eedebef-5544-4f46-80eb-cdd700669940 - c:\program files (x86)\HP Games\Agatha Christie - Peril at End House\uninstall\uninstaller.exe AddRemove-WTA-51171669-e116-4a36-b992-5bc35e9ce9fd - c:\program files (x86)\HP Games\Namco All-Stars PAC-MAN\uninstall\uninstaller.exe AddRemove-WTA-516831ea-5764-4b40-bacc-6cca7d93bace - c:\program files (x86)\HP Games\Chronicles of Albian\uninstall\uninstaller.exe AddRemove-WTA-52927150-d423-4df5-a827-a51cfd03713a - c:\program files (x86)\HP Games\Poker Superstars III\uninstall\uninstaller.exe AddRemove-WTA-5ef2ea74-edf3-437c-8303-cc0532945e33 - c:\program files (x86)\HP Games\Jewel Quest The Sleepless Star - Collectors Edition\uninstall\uninstaller.exe AddRemove-WTA-6bc11f22-bb19-420c-9d54-29fbf930579d - c:\program files (x86)\HP Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe AddRemove-WTA-73a29449-9398-427e-8c58-653416202cad - c:\program files (x86)\HP Games\Slingo Supreme\uninstall\uninstaller.exe AddRemove-WTA-7a96c42c-f7ba-44ce-8ae7-0df904e7de79 - c:\program files (x86)\HP Games\Mah Jong Medley\uninstall\uninstaller.exe AddRemove-WTA-90aee741-cbd9-4290-81ce-73119c45d1e2 - c:\program files (x86)\HP Games\FATE\uninstall\uninstaller.exe AddRemove-WTA-967bad6c-eafd-4912-9363-cdc71f938889 - c:\program files (x86)\HP Games\Polar Bowler\uninstall\uninstaller.exe AddRemove-WTA-96d9a103-8d41-4cd8-9ee6-118557eea107 - c:\program files (x86)\HP Games\Zuma Deluxe\uninstall\uninstaller.exe AddRemove-WTA-b12ef7f4-76e9-42d6-8507-17571cf1325c - c:\program files (x86)\HP Games\Farm Frenzy\uninstall\uninstaller.exe AddRemove-WTA-b97f9d01-f6b2-4027-b420-f03f6018b858 - c:\program files (x86)\HP Games\Governor of Poker 2 Premium Edition\uninstall\uninstaller.exe AddRemove-WTA-ca2f47de-01ef-4782-a525-665b8d1de53d - c:\program files (x86)\HP Games\Cake Mania\uninstall\uninstaller.exe AddRemove-WTA-d19d4618-60ed-4dbe-8f0d-a827daabb525 - c:\program files (x86)\HP Games\Bejeweled 3\uninstall\uninstaller.exe AddRemove-WTA-d4532316-d7ad-4d43-84ce-5d07261e1841 - c:\program files (x86)\HP Games\Final Drive Nitro\uninstall\uninstaller.exe AddRemove-WTA-d4fee06a-821b-4ae0-95b4-0ed12535e2d7 - c:\program files (x86)\HP Games\Vacation Quest - The Hawaiian Islands\uninstall\uninstaller.exe AddRemove-WTA-f34a166f-3218-4c2a-8f90-5c2c6fcda4e3 - c:\program files (x86)\HP Games\Polar Golfer\uninstall\uninstaller.exe AddRemove-{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1 - c:\users\marco\Documents\Infestation Survivor Stories\unins000.exe AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_44_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_44.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2014-02-16 10:35:38 ComboFix-quarantined-files.txt 2014-02-16 09:35 . Pre-Run: 188.353.851.392 bytes beschikbaar Post-Run: 187.957.751.808 bytes beschikbaar . - - End Of File - - 7A1D5E4AE7B9A8BF4BABE1D5F4A6610F
  17. It seems that malware bytes no longer find the virus which I guess means that it's gone? Anything other I have to do?
  18. Hey, thanks for doing this. I can't seem to get the malwarebytes report in english Please let me know if I have to do something else or if it's fixed. JRT File: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by ThisisuVersion: 6.1.1 (02.04.2014:1)OS: Windows 7 Home Premium x64Ran by marco on vr 14-02-2014 at 9:04:39,93~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exeSuccessfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\igearsettingsSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbarSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduitSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancsSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2849859Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HPSF_Tasks_RASMANCSSuccessfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASAPI32Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HPSF_Tasks_RASMANCSSuccessfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B78C4B0A-E785-4EA4-9192-6AFFE321D66F}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B78C4B0A-E785-4EA4-9192-6AFFE321D66F}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon"Successfully deleted: [Folder] "C:\ProgramData\starapp"Successfully deleted: [Folder] "C:\Users\marco\AppData\Roaming\performersoft"Successfully deleted: [Folder] "C:\Users\marco\appdata\locallow\boost_interprocess"Successfully deleted: [Folder] "C:\Users\marco\appdata\locallow\conduit"Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"Successfully deleted: [Folder] "C:\Users\marco\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0168ED89-0F32-4A86-949B-D206739A5DB6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{01F4479F-811F-4589-863D-6E8FF0E4946E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{028A025D-D510-432B-B747-7FED2EBAB729}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{034ABE32-85DE-417A-A0B2-0E0A234E504B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{034F9C53-BA90-46FC-BE9A-9FB86CD2A37A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{036E398E-1836-43C6-B075-400EB6982730}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{04558663-13BD-49E8-9870-7E667D21E63E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{045FACA2-5EB7-466C-92CE-9395BA8C3D7E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0467ABC7-75DE-46D0-844E-FDC8DE9A88BC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{04A56839-6B17-4123-AF21-BEDF580FE173}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{05075AF1-E237-48FD-B026-6132CAA16AE1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{052856B8-B87F-4F37-BA1A-F68F8527AE51}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{05773005-0E26-46CE-9412-CBFBAAFEB30E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{06116EF7-A547-4363-B903-65A41A35D1E1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{06CC1607-C990-4D20-BB0C-29156F45B4EE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{070B75DA-62E6-478C-975B-F2DCD70C2AB1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0794CCE8-0539-46FC-9512-CC4D06A4DCED}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{07CF29D3-9DC2-4948-A507-E8E0CCAEB0D0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{07FC106B-998F-4B4B-8BA0-E91ACE28AEC7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{08073112-2F94-4D5A-8AB8-8D0190632F03}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{08B26D9C-9B25-4444-B303-A9438FA36C54}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{091DCF95-A41D-41E4-8D28-F6850790EAA1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0A97F898-94D4-4545-8A9C-20B3D40CA4B8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0B188194-4A6A-4F66-812D-97448484836B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0B9AB694-9EE6-45BB-AEA0-1CFB434A91FA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0D539074-FDCB-4FFB-8741-33B856DE4073}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0DA2F0B8-FA31-4B4A-B6A5-C7510D88C7A5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0DD78B1F-DC9E-44E0-B3F4-AE29A07D2839}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0EB54405-D995-40FC-A21C-C71C61FD7101}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{0F0F8756-938A-409E-8595-6EF334A341D5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1069DA9B-DA06-4DA0-8EE9-E40EA86401DE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1136C80E-11EB-4B8B-8899-65524B2F4085}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{11B7077A-9DAA-46B5-A615-59AD5A194B74}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{11D66729-3AC1-47EA-8DC6-F630B7FEF33B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{11E8C381-3525-40CF-8385-F427A2E3EFE7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{12250EC6-729B-451E-A770-921AC992F5C1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{123A18D1-81D3-4D45-8950-1425642CDBEC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1289DF11-6744-46FD-8F14-2B859C5CC1DA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{135FDBC4-2389-4DDC-867B-5DA3377C8B94}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{143FD7D0-A518-4CBC-91EB-BF5A69CEE5C5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{15105D27-80A9-4972-A317-BDBD596E20AB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{15BC902D-CD8B-4191-BE5F-EE9C8048AAC3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{16154953-8657-4CF7-8F17-FEA4B186CC67}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{166A05E1-80C9-4B50-84F2-B18573E56A44}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1687DAF9-BCB8-4236-9C33-394339302992}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{16AA756F-B07B-4B8A-A408-50E84F2AB7B2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{170704A0-040D-478E-B0F1-11F5962609CE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