bique

.....

Ik heb de verkenner weer uit geprobeert en het doet het weer perfect. Ik weet niet of ik malware, Hijackthis en speccy weer moet de-installeren. of dat ik dit er gewoon op moet laten staan, graag nog even advies hierover . anders zal ik aan geven dat het probleem is opgelost. en jullie heel hartelijk bedank voor de goede uitleg en de goede hulp. Suzanne

ik heb nu een tijdje in de verkenner gewerkt, en hij doet het nog steeds goed. Ik heb goede hoop dat het opgelost is, zal het in de namiddag nog eens uitproberen. jullie zijn grandioos alvast bedankt Suzanne

# AdwCleaner v2.106 - Verslag gemaakt op 18/01/2013 om 09:44:07 # Geactualiseerd op 17/01/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : suzanne - SUZANNE-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\suzanne\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\user.js File Verwijdert : C:\Users\suzanne\AppData\Local\Temp\Uninstall.exe Map Verwijdert : C:\Program Files (x86)\AVG Secure Search Map Verwijdert : C:\Program Files (x86)\BabylonToolbar Map Verwijdert : C:\Program Files\Web Assistant Map Verwijdert : C:\ProgramData\AVG Secure Search Map Verwijdert : C:\ProgramData\Babylon Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\suzanne\AppData\Local\AVG Secure Search Map Verwijdert : C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Map Verwijdert : C:\Users\suzanne\AppData\Local\Temp\avg@toolbar Map Verwijdert : C:\Users\suzanne\AppData\LocalLow\AVG Secure Search Map Verwijdert : C:\Users\suzanne\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\suzanne\AppData\LocalLow\Softonic Map Verwijdert : C:\Users\suzanne\AppData\Roaming\BabSolution Map Verwijdert : C:\Users\suzanne\AppData\Roaming\Babylon Map Verwijdert : C:\Users\suzanne\AppData\Roaming\iWin Map Verwijdert : C:\Windows\Installer\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Verwijdert bij het opstarten : C:\Program Files (x86)\Common Files\AVG Secure Search ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AVG Secure Search Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKLM\Software\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\b Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Babylon.dskBnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylnApp.appCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\6207E55EA2FE71A4AA7ABD89AEF31D1B Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\6207E55EA2FE71A4AA7ABD89AEF31D1B Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Sleutel Verwijdert : HKLM\SOFTWARE\Classes\S Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\suzanne\AppData\Local\Google\Chrome\User Data\Default\Preferences Verwijdert [l.56] : icon_url = "hxxp://www.babylon.com/favicon.ico", Verwijdert [l.59] : keyword = "babylon.com", Verwijdert [l.62] : search_url = "hxxp://search.babylon.com/?q={searchTerms}&affID=110231&tt=0113_1&babsrc=SP_ss&[...] ************************* AdwCleaner[s1].txt - [12693 octets] - [18/01/2013 09:44:07] ########## EOF - C:\AdwCleaner[s1].txt - [12754 octets] ########## - - - Updated - - - en ik heb AsusWebStorage verwijderd suzanne

Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.17.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 suzanne :: SUZANNE-PC [administrator] 17-1-2013 13:43:37 mbam-log-2013-01-17 (13-43-37).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 235628 Verstreken tijd: 5 minuut/minuten, 6 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Users\suzanne\Downloads\PDFCreatorSetup.exe (PUP.Adware.InstallCore) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Users\suzanne\Local Settings\Temporary Internet Files\Content.IE5\9IGCXLXB\MyPhoneExplorer_v2_5185[1].exe (PUP.Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:00:35, on 17-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Windows\AsScrPro.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightShot] C:\Users\suzanne\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue O4 - HKCU\..\Run: [Google Update] "C:\Users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1657262024-602499352-756607843-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1657262024-602499352-756607843-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12323 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:31:00, on 17-1-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\suzanne\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\bh\BabylonToolbar.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.8.7.2\BabylonToolbarTlbr.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE" O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S O4 - HKLM\..\Run: [sonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [LightShot] C:\Users\suzanne\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue O4 - HKCU\..\Run: [Google Update] "C:\Users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-1657262024-602499352-756607843-1000\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-1657262024-602499352-756607843-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13375 bytes

http://speccy.piriform.com/results/7rzcLKKxhfCPxYbZkSMQ1mg

[ATTACH]23608[/ATTACH] - - - Updated - - - [ATTACH]23609[/ATTACH] sfcdetails.txt verkenner crash.docx

mijn verkenner werkt niet meer naar behoren. nu heb ik dit na gekeken via via anderen, en nu blijkt dat mijn verkenner een app chrash heeft gehad op 11-11-2012. gezien op: configuratiescherm-systeem beveiliging- onderhoudscentrum. nu wilde ik mijn computer naar een hestelpunt zetten van voor die datum , maar ik kan alleen terug gaan tot 10-01-2013. kunnen jullie my verder helpen??? ben een leek op dit gebeid. alvast bedankt. suzanne

silverlight werkt ook weer, ccleaner gedaan en alle fouten hersteld. zal ook een recoverie dvd maken. volgens mij is hij weer helemaal in orde. Bedankt

alles werkt weer perfect op een ding na wat ik op dit moment zie, en dat is silverlight.configuration.exe, dat is als ik een programma wil bekijken bij bv. rtlxl.nl, bij bv. uitzending gemist dan slaat de computer vast, maar daar kan ik mee leven, de rest doet het weer perfect. Ik wil jullie hartelijk danken voor al de tijd en moeite die jullie erin besteed hebben, jullie hebben mij voortreffelijk geholpen. Bedankt Bique ---------- Post toegevoegd om 14:43 ---------- Vorige post was om 14:32 ---------- Ik heb nog 1 vraagje als het mag,. Nu mijn computer weer prima werkt wil ik een recovery cd maken, alleen weet ik niet hoe dat moet. Dit i.vm als er weer iets gebeurt ik dan deze recovery cd kan installeren en het probleem zo kan oplossen. Tenminste ik denk dat het zo werkt.

