Jump to content

Loekarin

Honorary Members
  • Posts

    33
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Before I do so, I would like to known how I can check for infections myself (now and in the future). Is there a program that I can run myself, to see if anything unwanted has happened?
  2. Hello Ron, I think everything is ok now, so you can close this topic. Thank you very much for all your help! Karin
  3. I think okay. I still have to reinstall Office 2007, because for some reason every time when I open Word, it starts with configuring the whole Word software as if it's the first time. I have had that problem before and I don't know how it has come into existence. But to be honest, when I had all those spyware, I also didn't notice it, except one tiny thing.
  4. I know Adblockplus and I have installed it as an extension in Google Chrome. If it's normal advertising it is coming across the page that I wanted to visit (Amazon.com), but maybe advertising gets more and more intrusive and annoying. So I'll see how it goes.
  5. the .jpg on my desktop is the screenpicture I made myself, and used in my previous post I think the file in appdata/roaming is spam/malware
  6. SystemLook 30.07.11 by jpshortstuff Log created at 16:18 on 16/05/2014 by Karin Administrator - Elevation successful ========== filefind ========== Searching for "*fbskin*" C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Recent\FBskins1.lnk --a---- 562 bytes [14:43 12/05/2014] [15:01 12/05/2014] B342FF84BDB99A7DEA3D1E54F45B93E7 C:\Users\Karin\Desktop\FBskins1.jpg --a---- 184400 bytes [14:43 12/05/2014] [14:43 12/05/2014] FBBB8DB0AE72D64433713542BE899648 ========== folderfind ========== Searching for "*fbskin*" No folders found. ========== regfind ========== Searching for "fbskin" No data found. -= EOF =-
  7. I use Google Chrome I have a lot of extensions installed, see the list at the log from Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014 (a few posts earlier) Maybe they are not all save?
  8. and I still have unwanted pop-ups, like snipping tool, but now it's called FBskins
  9. the log is too long for posting (this forum didn't accept it, the post was too long), so I made an attachment TDSSKiller.3.0.0.34_12.05.2014_12.45.05_log.txt
  10. I have a question about Mozilla Firefox. It looks like I have Mozilla Firefox installed as a browser, but I don't have that. I only have Google Chrome and Internet Explorer. When I go to Start - all programs - I don't see Firefox in the list of programs (because I don't have it, at least not that I know). So this feels a bit strange to me.
  11. # AdwCleaner v3.208 - Rapport aangemaakt 12/05/2014 op 12:05:58 # Laatste Update 11/05/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Karin - KARINSCOMPUTER # Gestart vanuit : C:\Users\Karin\Desktop\AdwCleaner.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\Software\AVG SafeGuard toolbar ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17041 -\\ Mozilla Firefox v -\\ Google Chrome v [ Bestand : C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3291 octets] - [05/05/2014 14:36:45] AdwCleaner[R1].txt - [1805 octets] - [12/05/2014 11:52:12] AdwCleaner[s0].txt - [3303 octets] - [05/05/2014 15:02:44] AdwCleaner[s1].txt - [1741 octets] - [12/05/2014 12:05:58] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1801 octets] ##########
  12. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-05-2014 Ran by Karin at 2014-05-10 13:31:14 Running from C:\Users\Karin\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) „Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden „Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Aangifte inkomstenbelasting 2012 (HKLM-x32\...\Aangifte inkomstenbelasting 2012) (Version: - Belastingdienst) Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated) Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.) Adobe Reader X (10.1.9) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{7A1A59F3-66FE-96DC-C300-B8F4A6103D3A}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Applian FLV and Media Player 3.1.1.12 (HKLM-x32\...\Applian FLV and Media Player) (Version: 3.1.1.12 - Applian Technologies) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4577 - AVG Technologies) AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4577 - AVG Technologies) Hidden Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation) Brother MFL-Pro Suite DCP-7030 (HKLM-x32\...\{46E1B1F2-A279-4356-9B17-029F9CC72EAE}) (Version: 1.0.1.0 - Brother Industries, Ltd.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center (x32 Version: 2012.0418.645.10054 - Uw bedrijfsnaam) Hidden Catalyst Control Center InstallProxy (x32 Version: 2012.0418.645.10054 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2012.0418.645.10054 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Profiles Mobile (x32 Version: 2012.0418.645.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2012.0418.0644.10054 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2012.0418.645.10054 - Advanced Micro Devices, Inc.) Hidden CDDRV_Installer (Version: 4.60 - Logitech) Hidden Citrix Authentication Manager (x32 Version: 4.0.0.53726 - Citrix Systems, Inc.) Hidden Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.4.0.25 - Citrix Systems, Inc.) Citrix Receiver Inside (x32 Version: 3.4.0.29585 - Citrix Systems, Inc.) Hidden Citrix Receiver Updater (x32 Version: 3.4.0.29577 - Citrix Systems, Inc.) Hidden Citrix Receiver(Aero) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden Citrix Receiver(DV) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden Citrix Receiver(USB) (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.) CyberLink Media Suite (x32 Version: 8.0.2227 - CyberLink Corp.) Hidden CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.) CyberLink Media+ Player10 (x32 Version: 10.0.1110.00 - CyberLink Corp.) Hidden CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.) CyberLink MediaShow (x32 Version: 5.0.1130a - CyberLink Corp.) Hidden CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.) CyberLink Power2Go (x32 Version: 6.1.3802 - CyberLink Corp.) Hidden CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.) CyberLink PowerDirector (x32 Version: 8.0.3306 - CyberLink Corp.) Hidden CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4417 - CyberLink Corp.) CyberLink YouCam (x32 Version: 3.1.4417 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden doubleTwist (HKLM-x32\...\doubleTwist) (Version: 3.2.2.17028 - doubleTwist Corporation) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.) Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.) Easy Settings (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 1.1 - Samsung Electronics CO., LTD.) Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.32 - Samsung Electronics CO., LTD.) erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ETDWare PS/2-X64 10.7.16.1_WHQL (HKLM\...\Elantech) (Version: 10.7.16.1 - ELAN Microelectronic Corp.) Evernote v. 5.3.1 (HKLM-x32\...\{28AAF752-C41B-11E3-8CB0-00163E98E7D6}) (Version: 5.3.1.3363 - Evernote Corp.) ExpressCache (HKLM\...