{17BEAE8F-8336-4464-9195-013D262651F1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1838BA0E-0C34-4016-B403-EB5C40677827}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{190A4D5D-CE97-4601-985C-9CA2EF512B1A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{19445B32-C064-4E1D-93FE-B92B7018A7DA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{19F70208-0CF1-4468-B403-D60FAFA3E000}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A08DACD-14C4-47A9-9350-05C754428710}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A565170-7B71-4396-93B4-807DEEC8EA5E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A6DED66-47EA-4CAA-8988-42D66B0072FC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1A926A02-D364-4E12-9164-4B0D1231A819}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1AC1032F-9CF7-43D8-BA25-75B21B0B1190}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1B528BEB-550C-402E-8314-94C5693D6E62}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1B892925-B4ED-45AF-B56F-E09A6DE62AB1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1C5FD571-C91D-4CDE-8E60-3EADBF70C1D5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1C69F2E5-06DD-4716-95E1-DE9BB71B24D4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1D0BB69A-ED7B-4668-9BB8-157D0AC112A1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1D23495E-746C-46EA-B5B7-ADA1C6417BE1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1DAC144E-2814-47F4-B1AD-93790BAB83D1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1EBDD186-158C-4524-9439-B74653A2B6C9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1ED27493-4412-4547-AA98-9F6D8E38F761}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1EF569ED-3BEB-415E-B127-C311971631F3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1F6DFC8D-CC8E-44FD-9712-46202D3E3BD2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{1F7B559E-91DE-4C9C-9B77-22D9E1FD2083}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{204F2AD9-829F-4852-8EC1-C94D1A086B2F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{207304AE-C97B-4CF0-BB79-C1ED2C8F958B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{20A215B1-2A7E-4993-A20E-935EDDB216D4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{20FF92B8-59D0-49C5-B3C6-67578BA7299B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2242DEF8-8AED-4593-A2D3-21F0E58FEA8F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{226CFEE8-821C-4E01-BB54-A10A8D277C81}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2308AD8A-CD98-4DF2-BF13-8C25A97B3642}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2312FFA4-DF7A-4449-8DF7-C2A1153E381E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{24040F0C-AE5A-4F7F-9FB8-02A60CA5B8A4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{24807665-59B7-4D4D-86CE-17D6F1CC65CF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{24BB34E0-9E0F-40FE-9B0C-27AE33F1CCB1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{25DD6174-97AC-4046-8DE8-26025F010151}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{262DCD68-67AB-4FBE-A0D0-DE83E7EAF74E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{26E80923-63E1-4B88-BD8C-AF7E290478EA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{27CC90D9-1B32-42A5-BBDF-BCB4A24D52A5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2861A4DA-7D4B-41A5-A825-6AAA52A511AA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{286B86FF-69E3-42DA-8925-9C6AFA3DD9DC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2891CD6A-5C80-43E2-B17A-6706DC5FC43E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{291E78BD-6E13-45A7-BFB1-E0E56345A3D1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2A2D2CD8-6911-4687-860A-26B69DB22BEC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2A9361E3-3F4C-42E9-BB72-AB67C0B03DFE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2ABFB3A1-6ED1-45B2-A8FA-222543BDC4BF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2B092C2A-DE52-4AA7-8153-9392F559FBBB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2BCB8702-8200-453C-8106-180737833E30}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2C2E61A0-4D52-409D-B4D2-2DBEDD3EAE59}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D146820-FA09-4D38-A198-852AEEEB22ED}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D19C48D-0F60-4931-B8B5-1AE0EC7ECFA4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D29641E-FA33-4097-A162-F151756A8F16}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2D6B097E-8E3E-41BF-80E2-E7BE4727FB5C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2E2B2076-AF63-4892-8AD9-120C4E474752}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2E84F8C2-BBFD-4035-B7EF-4AA85DB3697E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2F874BEC-1D4C-40BB-B5A0-8565019F0D7B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{2FD61910-78EE-4D41-9B68-718904DC72DA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{30EFFC50-AA09-4DD6-A524-BE3ED299E90B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{311D7C1C-A972-40D5-BFEC-D5D7CEAE3DFC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{32191D57-8A68-4943-9EDD-ACD5B2BD07F7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{328E8979-69D0-4C44-AEE3-DF6B0E21D44A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{329EB1FA-7823-4718-BDB3-35332E3D5AA7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{32A68220-4F94-447E-924D-876A447A9834}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3447CD8B-368D-42C8-9746-2CDCFB1E0B93}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{35135B3E-BEE2-4503-9A78-6F74FD65CB20}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3548F6F4-461C-4FDE-96B7-0643E0857AF3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{35D63C96-EE86-4B51-A442-5DE25D84F62D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{36326632-2198-4DC5-BF0A-E1E24FA4B87E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3879715E-E4F5-43A0-894A-54B364AC3E35}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{390E7C65-B473-49D2-8840-DE54BA240ABC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{392F5AC1-B36E-4BB3-96E1-D2CDEC789C4D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3932DC26-5E9D-4908-8A43-7A65499984DB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{394505BF-6C2B-4DAE-A985-E2A26DD23981}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{39B4738F-EC3F-42C7-9016-6C977F91B9C9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3AAF8693-ACA5-4AED-87BD-9F76F11B7F2D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B192D36-7BE9-4A96-9DB5-D3414C44728D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B85FD4E-07FF-423A-B1A7-1727E4066C64}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B92F7BD-D69A-41A8-A988-3C8CE3878B4A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3B955F92-0653-4C68-A045-CF647D0DC8EF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3D076B3C-5AAE-4992-B00B-91AA9A6184A8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3D0899AF-618C-4181-A912-772C228E80DD}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3D686FFC-4079-41B6-B68E-523B7D4DCC7B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3DBA192A-7A4D-4AE3-B816-DA5D95787BA7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3E56836B-856F-4A3C-8E49-66594C4854D0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3E8F26D1-F4C9-4C44-9C3D-248983A845B1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3E8F3572-06C3-446B-91C6-FE783D99F276}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3EFE5405-8048-41DB-AAEB-6918A79EBDB8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3F4DB86C-0D62-4F69-BBAA-CB83592307F3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{3F6BC5A3-2D7D-4269-A46B-43129BBC2BBF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4072AED1-273E-4FCD-A364-D936BDF54E32}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4075529D-67DF-4003-89D8-98E08926219C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{40A6290A-4B2A-42FE-A144-089BB620324C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{416AE915-EFBE-42F1-A1E5-A173751B6A21}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{41E4F178-9473-4AD1-B26A-7AA8A4F40E99}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4269A4F7-4D89-4BA3-9D71-927AAA6C5A0D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4297EFDD-276B-47BD-ACA5-737501633260}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4312440C-E476-432D-8165-AAC391070F01}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{43408E8C-2543-4AFB-9EDA-2652A065B849}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{43528C38-7304-4D12-BC68-4A21D3F107EA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{439D50D7-96ED-4A2D-B50B-1E57F20795F0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{44350D98-3BAF-42BC-BD1A-CD437