ComboFix 11-11-15.06 - suzanne 16-11-2011 12:35:20.4.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3067.1874 [GMT 1:00] Gestart vanuit: c:\users\suzanne\Desktop\ComboFix.exe gebruikte Opdracht switches :: c:\users\suzanne\Desktop\CFScript.txt AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\program files\tbZyng.dll" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\BabylonToolbar c:\program files\Bandoo c:\program files\Bandoo\Bandoo.exe c:\program files\Bandoo\BandooGo.exe c:\program files\Bandoo\BandooUI.exe c:\program files\Bandoo\BndCore.exe c:\program files\Bandoo\BndHook.dll c:\program files\Bandoo\CrashRpt.dll c:\program files\Bandoo\ExtensionsManager.exe c:\program files\Bandoo\FFSettings.exe c:\program files\Bandoo\FlashAnimator.dll c:\program files\Bandoo\GIFAnimator.dll c:\program files\Bandoo\InstallerHelper.dll c:\program files\Bandoo\libungif4.dll c:\program files\Bandoo\Plugins.ini c:\program files\Bandoo\Plugins\IE\Resources\bandoo.js c:\program files\Bandoo\Plugins\MSN\msnplugin.dll c:\program files\Bandoo\Plugins\Yahoo\YahooPlugin.dll c:\program files\Bandoo\PreUninstall.exe c:\program files\Bandoo\Resources.dll c:\program files\Bandoo\UNWISE.EXE c:\program files\IObit c:\program files\IObit\Advanced SystemCare 4\checkinfo.txt c:\program files\IObit\Advanced SystemCare 4\cxLibraryD12.bpl c:\program files\IObit\Advanced SystemCare 4\Def.dbd c:\program files\IObit\Advanced SystemCare 4\DiskScan.log c:\program files\IObit\Advanced SystemCare 4\DriverData.db c:\program files\IObit\Advanced SystemCare 4\dxBarD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxComnD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxCoreD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxDockingD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxGDIPlusD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxSkinOffice2007BlueD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxSkinsCoreD12.bpl c:\program files\IObit\Advanced SystemCare 4\dxThemeD12.bpl c:\program files\IObit\Advanced SystemCare 4\EULA.rtf c:\program files\IObit\Advanced SystemCare 4\help.html c:\program files\IObit\Advanced SystemCare 4\images\dcScreen.png c:\program files\IObit\Advanced SystemCare 4\images\dcScreen2.png c:\program files\IObit\Advanced SystemCare 4\images\icon-dc.png c:\program files\IObit\Advanced SystemCare 4\images\icon-qc.png c:\program files\IObit\Advanced SystemCare 4\images\icon-tb.png c:\program files\IObit\Advanced SystemCare 4\images\icon-tbox.png c:\program files\IObit\Advanced SystemCare 4\images\main.png c:\program files\IObit\Advanced SystemCare 4\images\mainPro.png c:\program files\IObit\Advanced SystemCare 4\images\toolboxscreen.png c:\program files\IObit\Advanced SystemCare 4\images\turboboost.png c:\program files\IObit\Advanced SystemCare 4\Language\Arabic.lng c:\program files\IObit\Advanced SystemCare 4\Language\Belarusian.lng c:\program files\IObit\Advanced SystemCare 4\Language\Bulgarian.lng c:\program files\IObit\Advanced SystemCare 4\Language\ChineseSimp.lng c:\program files\IObit\Advanced SystemCare 4\Language\ChineseTrad.lng c:\program files\IObit\Advanced SystemCare 4\Language\Czech.lng c:\program files\IObit\Advanced SystemCare 4\Language\Danish.lng c:\program files\IObit\Advanced SystemCare 4\Language\Dutch.lng c:\program files\IObit\Advanced SystemCare 4\Language\English.lng c:\program files\IObit\Advanced SystemCare 4\Language\French.lng c:\program files\IObit\Advanced SystemCare 4\Language\German.lng c:\program files\IObit\Advanced SystemCare 4\Language\Greek.lng c:\program files\IObit\Advanced SystemCare 4\Language\Hungarian.lng c:\program files\IObit\Advanced SystemCare 4\Language\Italian.lng c:\program files\IObit\Advanced SystemCare 4\Language\Japanese.lng c:\program files\IObit\Advanced SystemCare 4\Language\Korean.lng c:\program files\IObit\Advanced SystemCare 4\Language\Polish.lng c:\program files\IObit\Advanced SystemCare 4\Language\Portuguese(PT-BR).lng c:\program files\IObit\Advanced SystemCare 4\Language\Russian.lng c:\program files\IObit\Advanced SystemCare 4\Language\Serbian.lng c:\program files\IObit\Advanced SystemCare 4\Language\Spanish.lng c:\program files\IObit\Advanced SystemCare 4\Language\Swedish.lng c:\program files\IObit\Advanced SystemCare 4\Language\Turkish.lng c:\program files\IObit\Advanced SystemCare 4\Language\Vietnamese.lng c:\program files\IObit\Advanced SystemCare 4\LatestNews\imagenews.png c:\program files\IObit\Advanced SystemCare 4\License.dat c:\program files\IObit\Advanced SystemCare 4\rtl120.bpl c:\program files\IObit\Advanced SystemCare 4\ScanCache.db c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Arabic.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Belarusian.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Bulgarian.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\ChineseSimp.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\ChineseTrad.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Czech.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\English.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\French.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\German.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Hungarian.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Italian.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Japanese.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Korean.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Polish.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Russian.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Serbian.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Spanish.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Turkish.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Vietnamese.lng c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\img\btn-bg.png c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\img\menu-bg.png c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\Index.html c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\Recently.html c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Asia\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Setting_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Setting_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Black\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Blue\main.html c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\China\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\China\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\China\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\China\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\China\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\China\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Cute\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Default\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Flat\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Maya\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Metal\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Office\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnMLDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnMLNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnMLOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\Upgrade_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\Upgrade_Over.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\UpgraudD.png c:\program files\IObit\Advanced SystemCare 4\UI\White\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\White\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\White\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\White\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\White\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\White\main.html c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Disable.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_BackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\BtnStop_Down.