\{77EDCFE0-4431-40B1-93AD-BF1F4C55D131}) (Version: 1.0.46 - Diskeeper Corporation) FastStone Capture 7.2 (HKLM-x32\...\FastStone Capture) (Version: 7.2 - FastStone Soft) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.) Google Drive (HKLM-x32\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.) Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.22.105 - Google, Inc.) Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.5.1001 - Intel Corporation) Interactive Guide (HKLM-x32\...\{CB383BE9-7518-4ABD-826E-8FC4695F7D52}) (Version: 1.1 - ) iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.) Jacquie Lawson Alpine Advent Calendar 2013 (HKLM-x32\...\JLAdventCalendarAlpine2013) (Version: 0.0.5 - MicroCourt Limited) Jacquie Lawson Alpine Advent Calendar 2013 (x32 Version: 0.0.5 - MicroCourt Limited) Hidden JCreator LE 5.00 (HKLM-x32\...\JCreator LE_is1) (Version: - Xinox Software) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech) Malwarebytes Anti-Malware versie 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170413-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote 2003 (HKLM-x32\...\{90A10413-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office OneNote MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Editie 2003 (HKLM-x32\...\{90110413-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Project Professional 2003 (HKLM-x32\...\{903B0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Visio Professional 2003 (HKLM-x32\...\{90510413-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) MPC-HC 1.7.3 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.3 - MPC-HC Team) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project) MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - ) Online Plug-in (x32 Version: 13.4.0.25 - Citrix Systems, Inc.) Hidden OU Cursus Databases (HKLM-x32\...\{24CB95CA-8C4F-4035-8584-C3E7342D8801}_is1) (Version: - Mattic Software) PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pixum Fotoboek (HKLM-x32\...\Pixum Fotoboek) (Version: - ) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6428 - Realtek Semiconductor Corp.) S Agent (Version: 1.1.45 - Samsung Electronics CO., LTD.) Hidden Samsung AllShare (HKLM-x32\...\InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}) (Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Samsung AllShare (x32 Version: 2.1.0.12013_8 - Samsung Electronics Co., Ltd.) Hidden Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.) Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.6.0.2 - Samsung Electronics CO., LTD.) Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.) Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.6.0 - Samsung Electronics Co., Ltd.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.) Self-service Plug-in (x32 Version: 3.4.0.33684 - Citrix Systems, Inc.) Hidden Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung) SW Update (HKLM-x32\...\{DA06101F-FD76-4BF0-88BD-B26A197005E3}) (Version: 2.1.21 - Samsung Electronics CO., LTD.) Synctunes Desktop (HKLM-x32\...\{DC519C80-23D5-4199-BA26-AE371BC0E507}) (Version: 1.0.9 - The Bit Studio) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.3 - ) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8500 - Broadcom Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 메일 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 사진 갤러리 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 필수 패키지 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WordPerfect Office IFilter 32-bit (HKLM-x32\...\{1DF03ECE-6AF4-414E-B118-C316F151A9A2}) (Version: 1.4 - Corel Corporation) WordPerfect Office IFilter 64-bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.4 - Corel Corporation) WordPerfect Office X7 - Common Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Common Files English (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - IPM Content TBYB (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - IPM TBYB (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Lightning Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Lightning Files English (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Oxford (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Presentations Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Presentations Files English (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Quattro Pro Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Quattro Pro Files English (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - Setup Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - System Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - WordPerfect Files (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - WordPerfect Files English (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - WPD format Props x64 (Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 - WT (x32 Version: 17.0 - Corel Corporation) Hidden WordPerfect Office X7 (HKLM-x32\...\_{64A329FC-D1B2-4354-922D-21F7EC777E10}) (Version: 17.0.0.314 - Corel Corporation) WordPerfect Office X7 (x32 Version: 17.0 - Corel Corporation) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 09-05-2014 10:39:28 Configured Microsoft Office Home and Student 2007 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2014-05-09 11:59 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {1B82BD19-6311-4465-A34C-EF6A912FE1FA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {1C4A46BA-5101-43BA-9A92-F119F9F7A962} - System32\Tasks\RealCreateProcessScheduledTask4458336S-1-5-21-3636504314-1210934719-2044606185-1000 => c:\program files (x86)\real\realplayer\realplay.exe Task: {1D0E4412-55B9-4837-826A-1DE351760F5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.) Task: {1D62C7E2-4391-4036-90C8-793A568C2EDB} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe [2012-05-30] (Samsung Electronics Co., Ltd.) Task: {2F93906A-9478-420B-B932-DF973691744C} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2012-10-30] (SEC) Task: {2FD7CEC0-6FA6-4187-AC5D-6BCCA4C993CF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000UA => C:\Users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.) Task: {355A5378-B316-4FAF-8D8E-0530130B9539} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe [2012-04-25] (Samsung Electronics Co., Ltd.) Task: {48B4BFF6-71D2-42B1-9FB1-5D12533F89E5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {499E5498-9BC1-41B8-9AA7-B374C70FC9AB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe Task: {4A90C28F-9F2E-4B98-BA87-DD28D224CE6D} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe [2012-04-03] (Samsung Electronics) Task: {4BD66359-E7B1-4A4E-BF3F-33E317B0F328} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] () Task: {4DC7F62D-4365-40A5-9323-DDE1C3401065} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-12-06] (Samsung Electronics CO., LTD.) Task: {4E374606-4B63-485B-BBEA-1C858F7676BF} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe [2011-11-18] (SAMSUNG Electronics co., LTD.) Task: {67CFA382-0D96-4579-9052-98700A95C485} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {79B5B480-BF1C-40A8-B134-2A4122222FE4} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {8B1B4B36-02DD-44CB-87BD-21C261B50629} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2013-10-16] (Samsung Electronics CO., LTD.) Task: {8C440620-E8AB-406A-90D5-23F841C85F1C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {A42F526E-6317-4952-9E22-43F0AD01C68A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {BFC8BF4B-7DC8-4863-9A75-17FC3E714181} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A06\EPM.exe Task: {C2F716FC-B21D-4CD2-9826-1F7CE6245D26} - System32\Tasks\SCCSpeedBoot => C:\Program Files (x86)\Samsung\Easy Settings\SCCSpeedBoot.exe [2012-03-27] (Samsung Electronics Co., Ltd.) Task: {C502EA46-1457-4A9F-B641-ED87A7764146} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000Core => C:\Users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.) Task: {D6740682-6765-43D5-A0A2-C750EC948B76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-07] (Google Inc.) Task: {E1B86131-6FE5-457E-8DB0-B70A9A7C3513} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3636504314-1210934719-2044606185-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {E7003426-4074-43EA-857F-C8E9AD81C0E6} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe [2012-01-31] (Samsung Electronics) Task: {EDFD922B-E115-415B-8D91-5A83D2B4BA75} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-14] (Adobe Systems Incorporated) Task: {F1F83352-4831-4E13-851A-6446E2C7B80F} - System32\Tasks\SmartSetting => C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe [2012-05-02] (Samsung Electronics Co., Ltd.) Task: {F6D73DCC-AAC1-4B49-8B84-494AF877304A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink) Task: {F72BCA9D-3539-4D84-8FC6-385379EBF216} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000Core.job => C:\Users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000UA.job => C:\Users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2011-04-11 15:26 - 2011-04-11 15:26 - 00034304 _____ () C:\windows\System32\spd__l.dll 2011-11-24 02:06 - 2011-11-24 02:06 - 01061888 _____ () C:\windows\system32\spool\DRIVERS\x64\3\spd__du.dll 2013-01-19 19:02 - 2012-02-13 16:02 - 00031624 _____ () C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe 2011-01-27 16:28 - 2011-01-27 16:28 - 00706048 _____ () C:\windows\system32\SnMinDrv.dll 2012-05-08 00:11 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll 2011-04-05 00:18 - 2011-04-05 00:18 - 00094208 _____ () C:\windows\system32\IccLibDll_x64.dll 2012-03-30 17:43 - 2012-03-30 17:43 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2012-04-18 07:38 - 2012-04-18 07:38 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00655872 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll 2012-01-18 17:10 - 2012-01-18 17:10 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll 2012-01-06 16:40 - 2012-01-06 16:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: FirebirdGuardianOUDB => 2 MSCONFIG\Services: FirebirdServerOUDB => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Karin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup MSCONFIG\startupfolder: C:^Users^Karin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JL Alpine Advent Calendar 2013.lnk => C:\windows\pss\JL Alpine Advent Calendar 2013.lnk.Startup MSCONFIG\startupfolder: C:^Users^Karin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SABnzbd.lnk => C:\windows\pss\SABnzbd.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Google Update => "C:\Users\Karin\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: QuickFinder Scheduler => "c:\Program Files (x86)\Corel\WordPerfect Office X7\Programs\QFSCHD170.EXE" ==================== Faulty Device Manager Devices ============= Name: HP LaserJet P4015 Description: HP LaserJet P4015 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: HP LaserJet P4015 Description: HP LaserJet P4015 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (05/10/2014 00:31:18 PM) (Source: Application Hang) (User: ) (EventID: 1002) Description: Het programma Explorer.EXE, versie 6.1.7601.17567 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: f38 Starttijd: 01cf6c2ad2ec4a4d Eindtijd: 123 Toepassingspad: C:\windows\Explorer.EXE Rapport-id: 30af71ad-d82e-11e3-85a8-e81132d8f13d Error: (05/10/2014 11:01:55 AM) (Source: SideBySide) (User: ) (EventID: 80) Description: Kan activeringscontext voor C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/10/2014 11:00:48 AM) (Source: SideBySide) (User: ) (EventID: 80) Description: Kan activeringscontext voor C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/10/2014 10:36:52 AM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/09/2014 00:00:43 PM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/09/2014 10:37:37 AM) (Source: SideBySide) (User: ) (EventID: 80) Description: Kan activeringscontext voor C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/09/2014 09:23:44 AM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/08/2014 08:21:35 PM) (Source: WinMgmt) (User: ) (EventID: 10) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/08/2014 10:41:59 AM) (Source: SideBySide) (User: ) (EventID: 80) Description: Kan activeringscontext voor C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (05/08/2014 10:40:06 AM) (Source: SideBySide) (User: ) (EventID: 80) Description: Kan activeringscontext voor C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (05/10/2014 01:26:28 PM) (Source: Service Control Manager) (User: ) (EventID: 7034) Description: De Adobe Acrobat Update Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Error: (05/10/2014 10:36:34 AM) (Source: DCOM) (User: NT AUTHORITY) (EventID: 10016) Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC) Error: (05/09/2014 05:49:52 PM) (Source: DCOM) (User: ) (EventID: 10010) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (05/09/2014 00:00:44 PM) (Source: DCOM) (User: NT AUTHORITY) (EventID: 10016) Description: toepassingsspecifiekLokaalStarten{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC) Error: (05/09/2014 11:58:13 AM) (Source: DCOM) (User: ) (EventID: 10010) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (05/09/2014 11:58:10 AM) (Source: Service Control Manager) (User: ) (EventID: 7030) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (05/09/2014 11:57:29 AM) (Source: Application Popup) (User: ) (EventID: 1060) Description: \??\C:\ComboFix\catchme.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error: (05/09/2014 11:57:29 AM) (Source: Application Popup) (User: ) (EventID: 1060) Description: \??