B602B16}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{44ED0BF3-20BC-4854-A0CF-775AA92C5EBE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{45825934-B1A0-4934-944C-1E63A3C15908}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{45FD6650-0B59-45DB-8585-037534759AA2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{473186D5-5BBD-4EBA-AE5A-95D8A1931FEC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{473188FC-64F5-4945-A46E-BECC92BCA830}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4767BD98-5A3C-4797-9FE9-8DC710D4523E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{47C6E8B3-2491-4C71-8631-389EC8BA9D91}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{48097D25-A8CE-4A53-9739-2613AD9A1071}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{48D5DB65-F0CE-409E-A8B7-99C9497C904D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{490AA95F-06F6-4E57-9161-95737A4CD053}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4A18E9C1-08A5-4986-9F88-0E4CDDCE8968}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4A18FA09-7BFE-4B61-A6D7-F1EC7EE107CA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4BB855FB-C839-4A5F-998D-FBBADA2561F7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4BECD881-10B6-452A-97FF-71C5407148AD}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4C95D157-2E6A-4EEF-ACAE-C369553BF592}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4CAE4CBB-C097-4216-8F0A-A6D568B6A444}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4CDCFC45-CC37-4091-805B-754FC7A8FDEE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4CEB682D-A581-45E6-86B5-DFF80B75A7AD}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4DF66E14-D4AD-4689-936B-C55127A18718}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4E138510-502C-4C34-B6F9-0189B7A87233}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4EDC235C-32DC-41FE-A188-65C2A2A780F2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4F215C3E-0779-4B65-93A3-540737FF0239}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4F65756A-B084-4D52-B7B0-0D9B53073B41}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4F7A13C2-C7D7-4942-8582-D46DFDDB8AC3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{4FC5B25D-C728-4F32-A76C-76883EA15464}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{50135C2F-7EAD-44A9-AB78-6455803B9E20}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5102BA90-CAB6-4B5C-8AA5-507C50880690}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{51FD153F-2573-469D-BEB6-C1225465C389}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{524BD4B7-E92D-49C5-9335-562FEACC0D28}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{527967DA-7B57-4688-B6CE-00C63D2C5E07}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{527AD47C-9B98-48BF-92D1-E513A78DD192}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{52E0584A-ECA0-4F70-9F89-6A516EFA9D2A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{53465CB2-7530-44B4-9912-7A9F4CD78F6A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{538A3EBA-2817-427D-A558-E04E537F4C67}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{53EF4DE6-D034-4F31-9326-97784F0DDB64}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{54028028-6D6C-4E0F-B7E1-9F548CF95BBB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{542B800E-9D8E-4C90-83E3-C7E18D864E1B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5480DCB7-DB8A-4A77-928E-923501CC90FA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{54A67039-FBCC-4809-839A-5BD8D3F18FC9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{54B7896C-52C5-44EB-8DD5-B57DA1CE7AE3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{552EB689-E879-41EF-B311-CABC53E062EF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{554E2DDC-C2EF-49A2-88B6-17583738CF6B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{55CD26CA-0233-4B34-BF22-6A48A77C1859}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{56155801-74EC-4537-B636-BADB93B95289}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{564F5865-EC98-416D-8B32-4B4FE7A39E31}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{56ADB0F6-11B7-4E5E-8D4E-C485FA11E3DD}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{56B81E55-FCA1-441A-8C1F-2716B133A0B7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5793224A-A096-4041-B670-9C634399BAEC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{57DFE24B-D16A-4C4F-AD89-884D0C0D226F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{59162928-982C-4331-9DAA-0076AA3D953E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5A5E834F-7374-4091-87B0-F7E1D8BDCCE5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5B16928D-9CE2-4527-86A1-6B0993C3FFC6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5B512C4A-5840-4353-9455-510A0600C3EC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5BA5B26B-0834-40A8-BEE4-293A71FC7520}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5BD7E1E6-F4D8-4081-A9FA-D6B3D6207D87}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5C25AC3B-3776-4D3F-834B-B8E221E52439}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5C64C54F-11DC-4317-A232-6A4373616443}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5D739C3F-D3DD-4E88-B11C-0A4FDA709BD0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5E01A22F-4650-4737-A679-1019C546381E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5E455F29-D296-4971-80C9-03835F5A3AAA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5F373B06-4EA2-4467-BA27-21565A90CBF2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5F601E33-CD11-4AB9-9F5D-B12DB8484D08}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5FBA23E3-0222-45A4-A078-119914705A9F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{5FEE52C5-3D68-4616-9556-D2507BF493A1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6002B7AE-9B43-4F32-8406-2468B8EBB64B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6051FAB1-B58D-4924-8791-253DFA9B5102}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{612801CB-7055-452C-B439-8BFFEF410938}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{61D59318-1230-4494-BE9D-34F44A4A8A6C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{620D5614-27AC-489B-92E6-934ED6CDAF51}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6345A201-7A19-4771-B45C-CBCC448937A9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6369D100-2600-4D89-9CA3-65E59552FB6D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{653AA858-D2C4-46AB-B5F4-A42F3AA6B168}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{65520744-4749-4135-BA78-206CD2FE0270}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{65C27005-AD84-4EC5-A594-A5E7C056277A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{66DC7654-786F-4F05-8164-AEBC02A0943C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{68192D1D-26A5-4EA2-8933-DDD345CAC201}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{68C75517-3E74-4484-AFA0-1ED1BB5181AF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{69E2ACC7-652C-4310-8ADC-123D72224C31}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6A3D627D-18FB-4201-9BA8-7E1A9B3BF558}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6AC231A1-6262-42FD-98FC-8ECEA1AF3FD7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6AC45B09-F831-4DCE-88E2-4ED9CE90EBA9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6ADF493A-E8B5-4007-90DE-8EB8E463548F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6B55A484-DABB-411D-B947-978EE1415A91}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6B97FDF3-7F4F-4461-9F0B-6CDF98CD7F54}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6BB696F2-9D83-42CF-BCD4-CF0761B33E8C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6CE09FC8-BCE4-485D-BB5E-8C56F38671F8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6D488A6D-B221-4275-97E6-B8F1CDE51F49}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6D885E00-D564-4431-BEF2-EBDE6786CD94}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6E3B822C-3712-4678-B08A-D79BB647AABA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6EA4A559-63D7-4B6E-B7DB-496EE87D1F93}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{6EBEC7BB-46C2-454A-9A26-CACA569A89C6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{703A5989-194B-4DFD-9205-82559AEA01B9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{71C94892-A05C-4370-A73B-15768DE1E1FF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{72474F2A-4071-4384-812A-3D385C0494FA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7307DB89-30A4-4275-AD7D-36760EAA3A3D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{739301C8-8754-40C0-AB27-05608CCADA16}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{740804C9-9129-43C4-B66B-6B5148E54919}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{74301211-4D3D-4AD2-83CE-900