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\BtnStop_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\BtnStop_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\btnUpgradeNormal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\btnUpgradeOver.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CareBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CareWorkBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CheckBox_Checked.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CheckBox_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Close_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Close_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Img_Error.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Img_NoProblem.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Main_Shade.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Min_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Min_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\More_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\More_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Preview.jpg c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerLeft.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerMid.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerRight.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Rescue_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Rescue_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ScannerBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ScanningBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Skin_Move.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Skin_Normal.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\TopBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\TrackBar.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\TrackBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\css\css.css c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\btnUpgradeDown.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\clear.gif c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\dailycare.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\deepcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\halo.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\hints.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\MainBG.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\quickcare.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\shadow.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\tip215.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\toolBox.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\toolboxs.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\transparent.gif c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\turboboostoff.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\turbobooston.png c:\program files\IObit\Advanced SystemCare 4\UI\Wood\main.html c:\program files\IObit\Advanced SystemCare 4\unins000.dat c:\program files\IObit\Advanced SystemCare 4\unins000.msg c:\program files\IObit\Advanced SystemCare 4\Update History.txt c:\program files\IObit\Advanced SystemCare 4\vcl120.bpl c:\program files\IObit\Advanced SystemCare 4\vclx120.bpl c:\program files\tbZyng.dll c:\programdata\AVG2012 c:\programdata\AVG2012\Chjw\5432163632161d94.dat c:\programdata\AVG2012\Chjw\5432163632161d94\avgcchff.dat c:\programdata\AVG2012\Chjw\5432163632161d94\avgcchfi.dat c:\programdata\AVG2012\Chjw\5432163632161d94\avgcchmf.dat c:\programdata\AVG2012\Chjw\5432163632161d94\avgcchmi.dat c:\programdata\AVG2012\Chjw\8840922d409221cc.dat c:\programdata\AVG2012\Chjw\8840922d409221cc\avgcchff.dat c:\programdata\AVG2012\Chjw\8840922d409221cc\avgcchfi.dat c:\programdata\AVG2012\Chjw\8840922d409221cc\avgcchmf.dat c:\programdata\AVG2012\Chjw\8840922d409221cc\avgcchmi.dat c:\programdata\AVG2012\fet\5432163632161d94.dat c:\programdata\AVG2012\fet\b8dc8416b8dc8416.dat c:\programdata\AVG2012\fet\eaeeeb49eaeeeb49.dat c:\programdata\AVG2012\IDS\config\BehavioralEventProcessors.dat c:\programdata\AVG2012\IDS\config\BehavioralEvents.dat c:\programdata\AVG2012\IDS\config\Characteristics.dat c:\programdata\AVG2012\IDS\config\Classifiers.dat c:\programdata\AVG2012\IDS\config\Correlations.dat c:\programdata\AVG2012\IDS\config\ExecutableEvents.dat c:\programdata\AVG2012\IDS\config\FileCoverage.dat c:\programdata\AVG2012\IDS\config\internalList.zip c:\programdata\AVG2012\IDS\config\internalList.zip.bak c:\programdata\AVG2012\IDS\config\md5Cache.dat c:\programdata\AVG2012\IDS\config\NetworkEvents.dat c:\programdata\AVG2012\IDS\config\quarantinedList.zip c:\programdata\AVG2012\IDS\config\quarantinedList.zip.bak c:\programdata\AVG2012\IDS\config\RegistryCoverage.dat c:\programdata\AVG2012\IDS\config\Relationships.dat c:\programdata\AVG2012\IDS\config\ReportableEventMappings.dat c:\programdata\AVG2012\IDS\config\SelfProtection.dat c:\programdata\AVG2012\IDS\config\ShortcutCache.dat c:\programdata\AVG2012\IDS\config\userList.zip c:\programdata\AVG2012\IDS\config\userList.zip.bak c:\programdata\AVG2012\IDS\config\XViewConfig.dat c:\programdata\AVG2012\IDS\malwareprofile\backup.dat c:\programdata\AVG2012\IDS\malwareprofile\nodes.dat c:\programdata\AVG2012\IDS\profile\globalLoadable.bak c:\programdata\AVG2012\log\avgcfg.log c:\programdata\AVG2012\log\avgcfg.log.lock c:\programdata\AVG2012\log\avgcfgex.log c:\programdata\AVG2012\log\avgcfgex.log.lock c:\programdata\AVG2012\log\avgchjw.log c:\programdata\AVG2012\log\avgchjw.log.1 c:\programdata\AVG2012\log\avgchjw.log.10 c:\programdata\AVG2012\log\avgchjw.log.2 c:\programdata\AVG2012\log\avgchjw.log.3 c:\programdata\AVG2012\log\avgchjw.log.4 c:\programdata\AVG2012\log\avgchjw.log.5 c:\programdata\AVG2012\log\avgchjw.log.6 c:\programdata\AVG2012\log\avgchjw.log.7 c:\programdata\AVG2012\log\avgchjw.log.8 c:\programdata\AVG2012\log\avgchjw.log.9 c:\programdata\AVG2012\log\avgchjw.log.lock c:\programdata\AVG2012\log\avgchjwsrv.log c:\programdata\AVG2012\log\avgchjwsrv.log.1 c:\programdata\AVG2012\log\avgchjwsrv.log.10 c:\programdata\AVG2012\log\avgchjwsrv.log.2 c:\programdata\AVG2012\log\avgchjwsrv.log.3 c:\programdata\AVG2012\log\avgchjwsrv.log.4 c:\programdata\AVG2012\log\avgchjwsrv.log.5 c:\programdata\AVG2012\log\avgchjwsrv.log.6 c:\programdata\AVG2012\log\avgchjwsrv.log.7 c:\programdata\AVG2012\log\avgchjwsrv.log.8 c:\programdata\AVG2012\log\avgchjwsrv.log.9 c:\programdata\AVG2012\log\avgchjwsrv.log.lock c:\programdata\AVG2012\log\avgcore.log c:\programdata\AVG2012\log\avgcore.log.1 c:\programdata\AVG2012\log\avgcore.log.10 c:\programdata\AVG2012\log\avgcore.log.2 c:\programdata\AVG2012\log\avgcore.log.3 c:\programdata\AVG2012\log\avgcore.log.4 c:\programdata\AVG2012\log\avgcore.log.5 c:\programdata\AVG2012\log\avgcore.log.6 c:\programdata\AVG2012\log\avgcore.log.7 c:\programdata\AVG2012\log\avgcore.log.8 c:\programdata\AVG2012\log\avgcore.log.9 c:\programdata\AVG2012\log\avgcore.log.lock c:\programdata\AVG2012\log\avgcsl.log c:\programdata\AVG2012\log\avgcsl.log.1 c:\programdata\AVG2012\log\avgcsl.log.2 c:\programdata\AVG2012\log\avgcsl.log.lock c:\programdata\AVG2012\log\avgdecider.log c:\programdata\AVG2012\log\avgdecider.log.lock c:\programdata\AVG2012\log\avgdiagex.log c:\programdata\AVG2012\log\avgdiagex.log.lock c:\programdata\AVG2012\log\avgemc.log c:\programdata\AVG2012\log\avgemc.log.1 c:\programdata\AVG2012\log\avgemc.log.lock c:\programdata\AVG2012\log\avgexc.log c:\programdata\AVG2012\log\avgexc.log.1 c:\programdata\AVG2012\log\avgexc.log.lock c:\programdata\AVG2012\log\avgidpagent.log c:\programdata\AVG2012\log\avgidpagent.log.lock c:\programdata\AVG2012\log\avgldr.log c:\programdata\AVG2012\log\avgldr.log.1 c:\programdata\AVG2012\log\avgldr.log.2 c:\programdata\AVG2012\log\avgldr.log.3 c:\programdata\AVG2012\log\avgldr.log.lock c:\programdata\AVG2012\log\avglng.log c:\programdata\AVG2012\log\avglng.log.1 c:\programdata\AVG2012\log\avglng.log.10 c:\programdata\AVG2012\log\avglng.log.2 c:\programdata\AVG2012\log\avglng.log.3 c:\programdata\AVG2012\log\avglng.log.4 c:\programdata\AVG2012\log\avglng.log.5 c:\programdata\AVG2012\log\avglng.log.6 c:\programdata\AVG2012\log\avglng.log.7 c:\programdata\AVG2012\log\avglng.log.8 