\C:\ComboFix\catchme.sys kan niet worden geladen vanwege incompatibiliteit met dit systeem. Vraag de leverancier van de software om een compatibele versie van het stuurprogramma. Error: (05/09/2014 11:55:00 AM) (Source: Service Control Manager) (User: ) (EventID: 7030) Description: De PEVSystemStart-service staat aangeduid als een interactieve service. Het systeem is echter zodanig geconfigureerd dat interactieve services niet zijn toegestaan. Deze service werkt mogelijk niet juist. Error: (05/09/2014 11:51:44 AM) (Source: Service Control Manager) (User: ) (EventID: 7034) Description: De SamsungDeviceConfiguration-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-05-09 11:57:29.327 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2014-05-09 11:57:29.264 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2014-05-09 11:57:29.218 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2014-05-09 11:57:29.155 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2014-05-03 21:53:11.066 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2014-05-03 21:53:11.003 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2013-01-19 18:30:49.281 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2013-01-19 18:30:47.958 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\igdpmd64.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Memory info =========================== Percentage of memory in use: 30% Total physical RAM: 6057.55 MB Available physical RAM: 4225.37 MB Total Pagefile: 12113.27 MB Available Pagefile: 10015.28 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:271 GB) (Free:69.03 GB) NTFS Drive d: () (Fixed) (Total:403.68 GB) (Free:242.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 1048DB7F) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=271 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=404 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=24 GB) - (Type=27) ======================================================== Disk: 1 (Size: 7 GB) (Disk ID: 74F02DEA) Partition 1: (Not Active) - (Size=7 GB) - (Type=73) ==================== End Of Log ============================
  13. I hope it's better now. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014Ran by Karin (administrator) on KARINSCOMPUTER on 10-05-2014 13:30:43Running from C:\Users\Karin\DesktopPlatform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Dutch StandardInternet Explorer Version 11Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe() C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe(Microsoft Corporation) C:\Windows\System32\wlanext.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe(Intel Corporation) C:\Windows\System32\igfxext.exe(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe(Intel Corporation) C:\Windows\System32\hkcmd.exe(Intel Corporation) C:\Windows\System32\igfxpers.exe(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe(Intel Corporation) C:\Windows\System32\igfxsrvc.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-05-09] (ELAN Microelectronics Corp.)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12661352 2011-08-01] (Realtek Semiconductor)HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [383544 2012-12-14] (Citrix Systems, Inc.)Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [256568 2012-12-14] (Citrix Systems, Inc.)Startup: C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnkShortcutTarget: Dropbox.lnk -> C:\Users\Karin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearchHKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ieStartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exeBHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No FileFilter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox:========FF Plugin: @microsoft.com/GENUINE - disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @doubletwist.com/NPPodcast - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Karin\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Karin\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext Chrome: =======CHR Plugin: (Shockwave Flash) - C:\Users\Karin\AppData\Local\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll ()CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewerCHR Plugin: (Native Client) - C:\Users\Karin\AppData\Local\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll ()CHR Plugin: (Chrome PDF Viewer) - C:\Users\Karin\AppData\Local\Google\Chrome\Application\34.0.1847.131\pdf.dll ()CHR Plugin: (Screen Capture Plugin) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcbnchcgjcjphmnpndoelbdhakdlfkk\5.1.2_0\plugin/screen_capture.dll No FileCHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)CHR Plugin: (doubletwist Plugin 1, 3, 0, 0) - C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No FileCHR Plugin: (Java Platform SE 7 U15) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No FileCHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No FileCHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()CHR Plugin: (RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll No FileCHR Plugin: (RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll No FileCHR Plugin: (RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll No FileCHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll No FileCHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)CHR Plugin: (Java Deployment Toolkit 7.0.150.3) - C:\windows\SysWOW64\npDeployJava1.dll No FileCHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll No FileCHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll No FileCHR Extension: (A Quotation) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aafpohheobbibbehfjogminpinjhlpmg [2012-07-02]CHR Extension: (Google Translate) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2012-07-02]CHR Extension: (Flashcards) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgakpcekaedlfopplbbmbbknppkpjgp [2012-07-02]CHR Extension: (My World) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemeppengemohiobmmjhfddbhcgkomhm [2012-07-02]CHR Extension: (APA Format Citation Generator) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agdhpmnfhdpooglfjfobdbhcahkdbgcd [2012-07-02]CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2012-07-02]CHR Extension: (ENGLISH MEMORY) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aidhibeakadjobeknimdalmhfekikmaa [2012-07-02]CHR Extension: (Angry Birds) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-07-02]CHR Extension: (File Converter) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alblmaecejifbilchdofkdanifpmnmfk [2012-06-18]CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2012-06-18]CHR Extension: (Kalender) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlmhkflbgjoeeophdjheadfljoielhi [2012-06-18]CHR Extension: (Google Drive) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-05-07]CHR Extension: (Joliprint) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\baoaaennablinpmcncancjpbinjbpiij [2012-05-07]CHR Extension: (Writebox) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbehjmjchoiaglkeboicbgkpfafcmhij [2012-06-18]CHR Extension: (Bookvoid) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbiiohnfgknkkoalnbonfdafmgbpckad [2012-07-02]CHR Extension: (TV) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2012-06-18]CHR Extension: (Stay Useful) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbcnjljkpkieejgkkepmlobboembfgh [2012-06-18]CHR Extension: (News Reader (van Google)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhhcdlggicnjoobiphdkdgmblbknkjjp [2012-07-02]CHR Extension: (To Do List) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhieleigbmmonbckblbeodlmlihacjco [2012-06-18]CHR Extension: (TED) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhngmopjabffcomehdlajegigjjlaahk [2012-07-02]CHR Extension: (Uitzending Gemist) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkpcnaghidjmebljggjmdplpckcngnfm [2012-06-18]CHR Extension: (YouTube) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-07]CHR Extension: (TV Toolbar) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmffljhpjffaibnkiljchamajobikjgc [2012-06-18]CHR Extension: (TVGiDS.tv) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocdjdnpjmkaaaangagmlnkcpfjkjfcn [2012-06-18]CHR Extension: (NOS Journaal 24) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbknjpoleohapmcpbijledchdfjogmoe [2012-06-18]CHR Extension: (EasyBib) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbpiiblghhnlalifiaddecedaeaijdpe [2012-07-02]CHR Extension: (AlterKeywords) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbjmbomkbkibdpkmdafpmjefmopnbil [2012-07-02]CHR Extension: (Idea Chimp) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdaefdhbhegpiajkofimpohaobgidipo [2012-06-18]CHR Extension: (Memonic Web Clipper) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdonhidhobjahdhlcegfakicbcgnkokh [2012-05-07]CHR Extension: (MySocialCloud App) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfgmceckcicgclijhbkceppoegmnjaep [2013-03-08]CHR Extension: (Adblock Plus) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-07-02]CHR Extension: (Earth for Chrome) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiocoehplocalbhdpckfoiameeefkna [2012-07-02]CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2012-05-07]CHR Extension: (Flashcard Stash) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgopclnilgekngdlkfkegddejocmmmim [2012-07-02]CHR Extension: (Remember The Milk) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdiaibgndcpagmnpkjoelgfkommjbni [2012-06-18]CHR Extension: (Smartsheet Project Management Software) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cindmhdfkimaeggbebfjkmkdfiohldbm [2012-06-18]CHR Extension: (Screen capture) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcbnchcgjcjphmnpndoelbdhakdlfkk [2012-09-19]CHR Extension: (ZOHO NoteBook) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkmmdgdkpapcekiookglhdhdkhbpdfp [2012-05-07]CHR Extension: (Google Zoeken) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-07]CHR Extension: (Screen Capture (by Google)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpngackimfmofbokmjmljamhdncknpmg [2012-06-18]CHR Extension: (Search by Image (by Google)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2012-07-02]CHR Extension: (Read Later Fast) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2012-06-18]CHR Extension: (Zoho Projects) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhifphcimhhfnhlemdpmlonlkgfkjjae [2012-05-07]CHR Extension: (FlashCards) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\diejjofgldkjkhmfjagdjdodjebpglhb [2012-07-02]CHR Extension: (Simple Dictation) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\diondlbenfmpcapnbegmodfdgmnnpgln [2012-09-06]CHR Extension: (Awesome Screenshot for Chrome OS™) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphhbbnlnbdkabjgkljkhplmehadonid [2012-09-19]CHR Extension: (RealtimeBoard Extension) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecfnenchgjbicgaooadfdmcojkcmjblk [2013-04-17]CHR Extension: (Gemist.FM) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehmickpbonjinhcnkmojnbachlakpki [2012-07-02]CHR Extension: (Blocnote) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efgpgbcidmnhkoeceikdacelidndbfgl [2012-06-18]CHR Extension: (Davitily Math Academy) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehdgkencbhniekejnjmlkpfmcambmikj [2012-07-02]CHR Extension: (Add Tasks to Do It (Tomorrow)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimhlfnbjllicocigjdalpodkokffbmm [2012-06-18]CHR Extension: (MailChimp) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\einnfnfpkbbebamphappjlmbedgjbnoe [2012-07-02]CHR Extension: (Google Agenda) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-05-07]CHR Extension: (Box - 10GB of FREE storage) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2012-05-07]CHR Extension: (DayHiker) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\emambmpgicpidmncfacjkeicobamadod [2012-06-18]CHR Extension: (goo.gl shortener + share on twitter) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdndabnoclcmkbdgakdhdpjghagfnapj [2012-07-03]CHR Extension: (Chrome Notepad) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffbhefmlcoihbjcmibbfkocmnaiacinp [2012-06-18]CHR Extension: (AFAS Personal Bijwerk Assistent) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhdjnejhhklnclpkbnfmfimijnlmghfk [2012-09-04]CHR Extension: (MindMap) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdaeohpmcenmffofpikllphdhlkkocfa [2012-05-07]CHR Extension: (Facebook for Chrome) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2012-06-18]CHR Extension: (Lucidchart for Education) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdbabpaggdgcakhjllleobffeghmhjme [2012-07-02]CHR Extension: (Planetarium) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2012-07-02]CHR Extension: (AdBlock) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-07-02]CHR Extension: (Google Calendar (by Google)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2012-06-18]CHR Extension: (Opslaan in Google Drive) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2013-04-17]CHR Extension: (Pinknop) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-10]CHR Extension: (TweetDeck by Twitter) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2012-05-07]CHR Extension: (Memonic) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hejjjnnbamjillkkomahknangbpjfdpd [2012-05-07]CHR Extension: (SOLE 64) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\henmjlkeiiclnbeomllgmojdeedomape [2012-07-02]CHR Extension: (VoiceNote II - Speech to text) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2012-09-06]CHR Extension: (Reader Plus) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhcknjkmaaeinhdjgimjnophgpbdgfmg [2012-07-02]CHR Extension: (Online project management software: Wedoist) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfemlcofmppfkjnndnoakpgekdmkpbn [2012-06-18]CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-04-17]CHR Extension: (ScrumMe, for your better ideas!) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpojfhmgahfgnpambeihjahmkdlgidel [2012-06-18]CHR Extension: (Quotes Book) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfjeadhjbcepmknoanimdbemlobmlpe [2012-07-02]CHR Extension: (goo.gl URL Shortener) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2012-07-02]CHR Extension: (Afdrukken) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idfnpgjblkahngbondojabhffkkdekbd [2012-06-18]CHR Extension: (TV ) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iffljgmhofcggeboampmcfcpfjgkngdg [2012-06-18]CHR Extension: (NOS Video) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggmbjghgeahcopdibklblgfkfendefg [2012-06-18]CHR Extension: (Sync Dropbox, Evernote, and Google Drive) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobcbdgacfkninlcbphihhdlkobkehia [2012-06-18]CHR Extension: (Dropbox) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-07-14]CHR Extension: (Clearly) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2012-07-02]CHR Extension: (The Brain Shaker) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jffonbajomllfeoikanfboknplfhgapk [2012-06-18]CHR Extension: (Zoho Writer) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeidloagadfcohacebhbkkapgpiddj [2012-05-07]CHR Extension: (TV Live NL) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifanecohijepkkblheccjaifodljbgh [2012-06-18]CHR Extension: (Pocket Website) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2013-04-17]CHR Extension: (Todoist: To-do-lijst en Takenmanager) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jldhpllghnbhlbpcmnajkpdmadaolakh [2012-06-18]CHR Extension: (Neerslagalarm) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhabpjomliflpffmhbdolblceidbkni [2012-06-18]CHR Extension: (Conceptboard) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnacnlekfaehkfdbkohnhpmdagnfaeio [2012-06-18]CHR Extension: (StumbleUpon) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg [2012-06-18]CHR Extension: (WordPress.com) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2012-07-02]CHR Extension: (Diigo Web) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kipfakkakbicobflnnminhjjdkglgbmf [2013-03-08]CHR Extension: (Labyrint) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeimnckmnebflgijneknoapkcnaffnl [2012-06-18]CHR Extension: (iPers) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkeojjidndgdpjcgmoihnhoecbijkoka [2012-06-18]CHR Extension: (Evernote Web) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2012-05-07]CHR Extension: (NU.nl) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lehjiccafpalhkgafiiojjhbogpooekb [2012-06-18]CHR Extension: (Blogger) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2012-07-02]CHR Extension: (World Digital Library - UNESCO) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lganibdddhhoohdchmljgclacnfnkfgb [2012-07-02]CHR Extension: (TV for Google Chrome™) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe [2012-06-18]CHR Extension: (QuickLessons) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\llehkkhnhclifmncieifnkdnmhphbdbd [2012-07-02]CHR Extension: (Google Maps) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2012-05-07]CHR Extension: (spiderscribe) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\loanbdhogffocnffhbmncfdhphjkbolc [2012-07-02]CHR Extension: (Chromapaper) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpjpjcgbkjefppoahpegfajifjdmcblb [2013-03-08]CHR Extension: (3D Solar System Web) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdaaepplopehigjgkolniddiadbbkphd [2012-07-02]CHR Extension: (Explain and Send Screenshots) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2012-05-07]CHR Extension: (Open Library Book Search) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfabonemecnhlpcdippbpgjhmdciegii [2012-07-02]CHR Extension: (Earbits Radio - Gratis Muziek) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgkjffcdjblaipglnmhanakilfbniihj [2012-07-02]CHR Extension: (Quick Note) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2012-06-18]CHR Extension: (Tasky for Google Tasks) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbfkceielapenhcdmppjfjfhjelhcjc [2012-06-18]CHR Extension: (Pocket) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2013-10-09]CHR Extension: (Buienradar) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjikgngoladdhoedpiafmioajmkacofg [2012-06-18]CHR Extension: (PDF Cloud Gereedschap) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjpieolhcmajmolkhbbeljknkcdcmffk [2012-05-07]CHR Extension: (ChemReference: Periodic Table) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjpnebljmdbglkmlnijcaplhfhkhdnib [2012-07-02]CHR Extension: (Today's Schedule in Google Calendar™) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaaneppndljkmpgdcglnpfagfhjhipc [2012-06-18]CHR Extension: (Sticky Notes) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmfklpmdfldnnjbkdmamhokiphfkfieg [2012-06-18]CHR Extension: (Delicious Bookmarks Extension) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnaelnkmidnndgikjbiifihgklnocljd [2012-05-07]CHR Extension: (StudyStack) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nboldpjijadohjhnkadkdbonjlgbjadd [2012-07-02]CHR Extension: (Zoho Docs) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nflhfcjfjkohgcgpldeffhlgeooejomn [2012-06-18]CHR Extension: (Shorten with Goo.gl) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkcdmekigeplbgofmgljdjccdpmhikp [2012-07-03]CHR Extension: (Radio) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhpdjhpnoggcnfihakphcdibkdohbmcm [2012-07-02]CHR Extension: (Pocket (formerly Read It Later)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2013-03-08]CHR Extension: (XMind on Roozz) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkahklbihfpckmhooikaomidogmdoiel [2012-06-18]CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2012-07-02]CHR Extension: (Zoho Reports) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmhkiaiikklhjkbgopajnacalammmkbi [2012-07-02]CHR Extension: (Google Wallet) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]CHR Extension: (AFAS Personal) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nohcndkndhdiknpkkmeplfhajcilbnkd [2012-05-07]CHR Extension: (Weeronline actueel Nederland) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npgafdngocgnaincgfbpeblbeaadkpfa [2012-06-18]CHR Extension: (QuickTasks for Google Tasks™) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajcndmcnpneaginggljpobbbdngkkko [2012-06-18]CHR Extension: (Hiuznote Sticky Notes & Link Manager) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpamimnomcogjplnddbbldnofcafmpi [2012-06-18]CHR Extension: (Advanced Periodic Table) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpkghbakijeifcoimhhechlmcbdmmli [2012-07-02]CHR Extension: (Search Switch) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\odoffcbofmhhhohnekpfmpgopgfhbflf [2013-04-17]CHR Extension: (Bookmax - Bookmark Manager) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpkfadmfhloombfmmlllnbhkoehckm [2013-03-08]CHR Extension: (Lyrics voor Google Chrome™) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglbipcbkmlknhfhabolnniekmlhfoek [2012-06-18]CHR Extension: (QR Code Maker and URL Shortner) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhbomnbakaahalcclnhgkdncibanmgd [2012-07-02]CHR Extension: (SABconnect++) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okphadhbbjadcifjplhifajfacbkkbod [2013-05-25]CHR Extension: (Online Muziek Luisteren) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olacollommkcihebibpjdbhkngcnhgdg [2012-07-02]CHR Extension: (Picasa) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2012-06-18]CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2012-06-18]CHR Extension: (Google Calendar Checker (van