DAAD67EE2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{761EE25B-AB57-4610-85A6-063A11A0E274}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{770DDBE2-7B48-4ECA-A945-6DE9EBC99711}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7713FFF3-D181-4F73-A7C1-38E763246E8E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7714A526-D623-4E07-B95C-FCA8D2719E58}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{779DF3D5-BF37-438D-A0DC-F58639BB9437}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{77C1A246-65EB-45F2-9535-D59F9FD30B64}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{77EEFC7F-FC5C-4C14-9A9B-DBF3F7A1C624}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{78026E31-29DD-4857-A3FB-DE49C41FBA7D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{781E6FD7-B0F8-4976-A9B5-8414D9354A28}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7866CC77-4CC2-4E49-A915-0181EFBFC3D9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7946C78C-9074-48EE-A456-34978179A8B9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{79EED0A2-2E81-4459-88D7-D65803FFA62F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7A0936F3-AB4A-4330-B750-11ECAF1DDDD7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7AD0197A-C740-4849-AF6D-8703AC6F81C0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7B200219-D690-4F6F-B1E7-A995F255AF8C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7B2DA997-02B0-43A5-8D93-CA7921F4B597}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7B98E59E-6B64-4F8A-9FC4-3D6E7261555C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7CE12689-E1EB-4D74-ADAF-D324F31CD21D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7D86012D-B865-48B3-8361-C76BA9DB8C79}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7DEA93E6-2510-43FC-8DD5-7E5AB1559301}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7DF6443D-CC16-4F74-86B0-A9769CD752D5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7E92221F-70FB-44DC-B45D-3588C72797EE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7EA38C4F-B132-41B3-9D7C-C27B90952B28}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7EC5CF29-B9FB-40C0-B869-CBB5B985E1C8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7ECB9EEF-0393-4118-BD9F-B81549D74156}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{7F941768-63D6-49E1-9908-DB3C29DF4714}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8034906B-576E-4BF5-AE23-B28F6FE89741}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{82873D5F-E36A-4A4E-9DE9-04EFAC590147}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{82F0FA9D-7CA0-4BAB-A873-A6721B6EC907}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{830CCE1E-C1D4-47B8-8C08-866E040F9C69}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{843AAB89-009F-49D5-9FBE-0883B58D0009}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{84C304AE-34B5-4A96-A16A-98D0AB2EB9CC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8531BA0C-5A93-4291-A32B-A293FFD0C575}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8560C3DF-5429-4133-87D5-D4A12E69264D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{85BF0E41-8D67-413A-9979-447FBEBFA331}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8743854F-E3E9-4A13-9A95-0ECA3EC85A38}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{879FB09C-F886-41BA-B6AF-7853856D29F3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8875CE8E-84A1-4AB2-B2A3-55E48C4960EA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{88BD16E4-AD15-4724-959F-957A029EDF9F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8977A760-772A-411E-A326-AECAFD93FDC8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{89C61E82-4928-40BE-A02B-7645769AC58C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8AD323F1-3C30-45DB-BE2A-963D0793DDC6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8B0EFAD7-9166-4941-A37D-F6A78B1B9C98}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8B12D448-6B1D-45C8-AA11-268EE92F673A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8B8871E0-62D2-41BA-B2D2-210297A61CC2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8BDB8714-B292-440F-A131-A7ED276CEC4B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8BE6DBE9-831E-4703-9B7A-88E05705A502}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8BE959C9-FF67-4254-9240-4BA7A9522F38}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8C77CF64-594D-4290-B35C-1D21D3C06AFC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8CDE3616-B357-40A7-80C8-7449C2A34A7E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8D1FE586-A879-4734-A941-A453A01D5CC2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8D30D6CC-4227-4B42-B057-2A0674129A1A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8D678CD4-74AD-44E7-B1C4-69EC05AF5C7F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8DBE1A41-8BD4-45EA-AC67-A03F380CAFC7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8DF627E7-D1DC-4426-87A6-7ED747225A80}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8F26F2F8-DFBD-4847-AF96-3AB8BC901C22}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8F87E6B5-DE13-4282-BE58-05DED4D56191}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8FA8F8F8-18AC-4940-8CD9-CB7AAC1DF1A5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{8FAE22C0-0DAF-4E66-B14E-5A3BE8DF3774}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{90163EDA-BCDF-407D-B11E-197B6452EA77}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9069E3E7-39AC-426D-AE3F-E573856A8963}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{910DD5AB-D0DA-4883-877E-0C0FD559319B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{911C09D5-4800-4D96-82FE-F143E1D44820}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{91682C19-9A43-4CE5-80B8-692DA58B89FD}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9187FD61-2BFA-4890-9374-558771197304}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{91A7EEAD-4226-461D-A3FF-E3B3770C45E1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{91FB6627-66D7-477D-8971-287249ADF53D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{92039DA5-BDB4-46BA-B199-43C44E0289D6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{921C6885-861A-490B-976A-6108119D5BD6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{92735383-7EED-45EA-BF69-9315776C127F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{930BB488-62AF-48EA-9849-468B8CD1BCB2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{949790D3-A094-4052-917F-71CB6D534D24}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{94F0BC94-E066-426C-8E5E-28C09F4CF5E0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{950EB431-D8B6-4126-866C-7C6F216DBAD3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{95865239-79C4-4492-A606-F0EA610948B3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{95CA761C-F79C-4A8E-8349-8561A9BC2F01}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{969578C3-5849-4599-AD07-49B5FEAEF475}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{97BF9758-57F4-43B7-88D9-5AE01A681476}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{97EA380F-A4BF-4D3F-990F-D92917F2C400}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{97F42517-5C08-46EA-88D8-DAFC89BA0175}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{986F8BB5-F20A-4429-ACA3-14A340CA14DC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{98F14A90-DEA4-46DC-B1D1-FDD59E5EFF32}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{992172D3-D04B-4869-A69B-097035942CA2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9998356D-CF82-4D27-ACD3-3FAA5096E14D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9AAA81E7-04E9-42B3-B51A-EBD207803765}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9B11DB65-27E5-4B02-A3D8-10676302E872}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9B7A099B-B9B0-4B1D-8942-F9F5BA655155}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9B9AA963-A290-4D9B-A651-CB2BB5D0DDC7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9C41DA73-723D-46E2-8AAF-E57B292BCB2E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9C68F973-C78D-490C-9903-01E8161260FB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9C6F90BE-4CB2-43E9-BE72-5DEDB141D2F1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9CC8676A-A05E-45A5-A3F0-A69CB00FF5BA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9D1DC43B-7D4F-4FCC-9B5E-3FBCF2401F4A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9DCD1BB6-4535-49B2-9B02-332F96426C60}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9EA991D5-0945-4F46-B70B-1EC24283708C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9EBB5F5B-84E1-4335-86D8-4965A81E9CA4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9F01BE6A-77F8-42C3-B4DF-1457A6E01046}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9F3885C6-BD41-439F-997C-32A4116A543F