c:\programdata\AVG2012\log\avglng.log.9 c:\programdata\AVG2012\log\avglng.log.lock c:\programdata\AVG2012\log\avgmail.log c:\programdata\AVG2012\log\avgmail.log.lock c:\programdata\AVG2012\log\avgns.log c:\programdata\AVG2012\log\avgns.log.1 c:\programdata\AVG2012\log\avgns.log.10 c:\programdata\AVG2012\log\avgns.log.2 c:\programdata\AVG2012\log\avgns.log.3 c:\programdata\AVG2012\log\avgns.log.4 c:\programdata\AVG2012\log\avgns.log.5 c:\programdata\AVG2012\log\avgns.log.6 c:\programdata\AVG2012\log\avgns.log.7 c:\programdata\AVG2012\log\avgns.log.8 c:\programdata\AVG2012\log\avgns.log.9 c:\programdata\AVG2012\log\avgns.log.lock c:\programdata\AVG2012\log\avgpostinst.log c:\programdata\AVG2012\log\avgpostinst.log.lock c:\programdata\AVG2012\log\avgrkt.log c:\programdata\AVG2012\log\avgrkt.log.lock c:\programdata\AVG2012\log\avgrs.log c:\programdata\AVG2012\log\avgrs.log.1 c:\programdata\AVG2012\log\avgrs.log.10 c:\programdata\AVG2012\log\avgrs.log.2 c:\programdata\AVG2012\log\avgrs.log.3 c:\programdata\AVG2012\log\avgrs.log.4 c:\programdata\AVG2012\log\avgrs.log.5 c:\programdata\AVG2012\log\avgrs.log.6 c:\programdata\AVG2012\log\avgrs.log.7 c:\programdata\AVG2012\log\avgrs.log.8 c:\programdata\AVG2012\log\avgrs.log.9 c:\programdata\AVG2012\log\avgrs.log.lock c:\programdata\AVG2012\log\avgscan.log c:\programdata\AVG2012\log\avgscan.log.1 c:\programdata\AVG2012\log\avgscan.log.2 c:\programdata\AVG2012\log\avgscan.log.lock c:\programdata\AVG2012\log\avgsched.log c:\programdata\AVG2012\log\avgsched.log.1 c:\programdata\AVG2012\log\avgsched.log.10 c:\programdata\AVG2012\log\avgsched.log.2 c:\programdata\AVG2012\log\avgsched.log.3 c:\programdata\AVG2012\log\avgsched.log.4 c:\programdata\AVG2012\log\avgsched.log.5 c:\programdata\AVG2012\log\avgsched.log.6 c:\programdata\AVG2012\log\avgsched.log.7 c:\programdata\AVG2012\log\avgsched.log.8 c:\programdata\AVG2012\log\avgsched.log.9 c:\programdata\AVG2012\log\avgsched.log.lock c:\programdata\AVG2012\log\avgsrm.log c:\programdata\AVG2012\log\avgsrm.log.1 c:\programdata\AVG2012\log\avgsrm.log.2 c:\programdata\AVG2012\log\avgsrm.log.3 c:\programdata\AVG2012\log\avgsrm.log.4 c:\programdata\AVG2012\log\avgsrm.log.5 c:\programdata\AVG2012\log\avgsrm.log.lock c:\programdata\AVG2012\log\avgsrmac.log c:\programdata\AVG2012\log\avgsrmac.log.lock c:\programdata\AVG2012\log\avgtdi.log c:\programdata\AVG2012\log\avgtdi.log.1 c:\programdata\AVG2012\log\avgtdi.log.2 c:\programdata\AVG2012\log\avgtdi.log.3 c:\programdata\AVG2012\log\avgtdi.log.lock c:\programdata\AVG2012\log\avgtray_idp_suzanne.log c:\programdata\AVG2012\log\avgtray_idp_suzanne.log.lock c:\programdata\AVG2012\log\avgual.2011-11-09.log c:\programdata\AVG2012\log\avgual.log c:\programdata\AVG2012\log\avgual.log.lock c:\programdata\AVG2012\log\avgui.log c:\programdata\AVG2012\log\avgui.log.1 c:\programdata\AVG2012\log\avgui.log.10 c:\programdata\AVG2012\log\avgui.log.2 c:\programdata\AVG2012\log\avgui.log.3 c:\programdata\AVG2012\log\avgui.log.4 c:\programdata\AVG2012\log\avgui.log.5 c:\programdata\AVG2012\log\avgui.log.6 c:\programdata\AVG2012\log\avgui.log.7 c:\programdata\AVG2012\log\avgui.log.8 c:\programdata\AVG2012\log\avgui.log.9 c:\programdata\AVG2012\log\avgui.log.lock c:\programdata\AVG2012\log\avgui_idp_suzanne.log c:\programdata\AVG2012\log\avgui_idp_suzanne.log.lock c:\programdata\AVG2012\log\avguidraw.log c:\programdata\AVG2012\log\avguidraw.log.1 c:\programdata\AVG2012\log\avguidraw.log.lock c:\programdata\AVG2012\log\avgupd.log c:\programdata\AVG2012\log\avgupd.log.1 c:\programdata\AVG2012\log\avgupd.log.2 c:\programdata\AVG2012\log\avgupd.log.lock c:\programdata\AVG2012\log\avgupdm.log c:\programdata\AVG2012\log\avgwd.log c:\programdata\AVG2012\log\avgwd.log.1 c:\programdata\AVG2012\log\avgwd.log.10 c:\programdata\AVG2012\log\avgwd.log.2 c:\programdata\AVG2012\log\avgwd.log.3 c:\programdata\AVG2012\log\avgwd.log.4 c:\programdata\AVG2012\log\avgwd.log.5 c:\programdata\AVG2012\log\avgwd.log.6 c:\programdata\AVG2012\log\avgwd.log.7 c:\programdata\AVG2012\log\avgwd.log.8 c:\programdata\AVG2012\log\avgwd.log.9 c:\programdata\AVG2012\log\avgwd.log.lock c:\programdata\AVG2012\log\avgwdsvc.log c:\programdata\AVG2012\log\avgwdsvc.log.1 c:\programdata\AVG2012\log\avgwdsvc.log.10 c:\programdata\AVG2012\log\avgwdsvc.log.2 c:\programdata\AVG2012\log\avgwdsvc.log.3 c:\programdata\AVG2012\log\avgwdsvc.log.4 c:\programdata\AVG2012\log\avgwdsvc.log.5 c:\programdata\AVG2012\log\avgwdsvc.log.6 c:\programdata\AVG2012\log\avgwdsvc.log.7 c:\programdata\AVG2012\log\avgwdsvc.log.8 c:\programdata\AVG2012\log\avgwdsvc.log.9 c:\programdata\AVG2012\log\avgwdsvc.log.lock c:\programdata\AVG2012\log\avgwdsvc_idp_SYSTEM.log c:\programdata\AVG2012\log\avgwdsvc_idp_SYSTEM.log.lock c:\programdata\AVG2012\log\commonpriv.log c:\programdata\AVG2012\log\commonpriv.log.1 c:\programdata\AVG2012\log\commonpriv.log.10 c:\programdata\AVG2012\log\commonpriv.log.2 c:\programdata\AVG2012\log\commonpriv.log.3 c:\programdata\AVG2012\log\commonpriv.log.4 c:\programdata\AVG2012\log\commonpriv.log.5 c:\programdata\AVG2012\log\commonpriv.log.6 c:\programdata\AVG2012\log\commonpriv.log.7 c:\programdata\AVG2012\log\commonpriv.log.8 c:\programdata\AVG2012\log\commonpriv.log.9 c:\programdata\AVG2012\log\commonpriv.log.lock c:\programdata\AVG2012\log\commonpub.log c:\programdata\AVG2012\log\commonpub.log.lock c:\programdata\AVG2012\log\fixcfg.log c:\programdata\AVG2012\log\fixcfg.log.1 c:\programdata\AVG2012\log\fixcfg.log.lock c:\programdata\AVG2012\log\history.xml c:\programdata\AVG2012\log\vault.log c:\programdata\AVG2012\log\vault.log.1 c:\programdata\AVG2012\log\vault.log.2 c:\programdata\AVG2012\log\vault.log.3 c:\programdata\AVG2012\log\vault.log.4 c:\programdata\AVG2012\log\vault.log.lock c:\programdata\AVG2012\lsdb\prev\prvcache.dat c:\programdata\AVG2012\lsdb\prev\prvglbl.dat c:\programdata\AVG2012\process.bin c:\programdata\AVG2012\scanlogs\I_00000001.log c:\programdata\AVG2012\scanlogs\I_00000003.log c:\programdata\AVG2012\scanlogs\I_00000004.log c:\programdata\AVG2012\scanlogs\I_00000005.log c:\programdata\AVG2012\scanlogs\I_00000006.log c:\programdata\AVG2012\scanlogs\I_00000007.log c:\programdata\AVG2012\scanlogs\I_00000008.log c:\programdata\AVG2012\scanlogs\I_00000009.log c:\programdata\AVG2012\scanlogs\I_00000010.log c:\programdata\AVG2012\scanlogs\I_00000011.log c:\programdata\AVG2012\scanlogs\I_00000012.log c:\programdata\AVG2012\scanlogs\I_00000013.log c:\programdata\AVG2012\scanlogs\I_00000014.log c:\programdata\AVG2012\scanlogs\I_00000015.log c:\programdata\AVG2012\scanlogs\srm.idx c:\programdata\AVG2012\SetupBackup\AntiRkx.cab c:\programdata\AVG2012\SetupBackup\Antivirx.cab c:\programdata\AVG2012\SetupBackup\basex.cab c:\programdata\AVG2012\SetupBackup\COREx.cab c:\programdata\AVG2012\SetupBackup\Emailsx.cab c:\programdata\AVG2012\SetupBackup\GUIx.cab c:\programdata\AVG2012\SetupBackup\IDPx.cab c:\programdata\AVG2012\SetupBackup\lng_nlx.cab c:\programdata\AVG2012\SetupBackup\lng_usx.cab c:\programdata\AVG2012\SetupBackup\OnlnScx.cab c:\programdata\AVG2012\SetupBackup\ResShldx.cab c:\programdata\AVG2012\SetupBackup\SrchSrfx.cab c:\programdata\AVG2012\SetupBackup\SSHttpBx.cab c:\programdata\AVG2012\SetupBackup\TDIDrvx.cab c:\programdata\AVG2012\SetupBackup\Toolbarx.cab c:\programdata\AVG2012\SetupBackup\TuneUpx.cab c:\programdata\AVG2012\SetupBackup\Updatex.cab c:\programdata\AVG2012\Temp\file3196.tmp c:\programdata\AVG2012\Temp\file9514.tmp c:\programdata\AVG2012\update\backup\compat12.txt c:\programdata\AVG2012\update\backup\COREx.cab c:\programdata\AVG2012\update\backup\incavi.avm c:\programdata\AVG2012\update\backup\info.enc c:\programdata\AVG2012\update\backup\internalList.dat c:\programdata\AVG2012\update\backup\sb.dat c:\programdata\AVG2012\update\backup\sc.dat c:\programdata\AVG2012\update\download\avg12infoavi.ctf c:\programdata\AVG2012\update\download\avg12infowin.ctf c:\programdata\AVG2012\update\download\poi12avgcom_dtc7td.bin c:\programdata\AVG2012\update\download\poi12avgcom_lic4jf.bin c:\programdata\AVG2012\update\download\poi12avgcom_mis13ug.bin