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{9FFDAAB2-4E2C-40F6-BC51-43ACB1DB267D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A098F4C7-1BBF-4D0C-8E5E-CFD1AC63CE84}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A0CA651F-EF09-4348-9532-3F5B1AD61606}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A1B89C0C-FB59-4222-A2D8-80FA50F55799}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A20DB787-938E-459E-AC23-E04BA95E0325}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A304BBEC-71BE-4856-971F-D1758347AF83}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A39A6D0D-715E-4219-B2A3-B4C910017A5A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A447536F-A7BC-4FB9-8BB1-38FCCBB5E8F5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A44B6CB8-ADD3-4488-BBEB-BF113717F186}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A48B1218-6FCB-41A8-B9CA-C4687D04CCEB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A50BF7F2-06BD-4E4B-80E5-800BA75C8F85}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A577FEBA-4B9A-4A96-B83A-76D6D190DB7A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A5C553B3-947B-4C03-B769-913083C672FF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A6292075-FFD6-4726-9FC1-4270D70D757D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A687CAB2-7508-44FA-BB8A-58FC7DBF3FB4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A73D058A-5684-435E-AE7B-05FE07C37A35}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A7552C1B-A285-4278-ACFC-19B0DDEC0D68}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A90C877D-7907-4767-B801-1EC3B919D280}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A9203122-615D-4B8C-AA8B-5A02E606CE00}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A928CF80-8207-432D-B686-2BCAB80AF830}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A976E9A4-4CF8-491B-9225-675A1529188F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{A9B49AEB-734A-492D-9A62-D05063828F0D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AA0856E4-3EA9-4738-BC01-6022489FB2BE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AAA0D4B1-5893-4D82-A933-6D13B0BA388C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AB6B7898-A799-4B41-8ADD-77276DEFCA6E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AC06AA7C-D5D9-4260-97DB-45BEE5E42DE0}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AC170AA3-3B35-4134-B784-65D2F4F30A7F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AD548E3B-5344-452C-AC9C-C5BAD6C394B4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AF3497A6-F395-4259-B35B-F84623F677E9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{AFA96AEE-1832-47D7-A8ED-9E770043331B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B05147A6-FD81-4F06-8771-EBDCC0C1419E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B0722AB1-F0AA-4F31-AB65-30A9F235A6CE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B0E83D63-DEB1-4BF6-A3EF-B899715DD39F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B20A1F26-98D1-4A2A-81F7-3E7B1BAE6EF5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B2EDE650-8BF1-4F37-92E6-54F78C074078}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B3069C63-B92B-42C5-9F7A-1E96365E774C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B332B9BD-9869-4424-A71C-2AC48FB8E675}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B3383EA8-95DF-4B9B-8E81-0FCCBCFD9D28}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B3EBAE89-7516-460B-847A-ED31C7F3FDBF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B4640688-E050-4BCA-90C9-C5748CEAB49C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B688A1DA-82F2-4D40-95E1-3BCC689CA4F4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B72A43BB-6CC5-4DC6-8471-661FB420C588}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B7D8037F-BE29-456A-B76F-488D749A7C09}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B898A6AD-107B-4A83-B8C7-8D3BE6B2DCA6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B8DB0D34-E8CC-44BC-89C0-B60EE06A5B2C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B8E9BB7B-C267-41B1-BFA6-02EA2586177E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B8F4F83E-0FB0-4859-AC0B-32CC9B60570B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B970C087-2E96-4C7C-AA76-735867E5D72D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B9812C8F-7E07-4917-AEDE-91F9B39AEB80}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{B98D700E-EAF9-45E3-873A-1D56713B40E4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BA8A8F1E-3A94-4BCD-B20A-A54DA8D8C32C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BAA1EC56-FBED-4378-A435-393B4BC129ED}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BAF14959-8267-4D01-9CDB-702EEC3B7D95}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BB4E706B-48A3-450B-B08C-2260981F24EF}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BB6E90A5-6BB3-4F7A-B91F-13624DF58A89}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BC7FBF97-8A2C-4363-8D31-D263E4079028}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BCD3964E-7C2D-4DFC-8679-FE49AFE1CCEE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BD347381-4093-4074-8810-1897D0D4E391}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BDD59FBB-B132-4E2B-94F2-B8DE4FB08A5E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BDE9FF7C-20F9-45E9-9E68-5B480996DF65}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BE36BA7A-F317-4AC0-8701-7D5DD9C03FCE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BE40BE89-3ACF-466E-B3DC-6C43A545BF58}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{BFBBD177-09A1-4F94-BB78-9FFB8C366844}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C03C7430-8F24-4A6F-A519-26EF0E2E7315}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C078397E-DA04-41B9-957C-1FC196AAFA99}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C0C34590-EAE0-4A7B-A663-D514F90F1A36}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C1367DC9-4A91-45F0-A2A7-9CC93D115EF8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C1EE5942-F6D4-40E5-B7C6-CD03301E2E56}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C2E7EB83-E49A-400A-B396-00AD7D54F8E8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C33C93C7-6DD8-41D1-A589-5C08C8581CCB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C345F1A6-A609-43B6-AB7C-7321BB838A79}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C3E4A3D2-DC52-4D94-AB6E-D668905F50AE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C3F22787-86B6-4327-A808-6708B387D252}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C6991EC9-A6EF-4D85-92C9-9A6D69680581}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C6D97226-9BD1-4F4A-91AB-37A3F1B7B4AE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C7328D94-3A6C-4B24-AFAC-F35EE265CB1C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C7B9B3E8-027E-4AF6-9CC8-6ED37BE5A588}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{C9E65FBB-3153-4750-8B43-54DA4020FF42}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CA316D46-7D62-4CE5-821B-52B6BA16956B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CAB1104C-4BE6-4848-BD8E-3E21EA90351F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CB25CBE6-7F0A-47F7-AA45-FAC53E443985}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CC065D0C-F9D1-468B-8FB4-BA1E405BA441}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD131D27-E19C-4B8B-ADC6-25C8C88B4331}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD2AC21C-1213-4B5B-9001-19C762C7A68B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD7FE58E-270A-4216-AC74-44AAF1963CF4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD85447C-0BDE-4142-958A-30494EE82AE7}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CD9B9FF4-95D4-4FE7-95B4-A41C21A9E12C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CDB95A1B-1204-4CED-8FB8-8E142CAFCEC4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CDC594FA-3CEA-4818-88D4-BE9ADC0FDA63}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CE1478F5-655E-4D02-835D-9CFB850B30EB}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CED3ACC0-F8DA-4985-B7F1-AB1DB0C72393}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{CFBEF9F6-89B5-4D5F-A13A-A800025E7708}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D02E78E7-14FC-4E40-A4E8-FD1B4C9B2A25}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D0B40775-54EF-41CF-BEF5-41C186488940}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D124F0A2-4B24-4355-973A-A8E3E33C4D11}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D1D21AB0-5E3B-4F47-A49F-4AAE8599CD7B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D25EB5D0-71F4-4A2E-9B1B-D3BD83871D10}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D342A0EE-9A3F-4ABA-8303-DB370F1CD810}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D3694F2C-6569-4CD9-BA48-7A358B778E47}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D3F9BA9C-5117-4312-B29F-BFD7B69D6A40}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D4E0EE9F-33D1-44EF-9ACE-E76563FC8D42}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D54DB7CB-D58D-4A77-8CB6-0F575B6CD6C9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D725D0F8-9799-429A-A95D-31F55166008E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D79C9D67-99D5-4322-904C-A3BEA0D87C00}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D7A50D72-06B8-454D-8950-61DAE476B909}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D82ED5FF-3DAF-4765-8407-72D7D2EE5AF6}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D898C6A4-E369-4335-BA85-89153413DC3E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D8B94AC8-3153-489E-BEF3-B9CCECE77738}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D8BD08BD-C031-4D38-8A21-F0108A14AB7B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D8DA999B-32E6-438B-AFCD-E113E69D00FE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D947082F-DE1A-444D-9A40-E2EAD6EE2540}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D9CE18D0-32AE-4B7F-A16D-604B24CB322D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{D9FD5A58-C8A4-41F5-9984-16B608335D7C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DA7004A3-1D74-44D3-A3F3-FB783307F24D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DACC3741-41D5-4763-8ABA-6581ACDC9D51}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DB2F908B-46D4-49F7-930E-33E9595FF207}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DB49F776-F693-46BF-929E-7354F74FA31F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DC1F5901-06B3-4E45-AAB5-7DE1771CEA1C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DC700E90-B590-4954-8F12-12402947C054}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DD83FE26-B302-43EB-8035-5816B690A124}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DE0AC8C7-6C06-463F-8C39-98D40CF1B396}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DE1B9976-8F49-46EF-A379-461057AAEE1E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DE7BCA9A-8D33-4B3B-91D0-D52E29D71C83}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DEEE484A-EB1C-42C0-B3C3-53B175904959}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DF4B3278-429A-4967-BD44-7398AAD0B46C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{DFCA92DA-2045-40DA-9537-EA6B0CE2B2E3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E047AA4D-B2B7-465B-9835-506E5416FB3E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E05FBEC8-ADB9-4E19-8353-F5CEB9CBBA6B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E1C7BB67-C032-4C18-9F83-F5FC4D26BA73}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E1E864FB-CA64-4CA6-AEFD-5268A9C983D5}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E2C50300-FDF8-49D8-BB6B-3C2DD224E8AC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E2C9BC9E-080A-4B62-B903-B5C8BDC53BDD}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E3B10F95-F14F-4A4E-A971-D5BF94160858}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E4AC9FB1-03E4-4080-8237-E6BFA5B14108}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E53785EC-A0B2-4883-BEE4-3DB9E3024C8A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E5DF1547-FDE6-4AEF-B98B-F82C0B4599AA}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E5F4F1F4-1EAE-420A-A776-961D0E0AC361}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E63A21F9-D4C5-4160-B03E-BA0B9C8D3027}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E6E29A02-0882-4C17-9C80-C626360EF7E1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E70B3ABE-1095-4F0A-96DB-8B7A56E9D09A}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E7EAC968-6305-48B5-BC84-1D9C48FFCC8C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E9513B62-E05E-49BF-8CF5-AF72616944D8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{E9E0E24A-FF63-4107-905F-E1D2EC169B19}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EA24649F-1732-43D2-80F9-0D56D7546E55}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EAC3D56B-3D69-44E7-9A75-7D09FBFA0533}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EADB937F-41A1-4949-B99E-39E1D9BE65DE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EBB8E34F-2A8C-4B61-9682-FB347B94B628}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC125208-7CFD-45E4-A6BE-FBD8D4BEC0C4}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC421507-65C4-4630-8F6F-A095589132CC}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC795197-BAC0-4E52-8D7C-427484B60C0B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EC800DFF-98BF-4A65-BBC6-C63C13E5F77F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{ECA66F0D-BB96-43B7-A546-63513E1F3E04}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{ED0A7D88-69AF-47DD-9435-7B636FA6AA50}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EDAC6342-DE19-43CD-B4DF-D34A188E653C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EDDD71B5-E7B8-4AC6-B0A6-FD450544E52F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EE688769-250F-4CF0-BA4A-77CBA252925C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{EF3363CE-3004-441B-B6F0-DAAF3C27C865}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F08757EE-A75D-43C4-9CA4-63373845A26B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F0E1CFCF-4AE7-456D-A814-962CC8EE4D12}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F15E40EF-8018-42DE-A25B-DE35A91F5D2D}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F1F28115-C36B-46AD-9451-8609644011F1}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F20042EA-4E18-4265-A4F5-30505D0A3389}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F21C2E42-2476-4127-A9D8-2F40EB587C46}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F226B393-42CE-403C-A667-2BC94017DB66}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F2462A78-2E36-4579-B2A6-E7DE164FB408}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F2E4D13D-EF1B-499E-B3BB-FD317DDDA248}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F330FB94-F46D-49B3-90AA-FDCD258868B9}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F4089A19-C0C7-49E0-AD79-1C6A285CA26E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F424E5C9-1163-410B-9E57-772B04CA3A6C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F44FC50C-C3E1-4755-9015-367A5B88D18C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F4BCF8F4-C716-440C-A665-2F709FBD1CA2}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F53E54D3-8E50-47E8-94D5-A5FD9485A103}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F5487ACC-D793-4D7F-A57F-192CD503A52F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F5BA9CDA-0B31-4C1F-A7AE-E0FBCE2C1B09}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F65A9F2D-43B8-4FF0-B09D-F63896A37B05}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F7061CB1-8317-457C-994A-8BD9349507F3}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F90593E5-9202-4F3F-8FCF-7BEDE3A13C1E}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{F94FE30A-33FE-4E14-B97B-D684F258EF6F}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FAA9F674-27E0-4F39-97F6-3CC22219DB1C}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FAEE9E07-9042-4451-90EA-75F446F435AE}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FB86DB0E-77D7-4A68-B8F0-9884697AEE17}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FCA331F4-8A47-45DC-A9DD-647B485DC461}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FDED7982-4D27-438C-9CB3-7531A443178B}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FE4FCA6D-CCE9-4933-9D8D-D5B4EBC8F0A8}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FF4A14EF-DD7C-463A-B2C8-04A279C87240}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FF814CE3-51FC-497F-8D8A-4E3CE9AC8669}Successfully deleted: [Empty Folder] C:\Users\marco\appdata\local\{FF97FB3A-F79A-4863-84CE-DDD7AA2A4D13} ~~~ FireFox Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"Successfully deleted the following from C:\Users\marco\AppData\Roaming\mozilla\firefox\profiles\vawqgg9s.default\prefs.js user_pref("extensions.51d02be4b00c9.scode", "(function(){try{if('aol.com,mail.google.com,premiumreports.info,search.babylon.com,search.gboxapp.com'.indexOf(window.self.locatioEmptied folder: C:\Users\marco\AppData\Roaming\mozilla\firefox\profiles\vawqgg9s.default\minidumps [2 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on vr 14-02-2014 at 9:09:14,45End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Adwcleaner File: # AdwCleaner v3.018 - Report created 14/02/2014 at 09:12:07# Updated 28/01/2014 by Xplode# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : marco - MARCO-HP# Running from : C:\Users\marco\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\saafe