c:\programdata\AVG2012\update\download\poi12free_dtc7sd.bin c:\programdata\AVG2012\update\download\poi12free_lic4go.bin c:\programdata\AVG2012\update\download\poi12free_mis13ea.bin c:\programdata\AVG2012\update\download\w12alertmgx1869sa.bin c:\programdata\AVG2012\update\download\w12antirkx1869qe.bin c:\programdata\AVG2012\update\download\w12antispmx1869mv.bin c:\programdata\AVG2012\update\download\w12antivirx1869iq.bin c:\programdata\AVG2012\update\download\w12aspamdbx1869cf.bin c:\programdata\AVG2012\update\download\w12avgx1869cr.bin c:\programdata\AVG2012\update\download\w12avisx1869vc.bin c:\programdata\AVG2012\update\download\w12basx1869vc.bin c:\programdata\AVG2012\update\download\w12corex2092lk.bin c:\programdata\AVG2012\update\download\w12emailsx1869qd.bin c:\programdata\AVG2012\update\download\w12fwx1869is.bin c:\programdata\AVG2012\update\download\w12guix1869vh.bin c:\programdata\AVG2012\update\download\w12idatx1869bh.bin c:\programdata\AVG2012\update\download\w12idpx1869vi.bin c:\programdata\AVG2012\update\download\w12ifwx1869gv.bin c:\programdata\AVG2012\update\download\w12lng_nlx1869sp.bin c:\programdata\AVG2012\update\download\w12lng_usx1869nq.bin c:\programdata\AVG2012\update\download\w12onlnscx1869fm.bin c:\programdata\AVG2012\update\download\w12resshldx1869da.bin c:\programdata\AVG2012\update\download\w12srchsrfx1869vv.bin c:\programdata\AVG2012\update\download\w12sshttpbx1869zb.bin c:\programdata\AVG2012\update\download\w12systoolx1869bu.bin c:\programdata\AVG2012\update\download\w12tdidrvx1869ge.bin c:\programdata\AVG2012\update\download\w12toolbarx1869od.bin c:\programdata\AVG2012\update\download\w12tuneupx1869hu.bin c:\programdata\AVG2012\update\download\w12update2x1869bz.bin c:\programdata\AVG2012\update\download\w12updatex1869vu.bin c:\programdata\AVG2012\update\download\w12xplx1869cf.bin c:\programdata\F-Secure c:\programdata\F-Secure\Daas2\cert\fsc (revoke hq).crl c:\users\suzanne\AppData\Roaming\f-secure c:\users\suzanne\AppData\Roaming\IObit c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-16 to 2011-11-16 )))))))))))))))))))))))))))))) . . 2011-11-16 11:48 . 2011-11-16 11:48 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-16 11:48 . 2011-11-16 11:48 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2011-11-12 12:50 . 2011-11-12 12:50 388096 ----a-r- c:\users\suzanne\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-12 12:19 . 2011-11-12 12:19 -------- d-----w- c:\users\suzanne\AppData\Roaming\Malwarebytes 2011-11-12 12:19 . 2011-11-12 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-11-12 11:27 . 2011-11-12 11:27 -------- d-----w- c:\program files\Trend Micro 2011-11-11 17:14 . 2011-11-12 00:11 -------- d-----w- c:\program files\Microsoft Works 2011-11-11 17:12 . 2011-11-11 17:12 -------- d-----w- c:\program files\Microsoft.NET 2011-11-11 17:10 . 2011-11-11 17:10 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2011-11-11 06:26 . 2011-11-16 11:51 -------- d-----w- c:\users\suzanne\AppData\Local\CrashDumps 2011-11-10 20:05 . 2011-11-10 20:05 -------- d-----w- c:\program files\Common Files\Java 2011-11-10 18:50 . 2011-11-10 18:50 -------- d-----w- c:\windows\system32\N360_BACKUP 2011-11-10 18:41 . 2011-07-06 11:44 27888 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-11-10 18:41 . 2011-11-11 17:27 -------- d-----w- c:\program files\Symantec 2011-11-10 18:41 . 2011-11-11 17:26 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-11-10 18:41 . 2011-11-10 19:02 -------- d-----w- c:\program files\Common Files\Symantec Shared 2011-11-10 18:41 . 2010-08-21 03:59 106928 ----a-w- c:\windows\system32\GEARAspi.dll 2011-11-10 18:40 . 2011-11-12 07:35 -------- d-----w- c:\windows\system32\drivers\N360 2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files\Norton 360 2011-11-10 18:40 . 2011-11-10 18:41 -------- d-----w- c:\programdata\Norton 2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files\NortonInstaller 2011-11-10 11:09 . 2011-11-10 11:10 -------- d--h--w- c:\program files\Temp 2011-11-10 10:12 . 2011-11-10 10:12 -------- d-----w- c:\users\suzanne\AppData\Local\VS Revo Group 2011-11-10 10:06 . 2011-11-10 10:12 -------- d-----w- c:\program files\VS Revo Group 2011-11-09 19:56 . 2011-11-10 10:49 -------- d-----w- c:\program files\DownVision 2011-11-09 18:27 . 2011-11-10 11:55 -------- d-----w- c:\users\suzanne\AppData\Local\Adobe 2011-11-09 18:01 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 18:01 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 18:01 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys 2011-11-09 17:53 . 2011-11-09 17:53 -------- d-----w- c:\users\suzanne\AppData\Roaming\Fighters 2011-11-09 17:53 . 2011-11-09 17:53 -------- d-----w- c:\programdata\Fighters 2011-11-09 17:35 . 2011-11-09 20:27 -------- d-----w- c:\users\suzanne\AppData\Roaming\Media Finder 2011-11-09 14:50 . 2011-11-10 09:57 -------- d-----w- c:\users\suzanne\AppData\Local\ElevatedDiagnostics 2011-11-09 14:45 . 2011-11-12 12:12 -------- d-----w- c:\users\suzanne\AppData\Local\Diagnostics 2011-11-09 13:05 . 2011-11-09 13:05 -------- d-----w- c:\programdata\Premium 2011-11-09 13:05 . 2011-11-09 13:06 -------- d-----w- c:\programdata\InstallMate 2011-11-09 12:59 . 2011-11-09 15:05 -------- d-----w- c:\users\suzanne\AppData\Roaming\Raptr 2011-11-09 12:59 . 2011-11-09 13:35 -------- d-----w- c:\program files\Raptr . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-15 12:32 . 2011-11-08 15:53 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin 2011-11-10 20:03 . 2011-02-04 16:42 544656 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-18 00:28 . 2011-11-15 12:09 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1FDA8AA-3323-46D6-B942-284869E7F559}\mpengine.dll 2011-09-16 09:24 . 2011-09-05 17:27 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-09-16 09:24 . 2011-09-16 09:24 882496 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-09-11 20:00 . 2011-08-01 09:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-09-01 02:35 . 2011-10-15 18:59 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 02:28 . 2011-10-15 18:59 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 02:22 . 2011-10-15 18:59 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-08-27 04:26 . 2011-10-15 17:13 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 04:26 . 2011-10-15 17:13 233472 ----a-w- c:\windows\system32\oleacc.dll 2011-10-18 09:37 . 2011-08-05 19:07 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-08 39408] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368] "orangeinside"="c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1194504] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-06 1833504] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 136176] R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-17 1343400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\SYMDS.SYS [2011-01-27 340088] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS [2011-03-15 744568] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20111114.002\BHDrvx86.sys [2011-11-14 819320] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-06 218688] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\20111115.030\IDSvix86.sys [2011-11-10 368248] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\Ironx86.SYS [2010-11-16 136312] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0501000.01D\SYMNETS.SYS [2011-07-08 299640] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 N360;Norton 360;c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008] S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [2011-05-20 1055872] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-12 106104] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 10:32] . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 10:32] . 2011-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2877954855-1833977058-2358803089-1000Core.job - c:\users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 10:32] . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2877954855-1833977058-2358803089-1000UA.job - c:\users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 10:32] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage IE: ajouter cette page à vos favoris Orange - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: envoyer le texte sélectionné par sms - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html IE: envoyer par sms - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html IE: envoyer un mail - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: orange.fr - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html IE: rechercher le texte sélectionné - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html IE: traduire la page - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html IE: traduire le texte sélectionné - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html Trusted Zone: orange.fr\logicielsgratuits TCP: DhcpNameServer = 192.168.1.1 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\ko9psdws.default\ FF - prefs.js: browser.search.selectedEngine - Orange FF - prefs.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage FF - user.js: browser.search.selectedEngine - Orange FF - user.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-Bandoo - c:\program files\Bandoo\PreUninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2877954855-1833977058-2358803089-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2877954855-1833977058-2358803089-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (S-1-5-21-2877954855-1833977058-2358803089-1000) @Denied: (2) (LocalSystem) "Progid"="Outlook.File.vcf" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(2832) c:\windows\system32\prnfldr.dll c:\windows\system32\dxp.dll c:\windows\System32\pnidui.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\atieclxx.exe c:\windows\system32\taskhost.exe c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conhost.exe c:\program files\Orange\Connexion Internet Orange\Launcher\Launcher.exe c:\progra~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe . ************************************************************************** . Voltooingstijd: 2011-11-16 13:29:25 - machine werd herstart ComboFix-quarantined-files.txt 2011-11-16 12:29 ComboFix2.txt 2011-11-16 09:49 ComboFix3.txt 2011-11-12 15:59 . Pre-Run: 356.765.196.288 bytes beschikbaar Post-Run: 356.694.990.848 bytes beschikbaar . - - End Of File - - 622B70795813A56AE1E41F2DCDF185CC

ComboFix 11-11-13.01 - suzanne 16-11-2011 10:07:47.3.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3067.2048 [GMT 1:00] Gestart vanuit: c:\users\suzanne\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\suzanne\Desktop\CFScript - Snelkoppeling.lnk AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-16 to 2011-11-16 )))))))))))))))))))))))))))))) . . 2011-11-16 09:15 . 2011-11-16 09:15 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-16 09:15 . 2011-11-16 09:15 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2011-11-12 12:50 . 2011-11-12 12:50 388096 ----a-r- c:\users\suzanne\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-12 12:19 . 2011-11-12 12:19 -------- d-----w- c:\users\suzanne\AppData\Roaming\Malwarebytes 2011-11-12 12:19 . 2011-11-12 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-11-12 11:27 . 2011-11-12 11:27 -------- d-----w- c:\program files\Trend Micro 2011-11-11 17:14 . 2011-11-12 00:11 -------- d-----w- c:\program files\Microsoft Works 2011-11-11 17:12 . 2011-11-11 17:12 -------- d-----w- c:\program files\Microsoft.NET 2011-11-11 17:10 . 2011-11-11 17:10 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2011-11-11 06:26 . 2011-11-16 09:17 -------- d-----w- c:\users\suzanne\AppData\Local\CrashDumps 2011-11-10 20:05 . 2011-11-10 20:05 -------- d-----w- c:\program files\Common Files\Java 2011-11-10 18:50 . 2011-11-10 18:50 -------- d-----w- c:\windows\system32\N360_BACKUP 2011-11-10 18:41 . 2011-07-06 11:44 27888 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-11-10 18:41 . 2011-11-11 17:27 -------- d-----w- c:\program files\Symantec 2011-11-10 18:41 . 2011-11-11 17:26 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-11-10 18:41 . 2011-11-10 19:02 -------- d-----w- c:\program files\Common Files\Symantec Shared 2011-11-10 18:41 . 2010-08-21 03:59 106928 ----a-w- c:\windows\system32\GEARAspi.dll 2011-11-10 18:40 . 2011-11-12 07:35 -------- d-----w- c:\windows\system32\drivers\N360 2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files\Norton 360 2011-11-10 18:40 . 2011-11-10 18:41 -------- d-----w- c:\programdata\Norton 2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files\NortonInstaller 2011-11-10 13:50 . 2011-11-10 13:50 -------- d-----w- c:\users\suzanne\AppData\Roaming\IObit 2011-11-10 13:50 . 2011-11-10 13:50 -------- d-----w- c:\program files\IObit 2011-11-10 11:09 . 2011-11-10 11:10 -------- d--h--w- c:\program files\Temp 2011-11-10 10:12 . 2011-11-10 10:12 -------- d-----w- c:\users\suzanne\AppData\Local\VS Revo Group 2011-11-10 10:06 . 2011-11-10 10:12 -------- d-----w- c:\program files\VS Revo Group 2011-11-09 19:56 . 2011-11-10 10:49 -------- d-----w- c:\program files\DownVision 2011-11-09 18:27 . 2011-11-10 11:55 -------- d-----w- c:\users\suzanne\AppData\Local\Adobe 2011-11-09 18:01 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 18:01 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 18:01 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys 2011-11-09 17:53 . 2011-11-09 17:53 -------- d-----w- c:\users\suzanne\AppData\Roaming\Fighters 2011-11-09 17:53 . 2011-11-09 17:53 -------- d-----w- c:\programdata\Fighters 2011-11-09 17:35 . 2011-11-09 17:35 -------- d-----w- c:\program files\BabylonToolbar 2011-11-09 17:35 . 2011-11-09 20:27 -------- d-----w- c:\users\suzanne\AppData\Roaming\Media Finder 2011-11-09 14:50 . 2011-11-10 09:57 -------- d-----w- c:\users\suzanne\AppData\Local\ElevatedDiagnostics 2011-11-09 14:45 . 2011-11-12 12:12 -------- d-----w- c:\users\suzanne\AppData\Local\Diagnostics 2011-11-09 13:05 . 2011-11-09 13:05 -------- d-----w- c:\programdata\Premium 2011-11-09 13:05 . 2011-11-09 13:06 -------- d-----w- c:\programdata\InstallMate 2011-11-09 12:59 . 2011-11-09 15:05 -------- d-----w- c:\users\suzanne\AppData\Roaming\Raptr 2011-11-09 12:59 . 2011-11-09 13:35 -------- d-----w- c:\program files\Raptr 2011-10-27 12:16 . 2011-11-10 10:48 -------- d-----w- c:\programdata\AVG2012 2011-10-18 09:34 . 2011-10-18 09:34 -------- d-----w- c:\users\suzanne\AppData\Roaming\f-secure 2011-10-18 09:33 . 2011-10-18 09:33 -------- d-----w- c:\programdata\F-Secure . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-16 08:26 . 2011-11-16 08:26 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1FDA8AA-3323-46D6-B942-284869E7F559}\offreg.dll 2011-11-15 12:32 . 2011-11-08 15:53 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin 2011-11-10 20:03 . 2011-02-04 16:42 544656 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-18 00:28 . 2011-11-15 12:09 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1FDA8AA-3323-46D6-B942-284869E7F559}\mpengine.dll 2011-09-16 09:24 . 2011-09-05 17:27 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-09-16 09:24 . 2011-09-16 09:24 882496 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-09-11 20:00 . 2011-08-01 09:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2011-09-01 02:35 . 2011-10-15 18:59 1798144 ----a-w- c:\windows\system32\jscript9.dll 2011-09-01 02:28 . 2011-10-15 18:59 1126912 ----a-w- c:\windows\system32\wininet.dll 2011-09-01 02:22 . 2011-10-15 18:59 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2011-08-27 04:26 . 2011-10-15 17:13 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-08-27 04:26 . 2011-10-15 17:13 233472 ----a-w- c:\windows\system32\oleacc.dll 2010-12-01 10:27 . 2011-01-28 19:36 2735200 ----a-w- c:\program files\tbZyng.dll 2011-10-18 09:37 . 