saveaFile Deleted : C:\Windows\System32\roboot64.exeFile Deleted : C:\Users\marco\AppData\Local\Temp\Uninstall.exeFile Deleted : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\searchplugins\avg-secure-search.xmlFile Deleted : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\searchplugins\holasearch.xmlFile Deleted : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journalFile Deleted : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekfKey Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Mozilla Firefox v19.0 (nl) [ File : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ] [ File : C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\marco\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [2827 octets] - [14/02/2014 09:11:42]AdwCleaner[s0].txt - [2760 octets] - [14/02/2014 09:12:07] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2820 octets] ########## Malware Bytes log: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Databaseversie: v2014.02.14.03 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16518marco :: MARCO-HP [administrator] 14-2-2014 9:16:17mbam-log-2014-02-14 (09-16-17).txt Scan type: Snelle scanIngeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUMUitgeschakelde scan opties: P2PObjecten gescand: 378232Verstreken tijd: 15 minuut/minuten, 49 seconde(n) Geheugenprocessen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0(Geen kwaadaardige objecten gedetecteerd) (einde)
  19. Hey, here are the two files as instructed. ________________________________ .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 18-5-2012 16:57:10System Uptime: 13-2-2014 23:15:56 (0 hours ago).Motherboard: Foxconn | | 2ABFProcessor: Intel® Core i7-2600 CPU @ 3.40GHz | CPU 1 | 3401/100mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 453 GiB total, 165,423 GiB free.D: is FIXED (NTFS) - 13 GiB total, 1,587 GiB free.E: is CDROM ()F: is Removable.==== Disabled Device Manager Items =============.Class GUID: Description: LinksysbyCisco Internet Gateway DeviceDevice ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446Manufacturer: Name: LinksysbyCisco Internet Gateway DevicePNP Device ID: UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446\UMB\3&22208DD1&0&UUID:EBF5A0A0-1DD1-11B2-A90F-C8D7199F1446Service: .==== System Restore Points ===================.RP226: 13-2-2014 9:43:15 - Gepland controlepunt.==== Installed Programs ======================..sol Editor 1.1.0.17-Zip 9.22beta802.11n Wireless LAN CardAdobe Flash Player 12 ActiveXAdobe Flash Player 12 PluginAgatha Christie - Peril at End HouseAuthenTec TrueAPIAVG 2013AVG Security ToolbarBatman: Arkham Asylum GOTY EditionBattle.netBejeweled 3Blackhawk Striker 2Blasterball 3Bounce SymphonyCake ManiaCCleanerChronicles of AlbianChuzzle DeluxeCisco Network MagicCounter-Strike: Global OffensiveCradle of Rome 2Curse ClientD3DX10Diablo IIIDota 2DropboxF.E.A.R. 3f.luxFarm FrenzyFATEFinal Drive: NitroGeForce Experience NvStream Client ComponentsGoogle ChromeGovernor of Poker 2 Premium EditionHearthstoneHewlett-Packard ACLM.NET v1.2.2.3Hi-Rez Studios Authenticate and Update ServiceHP AutoHP Client ServicesHP Customer Experience EnhancementsHP GamesHP LinkUpHP OdometerHP SetupHP Setup ManagerHP SimplePass PE 2011HP Support AssistantHP Support InformationHP UpdateHP Vision Hardware DiagnosticsInfestation Survivor Stories version 1.0Infestation: Survivor StoriesIntel® Identity Protection Technology 1.1.2.0Intel® Management Engine ComponentsJava 7 Update 45Java Auto UpdaterJavaFX 2.1.1Jewel Quest: The Sleepless Star - Collector's EditionJunk Mail filter updateLabelPrintLeague of LegendsLeft 4 Dead 2Magic DesktopMah Jong MedleyMalwarebytes Anti-Malware versie 1.75.0.1300Mesh RuntimeMicrosoft .NET Framework 4.5 NLD Language PackMicrosoft .NET Framework 4.5.1Microsoft Application Error ReportingMicrosoft MathematicsMicrosoft Office 2010Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106Microsoft XNA Framework Redistributable 4.0Minecraft1.5.2Mozilla Firefox 19.0 (x86 nl)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64Mystery of Mortlake MansionNamco All-Stars: PAC-MANNetwork MagicNorton Online BackupNVIDIA-configuratiescherm 331.82NVIDIA 3D Vision controllerstuurprogramma 331.82NVIDIA 3D Vision stuurprogramma 331.82NVIDIA GeForce Experience 1.7.1NVIDIA Grafisch stuurprogramma 331.82NVIDIA HD Audio-stuurprogramma 1.3.26.4NVIDIA Install ApplicationNVIDIA LED Visualizer 1.0NVIDIA PhysXNVIDIA PhysX systeemsoftware 9.13.0725NVIDIA ShadowPlay 9.3.21NVIDIA Stereoscopic 3D DriverNVIDIA Update 9.3.21NVIDIA Update ComponentsNVIDIA Virtual Audio 1.2.9Open Broadcaster SoftwarePDF Complete Special EditionPenguins!Plants vs. Zombies - Game of the YearPlayReady PC Runtime amd64Poker Superstars IIIPolar BowlerPolar GolferPower2GoPunkBuster ServicesPure Networks PlatformRaidCallRazer NagaRealtek High Definition Audio DriverRecovery ManagerRemote Graphics ReceiverRustSHIELD StreamingSkype™ 6.11Slingo SupremeSmiteStarCraft IITaalpakket voor Microsoft .NET Framework 4.5 - NLDTeamViewer 9TibiaTibia TestserverTibiacastUpdate Installer for WildTangent Games AppVacation Quest - The Hawaiian IslandsVC80CRTRedist - 8.0.50727.6195Ventrilo ClientVIP Access SDK (1.0.1.4) Virtual Villagers 5 - New BelieversVisual Studio 2008 x64 RedistributablesVisual Studio 2010 x64 RedistributablesVLC media player 2.0.6WildTangent Games App (HP Games)Windows Live Communications PlatformWindows Live EssentialsWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh - ActiveX-besturingselement voor externe verbindingenWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWinRAR 4.20 (32-bit)World of WarcraftWorld of Warcraft BetaZuma Deluxe.==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by marco at 23:50:04 on 2014-02-13Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.6125.3285 [GMT 1:00].AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}.============== Running Processes ===============.C:\PROGRA~2\AVG\AVG2013\avgrsa.exeC:\Program Files (x86)\AVG\AVG2013\avgcsrva.exeC:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exeC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\AVG\AVG2013\avgidsagent.exeC:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exeC:\Windows\SysWOW64\ezSharedSvcHost.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\HP SimplePass 2011\TouchControl.exeC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Intel\Services\IPT\jhi_service.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exeC:\Windows\system32\rundll32.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\PDF Complete\pdfsvc.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exeC:\Program Files (x86)\AVG\AVG2013\avgnsa.exeC:\Program Files (x86)\AVG\AVG2013\avgemca.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Windows\System32\rundll32.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\System32\WUDFHost.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exeC:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exeC:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exeC:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exeC:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exeC:\Users\marco\AppData\Local\Apps\2.0\CN01M3WW.VB3\PBG0W1YY.K3N\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exeC:\Program Files (x86)\AVG\AVG2013\avgui.exeC:\Program Files (x86)\AVG Secure Search\vprot.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exeC:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\marco\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\System32\svchost.exe -k swprvC:\Windows\system32\msiexec.