2011-08-05 19:07 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-08 39408] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368] "orangeinside"="c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1194504] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-06 1833504] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 136176] R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-17 1343400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\SYMDS.SYS [2011-01-27 340088] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS [2011-03-15 744568] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20111114.002\BHDrvx86.sys [2011-11-14 819320] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-06 218688] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\20111115.030\IDSvix86.sys [2011-11-10 368248] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\Ironx86.SYS [2010-11-16 136312] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0501000.01D\SYMNETS.SYS [2011-07-08 299640] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 N360;Norton 360;c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008] S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [2011-05-20 1055872] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-12 106104] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 10:32] . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 10:32] . 2011-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2877954855-1833977058-2358803089-1000Core.job - c:\users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 10:32] . 2011-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2877954855-1833977058-2358803089-1000UA.job - c:\users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 10:32] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage IE: ajouter cette page à vos favoris Orange - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: envoyer le texte sélectionné par sms - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html IE: envoyer par sms - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html IE: envoyer un mail - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: orange.fr - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html IE: rechercher le texte sélectionné - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html IE: traduire la page - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html IE: traduire le texte sélectionné - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html Trusted Zone: orange.fr\logicielsgratuits TCP: DhcpNameServer = 192.168.1.1 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\ko9psdws.default\ FF - prefs.js: browser.search.selectedEngine - Orange FF - prefs.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage FF - user.js: browser.search.selectedEngine - Orange FF - user.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2877954855-1833977058-2358803089-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2877954855-1833977058-2358803089-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (S-1-5-21-2877954855-1833977058-2358803089-1000) @Denied: (2) (LocalSystem) "Progid"="Outlook.File.vcf" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(1152) c:\windows\System32\gameux.dll c:\windows\system32\dxp.dll c:\windows\System32\pnidui.dll c:\program files\Internet Explorer\ieproxy.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\atieclxx.exe c:\windows\system32\taskhost.exe c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\progra~1\Bandoo\Bandoo.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conhost.exe c:\program files\Orange\Connexion Internet Orange\Launcher\Launcher.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe . ************************************************************************** . Voltooingstijd: 2011-11-16 10:49:50 - machine werd herstart ComboFix-quarantined-files.txt 2011-11-16 09:49 ComboFix2.txt 2011-11-12 15:59 . Pre-Run: 357.712.023.552 bytes beschikbaar Post-Run: 357.656.309.760 bytes beschikbaar . - - End Of File - - D261AE5F662F19A1A633330CA6F559C1

ik heb de onderstaande tekst in een kladblok gedaan en op mijn bureaublad geplaatst. nou kan ik combifix.exe nergens vinden, als ik combifix wil openen dan start hij direct op en kan ik niks meer, weet niet hoe ik het moet doen. maar wil wel even melden dat mijn computer reeds weer voor 90% goed werkt, zijn nog enkele kleine programma's die het niet doen, zolals silverlight,ik heb office opnieuw geinstaleerd en die werkt nu ook weer. daarvoor wil ik jullie alvast hartelijk danken, jullie hebben mij heel goed geholpen bedankt

het log bestand van ComboFix: ComboFix 11-11-13.01 - suzanne 12-11-2011 16:17:00.2.2 - x86 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3067.1976 [GMT 1:00] Gestart vanuit: c:\users\suzanne\Downloads\ComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe . ---- Voorgaande Run ------- . c:\program files\UNWISE.EXE c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe . -- Voorgaande Run -- . Besmet exemplaar van c:\windows\system32\userinit.exe werd aangetroffen en gedesinfecteerd Hersteld exemplaar van - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe . -------- . . (((((((((((((((((((( Bestanden Gemaakt van 2011-10-12 to 2011-11-12 )))))))))))))))))))))))))))))) . . 2011-11-12 15:24 . 2011-11-12 15:24 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-11-12 12:50 . 2011-11-12 12:50 388096 ----a-r- c:\users\suzanne\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2011-11-12 12:19 . 2011-11-12 12:19 -------- d-----w- c:\users\suzanne\AppData\Roaming\Malwarebytes 2011-11-12 12:19 . 2011-11-12 12:19 -------- d-----w- c:\programdata\Malwarebytes 2011-11-12 11:27 . 2011-11-12 11:27 -------- d-----w- c:\program files\Trend Micro 2011-11-11 17:14 . 2011-11-12 00:11 -------- d-----w- c:\program files\Microsoft Works 2011-11-11 17:12 . 2011-11-11 17:12 -------- d-----w- c:\program files\Microsoft.NET 2011-11-11 17:10 . 2011-11-11 17:10 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2011-11-11 06:26 . 2011-11-12 15:26 -------- d-----w- c:\users\suzanne\AppData\Local\CrashDumps 2011-11-10 20:05 . 2011-11-10 20:05 -------- d-----w- c:\program files\Common Files\Java 2011-11-10 18:50 . 2011-11-10 18:50 -------- d-----w- c:\windows\system32\N360_BACKUP 2011-11-10 18:41 . 2010-08-21 03:59 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2011-11-10 18:41 . 2011-11-11 17:27 -------- d-----w- c:\program files\Symantec 2011-11-10 18:41 . 2011-11-11 17:26 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-11-10 18:41 . 2011-11-10 19:02 -------- d-----w- c:\program files\Common Files\Symantec Shared 2011-11-10 18:41 . 2010-08-21 03:59 106928 ----a-w- c:\windows\system32\GEARAspi.dll 2011-11-10 18:40 . 2011-11-12 07:35 -------- d-----w- c:\windows\system32\drivers\N360 2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files\Norton 360 2011-11-10 18:40 . 2011-11-10 18:41 -------- d-----w- c:\programdata\Norton 2011-11-10 18:40 . 2011-11-10 18:40 -------- d-----w- c:\program files\NortonInstaller 2011-11-10 13:50 . 2011-11-10 13:50 -------- d-----w- c:\users\suzanne\AppData\Roaming\IObit 2011-11-10 13:50 . 2011-11-10 13:50 -------- d-----w- c:\program files\IObit 2011-11-10 11:09 . 2011-11-10 11:10 -------- d--h--w- c:\program files\Temp 2011-11-10 10:12 . 2011-11-10 10:12 -------- d-----w- c:\users\suzanne\AppData\Local\VS Revo Group 2011-11-10 10:06 . 2011-11-10 10:12 -------- d-----w- c:\program files\VS Revo Group 2011-11-09 19:56 . 2011-11-10 10:49 -------- d-----w- c:\program files\DownVision 2011-11-09 18:27 . 2011-11-10 11:55 -------- d-----w- c:\users\suzanne\AppData\Local\Adobe 2011-11-09 18:01 . 2011-09-29 16:03 1290608 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-11-09 18:01 . 2011-10-01 04:37 708608 ----a-w- c:\program files\Common Files\System\wab32.dll 2011-11-09 18:01 . 2011-09-29 03:37 2341888 ----a-w- c:\windows\system32\win32k.sys 2011-11-09 17:53 . 2011-11-09 17:53 -------- d-----w- c:\users\suzanne\AppData\Roaming\Fighters 2011-11-09 17:53 . 2011-11-09 17:53 -------- d-----w- c:\programdata\Fighters 2011-11-09 17:35 . 2011-11-09 17:35 -------- d-----w- c:\program files\BabylonToolbar 2011-11-09 17:35 . 2011-11-09 20:27 -------- d-----w- c:\users\suzanne\AppData\Roaming\Media Finder 2011-11-09 14:50 . 2011-11-10 09:57 -------- d-----w- c:\users\suzanne\AppData\Local\ElevatedDiagnostics 2011-11-09 14:45 . 2011-11-12 12:12 -------- d-----w- c:\users\suzanne\AppData\Local\Diagnostics 2011-11-09 13:05 . 2011-11-09 13:05 -------- d-----w- c:\programdata\Premium 2011-11-09 13:05 . 2011-11-09 13:06 -------- d-----w- c:\programdata\InstallMate 2011-11-09 12:59 . 2011-11-09 15:05 -------- d-----w- c:\users\suzanne\AppData\Roaming\Raptr 2011-11-09 12:59 . 2011-11-09 13:35 -------- d-----w- c:\program files\Raptr 2011-10-27 12:16 . 2011-11-10 10:48 -------- d-----w- c:\programdata\AVG2012 2011-10-18 09:34 . 2011-10-18 09:34 -------- d-----w- c:\users\suzanne\AppData\Roaming\f-secure 2011-10-18 09:33 . 2011-10-18 09:33 -------- d-----w- c:\programdata\F-Secure 2011-10-15 17:13 . 2011-08-17 04:24 465408 ----a-w- c:\windows\system32\psisdecd.dll 2011-10-15 17:13 . 2011-08-17 04:19 75776 ----a-w- c:\windows\system32\psisrndr.ax 2011-10-15 17:13 . 2011-08-27 04:26 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-10-15 17:13 . 2011-08-27 04:26 233472 ----a-w- c:\windows\system32\oleacc.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-11-12 14:51 . 2011-11-12 14:12 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{27D0A041-EC65-42E4-B19E-DA8FD46D516C}\offreg.dll 2011-11-12 11:33 . 2011-11-08 15:53 159080 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10138.bin 2011-11-10 20:03 . 2011-02-04 16:42 544656 ----a-w- c:\windows\system32\deployJava1.dll 2011-10-18 00:28 . 2011-11-11 16:38 6668624 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{27D0A041-EC65-42E4-B19E-DA8FD46D516C}\mpengine.dll 2011-09-16 09:24 . 2011-09-05 17:27 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll 2011-09-16 09:24 . 2011-09-16 09:24 882496 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll 2011-09-11 20:00 . 2011-08-01 09:05 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll 2010-12-01 10:27 . 2011-01-28 19:36 2735200 ----a-w- c:\program files\tbZyng.dll 2011-10-18 09:37 . 2011-08-05 19:07 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-10-08 39408] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408] "MailNotifier"="c:\program files\Orange\MailNotifier\MailNotifier.exe" [2010-11-04 634368] "orangeinside"="c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe" [bU] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="c:\program files\Launch Manager\LManager.exe" [2009-08-27 1194504] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-07-06 7600672] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-06 1833504] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "ORAHSSSessionManager"="c:\program files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe" [2009-08-24 135920] "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-05-04 252136] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Bandoo\BndHook.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 136176] R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run [x] R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 136176] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-17 1343400] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\SYMDS.SYS [2011-01-27 340088] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\SYMEFA.SYS [2011-03-15 744568] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\BASHDefs\20111027.001\BHDrvx86.sys [2011-10-27 818808] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-06 218688] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.2.1\Definitions\IPSDefs\20111111.030\IDSvix86.sys [2011-11-10 368248] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\Ironx86.SYS [2010-11-16 136312] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360\0501000.01D\SYMNETS.SYS [2011-07-08 299640] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-08-18 176128] S2 N360;Norton 360;c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe [2011-04-17 130008] S2 Orange update Core Service;Orange update Core Service;c:\program files\Orange\OrangeUpdate\Service\OUCore.exe [2011-05-20 1055872] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-12 106104] . . Inhoud van de 'Gedeelde Taken' map . 2011-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 10:32] . 2011-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-08 10:32] . 2011-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2877954855-1833977058-2358803089-1000Core.job - c:\users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 10:32] . 2011-11-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2877954855-1833977058-2358803089-1000UA.job - c:\users\suzanne\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-15 10:32] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage IE: ajouter cette page à vos favoris Orange - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\addfavorites_html\addfavorites.html IE: E&xporteren naar Microsoft Excel - c:\progra~1\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: envoyer le texte sélectionné par sms - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html IE: envoyer par sms - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendsms_html\sendsms.html IE: envoyer un mail - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\sendmail_html\sendmail.html IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html IE: orange.fr - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\orange_html\orange.html IE: rechercher le texte sélectionné - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html IE: traduire la page - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\translate_html\translate.html IE: traduire le texte sélectionné - c:\users\suzanne\AppData\Roaming\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html Trusted Zone: orange.fr\logicielsgratuits TCP: DhcpNameServer = 192.168.1.1 DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab FF - ProfilePath - c:\users\suzanne\AppData\Roaming\Mozilla\Firefox\Profiles\ko9psdws.default\ FF - prefs.js: browser.search.selectedEngine - Orange FF - prefs.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.startup.homepage - hxxp://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage FF - user.js: browser.search.selectedEngine - Orange FF - user.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata= . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-10 - (no file) Toolbar-!{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file) Toolbar-!{ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file) HKLM-Run-Malwarebytes' Anti-Malware (reboot) - c:\program files\Malwarebytes' Anti-Malware\mbam.exe AddRemove-OrangeToolbar - c:\program files\Orange\ToolbarFr\uninstall.exe AddRemove-Zynga Toolbar - c:\progra~1\UNWISE.EXE . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-2877954855-1833977058-2358803089-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-2877954855-1833977058-2358803089-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (S-1-5-21-2877954855-1833977058-2358803089-1000) @Denied: (2) (LocalSystem) "Progid"="Outlook.File.vcf" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'Explorer.exe'(3316) c:\windows\system32\msi.dll . ------------------------ Andere Aktieve Processen ------------------------ . c:\windows\system32\atieclxx.exe c:\progra~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe c:\windows\system32\taskhost.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\progra~1\Bandoo\Bandoo.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conhost.exe c:\program files\Orange\Connexion Internet Orange\Launcher\Launcher.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe . ************************************************************************** . Voltooingstijd: 2011-11-12 16:59:05 - machine werd herstart ComboFix-quarantined-files.txt 2011-11-12 15:59 . Pre-Run: 354.224.918.528 bytes beschikbaar Post-Run: 354.170.163.200 bytes beschikbaar . - - End Of File - - 0A35C40A1CE6B5BA3148D13D757B9127 ---------- Post toegevoegd om 17:08 ---------- Vorige post was om 17:02 ---------- ik heb hijackthis als administrator gedaan maar dan kan ik toch allen maar de scan uitvoeren en niet de systeem scan en dan can ik die files niet verwijderen, weet ook niet waarom.