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dllBHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllBHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dllTB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\17.3.0.49\AVG Secure Search_toolbar.dlluRun: [Google Update] "C:\Users\marco\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /backgrounduRun: [F.lux] "C:\Users\marco\AppData\Local\FluxSoftware\Flux\flux.exe" /noshowuRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe -silentuRun: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exemRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exemRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exemRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exemRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exemRun: [nmctxth] "C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe"mRun: [nmapp] "C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplashmRun: [RaidCall] C:\Program Files (x86)\RaidCall\raidcall.exemRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga Epic\NagaEpicSysTray.exemRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLYmRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [Xfire] C:\Program Files (x86)\Xfire2\Xfire.exemRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScriptStartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccipStartupFolder: C:\Users\marco\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\marco\AppData\Roaming\Dropbox\bin\Dropbox.exeStartupFolder: C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbsmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-Explorer: EnableShellExecuteHooks = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exeTrusted Zone: clonewarsadventures.comTrusted Zone: freerealms.comTrusted Zone: soe.comTrusted Zone: sony.comTCP: NameServer = 192.168.1.1TCP: Interfaces\{D374E301-AA43-4576-807F-2805EDCEE196} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C} : DHCPNameServer = 192.168.1.1TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F64323230383 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\34963736F66323331373 : DHCPNameServer = 192.168.1.1TCP: Interfaces\{DC042BA9-ED8D-440D-BF18-786B77BCD24C}\C696E6B6379737 : DHCPNameServer = 192.168.1.1 212.54.40.25 212.54.35.25Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dllx64-BHO: TrueSuite Website Log On: {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dllx64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exex64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Updatex64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exex64-Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\marco\AppData\Roaming\Mozilla\Firefox\Profiles\vawqgg9s.default\FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\npsitesafety.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Users\marco\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\marco\AppData\Roaming\raidcall\plugins\nprcplugin.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll.============= SERVICES / DRIVERS ===============.R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-10-23 45880]R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-25 246072]R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-9-16 46368]R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-11-20 283136]R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [2011-6-9 264008]R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-8-2 8704]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 jhi_service;Intel® Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568]R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-10-13 15125280]R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-3-5 1128952]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-11-11 414496]R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-3-5 2656280]R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-8 1771544]R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2012-3-5 1360960]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-26 39200]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-3-5 471144]R3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2010-12-16 126464]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-12 111616]S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2013-11-1 91352]S3 pmxdrv;pmxdrv;C:\Windows\System32\drivers\pmxdrv.sys [2012-3-5 31152]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-19 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184].=============== File Associations ===============.FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [userChoice].=============== Created Last 30 ================.2014-02-13 21:53:46 -------- d-----w- C:\Users\marco\AppData\Local\{DB49F776-F693-46BF-929E-7354F74FA31F}2014-02-13 21:12:27 -------- d-sh--r- C:\Users\marco\mb5spidgd9d2014-02-13 21:11:55 -------- d-----w- C:\Users\marco\AppData\Local\{7866CC77-4CC2-4E49-A915-0181EFBFC3D9}2014-02-13 08:12:08 -------- d-sh--w- C:\Users\marco\i15Z28qV2014-02-13 08:11:45 -------- d-----w- C:\Users\marco\AppData\Local\{3E8F3572-06C3-446B-91C6-FE783D99F276}2014-02-12 18:34:31 -------- d-----w- C:\Users\marco\InterruptBar2014-02-12 07:36:11 -------- d-sh--r- C:\Users\marco\rgunas5426q3no2014-02-12 07:36:05 -------- d-----w- C:\Users\marco\AppData\Local\{910DD5AB-D0DA-4883-877E-0C0FD559319B}2014-02-10 21:55:53 3792 ----a-w- C:\Users\marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\mdwhuzmxv.vbs2014-02-10 21:55:53 -------- d-sh--r- C:\Users\marco\7p5wnh6sb9sq152014-02-10 10:37:41 -------- d-----w- C:\Users\marco\AppData\Local\{D342A0EE-9A3F-4ABA-8303-DB370F1CD810}2014-02-09 09:00:15 -------- d-----w- C:\Users\marco\AppData\Local\{66DC7654-786F-4F05-8164-AEBC02A0943C}2014-02-08 08:40:14 -------- d-----w- C:\Users\marco\AppData\Local\{CD9B9FF4-95D4-4FE7-95B4-A41C21A9E12C}2014-02-07 08:13:20 -------- d-----w- C:\Users\marco\AppData\Local\{FCA331F4-8A47-45DC-A9DD-647B485DC461}2014-02-06 07:48:03 -------- d-----w- C:\Users\marco\AppData\Local\{7F941768-63D6-49E1-9908-DB3C29DF4714}2014-02-05 21:02:34 -------- d-----w- C:\Users\marco\AppData\Roaming\Xfire2014-02-05 21:02:22 -------- d-----w- C:\ProgramData\Xfire2014-02-04 10:27:38 -------- d-----w- C:\Users\marco\AppData\Local\{51FD153F-2573-469D-BEB6-C1225465C389}2014-02-02 10:01:21 -------- d-----w- C:\Users\marco\AppData\Local\{EDAC6342-DE19-43CD-B4DF-D34A188E653C}2014-02-01 09:51:27 -------- d-----w- C:\Users\marco\AppData\Local\{B898A6AD-107B-4A83-B8C7-8D3BE6B2DCA6}2014-01-31 07:38:02 -------- d-----w- C:\Users\marco\AppData\Local\{F7061CB1-8317-457C-994A-8BD9349507F3}2014-01-30 08:36:14 -------- d-----w- C:\Users\marco\AppData\Local\{3E56836B-856F-4A3C-8E49-66594C4854D0}2014-01-29 23:28:53 -------- d-----w- C:\Windows\Migration2014-01-29 08:02:26 -------- d-----w- C:\Users\marco\AppData\Local\{4C95D157-2E6A-4EEF-ACAE-C369553BF592}2014-01-28 09:13:41 -------- d-----w- C:\Users\marco\AppData\Local\{3F6BC5A3-2D7D-4269-A46B-43129BBC2BBF}2014-01-27 08:25:35 -------- d-----w- C:\Users\marco\AppData\Local\{5FBA23E3-0222-45A4-A078-119914705A9F}2014-01-26 10:08:27 -------- d-----w- C:\Users\marco\AppData\Local\{92735383-7EED-45EA-BF69-9315776C127F}2014-01-24 09:21:07 -------- d-----w- C:\Users\marco\AppData\Local\{416AE915-EFBE-42F1-A1E5-A173751B6A21}2014-01-23 08:11:29 -------- d-----w- C:\Users\marco\AppData\Local\{0B188194-4A6A-4F66-812D-97448484836B}2014-01-22 05:31:44 -------- d-----w- C:\Users\marco\AppData\Local\{C03C7430-8F24-4A6F-A519-26EF0E2E7315}2014-01-21 10:42:36 -------- d-----w- C:\Users\marco\AppData\Local\{11D66729-3AC1-47EA-8DC6-F630B7FEF33B}2014-01-19 22:53:42 -------- d-----w- C:\Program Files (x86)\Whorecraft2014-01-19 09:49:33 -------- d-----w- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}2014-01-19 09:35:49 -------- d-----w- C:\Users\marco\AppData\Local\{4E138510-502C-4C34-B6F9-0189B7A87233}2014-01-18 09:44:44 -------- d-----w- C:\Users\marco\AppData\Local\{779DF3D5-BF37-438D-A0DC-F58639BB9437}2014-01-17 08:02:09 -------- d-----w- C:\Users\marco\AppData\Local\{0A97F898-94D4-4545-8A9C-20B3D40CA4B8}2014-01-16 08:07:46 -------- d-----w- C:\Users\marco\AppData\Local\{24BB34E0-9E0F-40FE-9B0C-27AE33F1CCB1}2014-01-15 17:10:11 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys2014-01-15 17:10:10 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2014-01-15 17:10:10 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2014-01-15 17:10:10 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2014-01-15 17:10:10 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2014-01-15 17:10:10 3156480 ----a-w- C:\Windows\System32\win32k.sys2014-01-15 17:10:10 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2014-01-15 17:10:10 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2014-01-15 17:10:09 376768 ----a-w- C:\Windows\System32\drivers\netio.sys2014-01-15 08:13:43 -------- d-----w- C:\Users\marco\AppData\Local\{91FB6627-66D7-477D-8971-287249ADF53D}.==================== Find3M ====================.2014-02-05 19:11:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2014-02-05 19:11:10 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr2013-12-31 13:56:56 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2013-12-30 19:45:34 291128 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex02013-11-30 14:34:05 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-25 00:48:36 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll.============= FINISH: 23:50:14,86 ===============
  20. I've scanned 4 times in a row now & I keep getting this 1 object that keeps getting detected and I remove it every time, but every time I scan again it shows up again, the file itself is different every time this times it has been: C\users\name\rgunas5426q3no\OuilJF.exe C\users\name\mb5spidgd9d\mwlpGVZJo.exe and 2 more random ones, I just can't seem to get rid of them, any idea on what this is or how to fix it?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.