Google)) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2012-06-18]CHR Extension: (RealtimeBoard) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfmbdmhambgleempeofcjjhjclimccg [2013-04-17]CHR Extension: (Psykopaint) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil [2012-05-07]CHR Extension: (Appie) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pidjpfnhaidmahnblgikaaadclebmoio [2012-06-18]CHR Extension: (Evernote Web Clipper) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2012-05-07]CHR Extension: (Instapaper) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjalnmnmioafeenidfbjkghaglaenjbp [2013-03-08]CHR Extension: (Google Reader) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-07-02]CHR Extension: (Gmail) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-07]CHR Extension: (goo.gl URL Shortener extension) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjnggipjiafeklgjdclhhkeefdebipmm [2012-07-03]CHR Extension: (draw.io) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\plgmlhohecdddhbmmkncjdmlhcmaachm [2012-07-02]CHR Extension: (Connected Mind) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmkffmgahaepmhkhkblhopnpleeikokc [2012-06-18]CHR Extension: (@Delicious) - C:\Users\Karin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplcoloalmjgljnbpkhcojpjnjbggppe [2013-03-08]CHR HKCU\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Karin\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2012-08-21]CHR HKLM-x32\...\Chrome\Extension: [edflbdjfhpiboilnedfoiepbmcllkedb] - C:\Users\Karin\AppData\Local\CRE\edflbdjfhpiboilnedfoiepbmcllkedb.crx [2012-08-21]CHR StartMenuInternet: Google Chrome - C:\Users\Karin\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Whitelisted) ================= S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [77904 2011-05-26] (Diskeeper Corporation)S4 FirebirdGuardianOUDB; C:\Program Files (x86)\OuDB\Firebird\bin\fbguard.exe [98304 2010-09-17] (Firebird Project)S4 FirebirdServerOUDB; C:\Program Files (x86)\OuDB\Firebird\bin\fbserver.exe [3735552 2010-09-17] (Firebird Project)R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc)S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] ()S3 Samsung UPD Service2; C:\windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)R2 SamsungDeviceConfigurationWinService; C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [31624 2012-02-13] ()R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3018800 2013-10-21] (Samsung Electronics CO., LTD.) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [76368 2011-05-26] (Diskeeper Corporation)R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)S3 catchme; \??\C:\ComboFix\catchme.sys [X]S3 SBIOSIO; \??\C:\Users\Karin\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-10 13:29 - 2014-05-10 13:30 - 02065408 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe2014-05-10 13:25 - 2014-05-10 13:26 - 00448512 _____ (OldTimer Tools) C:\Users\Karin\Desktop\TFC.exe2014-05-09 12:05 - 2014-05-09 12:05 - 00028401 _____ () C:\Users\Karin\Desktop\ComboFix-2.txt2014-05-09 12:05 - 2014-05-09 12:05 - 00028401 _____ () C:\ComboFix.txt2014-05-09 11:50 - 2014-05-09 12:05 - 00000000 ____D () C:\ComboFix2014-05-08 20:35 - 2014-05-08 20:35 - 00000000 ___SD () C:\windows\system32\CompatTel2014-05-08 20:26 - 2014-05-08 20:26 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion2014-05-08 20:10 - 2014-05-08 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip2014-05-08 20:10 - 2014-05-08 20:10 - 00000000 ____D () C:\Program Files\7-Zip2014-05-08 20:09 - 2014-05-08 20:09 - 01376768 _____ () C:\Users\Karin\Downloads\7z920-x64.msi2014-05-08 09:11 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll2014-05-08 09:11 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll2014-05-05 17:14 - 2014-05-05 17:14 - 00057410 _____ () C:\Users\Karin\Desktop\Addition-2.txt2014-05-05 17:10 - 2014-05-05 17:10 - 00072733 _____ () C:\Users\Karin\Desktop\FRST-2.txt2014-05-05 17:02 - 2014-05-05 17:02 - 00000627 _____ () C:\Users\Karin\Desktop\Eset.txt2014-05-05 15:42 - 2014-05-05 15:42 - 02347384 _____ (ESET) C:\Users\Karin\Desktop\esetsmartinstaller_enu.exe2014-05-05 15:42 - 2014-05-05 15:42 - 00000000 ____D () C:\Program Files (x86)\ESET2014-05-05 15:06 - 2014-05-05 15:06 - 00003303 _____ () C:\Users\Karin\Desktop\AdwCleaner[s0].txt2014-05-05 14:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll2014-05-05 14:36 - 2014-05-05 15:04 - 00000000 ____D () C:\AdwCleaner2014-05-05 14:36 - 2014-05-05 14:36 - 01316991 _____ () C:\Users\Karin\Desktop\AdwCleaner.exe2014-05-05 14:23 - 2014-05-05 14:23 - 00005608 _____ () C:\Users\Karin\Desktop\JRT.txt2014-05-05 14:17 - 2014-05-05 14:17 - 01016261 _____ (Thisisu) C:\Users\Karin\Desktop\JRT.exe2014-05-05 14:17 - 2014-05-05 14:17 - 00000000 ____D () C:\windows\ERUNT2014-05-05 14:02 - 2014-05-05 14:02 - 00004462 _____ () C:\Users\Karin\Desktop\JavaRa.log2014-05-05 14:02 - 2014-05-05 14:02 - 00004462 _____ () C:\JavaRa.log2014-05-05 13:59 - 2014-05-05 13:59 - 00000000 ____D () C:\Users\Karin\Desktop\RemoveJava2014-05-05 13:58 - 2014-05-05 13:58 - 00165483 _____ () C:\Users\Karin\Desktop\JavaRa-1.16-28-5-13.zip2014-05-03 22:13 - 2014-05-03 22:13 - 00028344 _____ () C:\Users\Karin\Desktop\ComboFix.txt2014-05-03 22:13 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-05-03 22:13 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-05-03 22:13 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-05-03 22:13 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-05-03 21:44 - 2014-05-09 12:05 - 00000000 ____D () C:\Qoobox2014-05-03 21:44 - 2011-06-26 08:45 - 00256000 _____ () C:\windows\PEV.exe2014-05-03 21:44 - 2010-11-07 19:20 - 00208896 _____ () C:\windows\MBR.exe2014-05-03 21:44 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe2014-05-03 21:44 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe2014-05-03 21:44 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe2014-05-03 21:44 - 2000-08-31 02:00 - 00098816 _____ () C:\windows\sed.exe2014-05-03 21:44 - 2000-08-31 02:00 - 00080412 _____ () C:\windows\grep.exe2014-05-03 21:44 - 2000-08-31 02:00 - 00068096 _____ () C:\windows\zip.exe2014-05-03 21:41 - 2014-05-09 11:50 - 05200039 ____R (Swearware) C:\Users\Karin\Desktop\ComboFix.exe2014-04-30 14:42 - 2014-04-30 14:42 - 00002938 _____ () C:\Users\Karin\Desktop\RKreport[0]_S_04302014_144206.txt2014-04-30 14:35 - 2014-04-30 14:43 - 00000000 ____D () C:\Users\Karin\Desktop\RK_Quarantine2014-04-30 14:35 - 2014-04-30 14:35 - 04527616 _____ () C:\Users\Karin\Downloads\RogueKillerX64.exe2014-04-30 14:30 - 2014-04-30 14:30 - 00001157 _____ () C:\Users\Karin\Desktop\malwarebytes.txt2014-04-30 14:11 - 2014-05-03 22:00 - 00000000 ____D () C:\windows\ERDNT2014-04-30 14:08 - 2014-04-30 14:08 - 00000888 _____ () C:\Users\Karin\Desktop\NTREGOPT.lnk2014-04-30 14:08 - 2014-04-30 14:08 - 00000869 _____ () C:\Users\Karin\Desktop\ERUNT.lnk2014-04-30 14:08 - 2014-04-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-30 14:08 - 2014-04-30 14:08 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-30 14:06 - 2014-04-30 14:06 - 00791393 _____ (Lars Hederer ) C:\Users\Karin\Downloads\erunt-setup.exe2014-04-30 14:03 - 2014-04-30 14:04 - 00002618 _____ () C:\Users\Karin\Desktop\Rkill.txt2014-04-30 14:03 - 2014-04-30 14:03 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Karin\Downloads\iExplore.exe2014-04-30 13:51 - 2014-05-10 13:30 - 00040569 _____ () C:\Users\Karin\Desktop\FRST.txt2014-04-30 13:51 - 2014-05-05 17:08 - 00057410 _____ () C:\Users\Karin\Desktop\Addition.txt2014-04-30 13:48 - 2014-04-30 13:48 - 02061824 _____ (Farbar) C:\Users\Karin\Downloads\FRST64.exe2014-04-29 02:06 - 2014-04-29 02:06 - 17338544 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe2014-04-24 10:44 - 2014-05-08 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote2014-04-19 12:42 - 2014-04-19 12:42 - 02158592 _____ (Farbar) C:\Users\Karin\Downloads\FRST64 (1).exe2014-04-19 11:19 - 2014-04-30 13:51 - 00074744 _____ () C:\Users\Karin\Downloads\FRST.txt2014-04-19 11:19 - 2014-04-30 13:51 - 00058874 _____ () C:\Users\Karin\Downloads\Addition.txt2014-04-19 11:18 - 2014-05-10 13:30 - 00000000 ____D () C:\FRST2014-04-19 09:26 - 2014-05-05 15:10 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-04-19 09:26 - 2014-04-19 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-04-19 09:26 - 2014-04-19 09:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-19 09:26 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys2014-04-19 09:26 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys2014-04-19 09:24 - 2014-04-19 09:25 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Karin\Downloads\mbam-setup-2.0.1.1004.exe2014-04-19 09:19 - 2014-04-19 09:20 - 00004129 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b14.log2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys2014-04-17 15:05 - 2014-04-17 15:05 - 00000000 ___SD () C:\Users\Karin\Documents\Mijn shapes2014-04-13 18:08 - 2014-04-13 18:08 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList2014-04-13 18:08 - 2014-04-13 18:08 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList2014-04-12 20:55 - 2014-04-12 20:55 - 00000000 ____D () C:\Users\Karin\Documents\QPPriv2014-04-11 13:38 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll2014-04-11 13:38 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll2014-04-11 13:38 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll2014-04-11 13:38 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll2014-04-11 13:38 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll2014-04-11 13:38 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll2014-04-11 13:38 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll2014-04-11 13:38 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll2014-04-11 13:38 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe2014-04-11 13:38 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe2014-04-11 13:38 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll2014-04-11 13:38 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe2014-04-11 13:38 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll2014-04-11 13:38 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll2014-04-11 13:38 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe2014-04-11 13:38 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll2014-04-11 13:38 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll2014-04-11 13:38 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll2014-04-11 13:38 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll2014-04-11 13:38 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll2014-04-11 13:38 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll2014-04-11 13:38 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll2014-04-11 13:38 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll2014-04-11 13:38 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll2014-04-11 13:38 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll2014-04-11 13:38 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll2014-04-11 13:38 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe2014-04-11 13:38 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll2014-04-11 13:38 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll2014-04-11 13:38 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll2014-04-11 13:38 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll2014-04-11 13:38 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl2014-04-11 13:38 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll2014-04-11 13:38 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll2014-04-11 13:38 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll2014-04-11 13:38 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll2014-04-11 13:38 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl2014-04-11 13:38 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll2014-04-11 13:38 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll2014-04-11 13:38 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll2014-04-11 13:38 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll2014-04-11 13:38 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll2014-04-11 13:38 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll2014-04-11 13:38 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll2014-04-11 12:30 - 2014-04-11 12:30 - 00000000 ____D () C:\Program Files (x86)\MSECache2014-04-11 12:09 - 2014-04-11 12:09 - 01151310 _____ () C:\Users\Karin\Downloads\X7_Incentive_Files.zip2014-04-11 12:09 - 2014-04-11 12:09 - 00000000 ____D () C:\Users\Karin\Documents\Working Files2014-04-11 12:07 - 2014-04-12 20:55 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Corel2014-04-11 12:07 - 2014-04-11 12:09 - 00000000 ____D () C:\ProgramData\Protexis2014-04-11 12:06 - 2014-04-11 12:06 - 00002911 _____ () C:\Users\Public\Desktop\WordPerfect Lightning.lnk2014-04-11 12:06 - 2014-04-11 12:06 - 00002402 _____ () C:\Users\Public\Desktop\Presentations X7.lnk2014-04-11 12:06 - 2014-04-11 12:06 - 00002368 _____ () C:\Users\Public\Desktop\Quattro Pro X7.lnk2014-04-11 12:06 - 2014-04-11 12:06 - 00002338 _____ () C:\Users\Public\Desktop\WordPerfect X7.lnk2014-04-11 12:05 - 2014-04-11 12:06 - 00000000 ____D () C:\Users\Public\Documents\WordPerfect Office2014-04-11 12:05 - 2014-04-11 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X72014-04-11 12:05 - 2014-04-11 12:06 - 00000000 ____D () C:\ProgramData\Corel2014-04-11 12:05 - 2014-04-11 12:05 - 00000000 ____D () C:\ProgramData\Borland2014-04-11 12:05 - 2014-04-11 12:05 - 00000000 ____D () C:\Program Files\Common Files\Corel2014-04-11 12:05 - 2014-04-11 12:05 - 00000000 ____D () C:\Program Files (x86)\Corel2014-04-11 12:03 - 2014-04-11 12:07 - 00000000 ____D () C:\ProgramData\WordPerfect Office X72014-04-11 11:56 - 2014-04-11 12:01 - 430117032 _____ (Acresso Software Inc. ) C:\Users\Karin\Downloads\WordPerfectOfficeInstaller.exe2014-04-10 18:17 - 2014-04-10 18:18 - 32139488 _____ () C:\Users\Karin\Downloads\fah-installer_7.4.4_x86.exe ==================== One Month Modified Files and Folders ======= 2014-05-10 13:30 - 2014-05-10 13:29 - 02065408 _____ (Farbar) C:\Users\Karin\Desktop\FRST64.exe2014-05-10 13:30 - 2014-04-30 13:51 - 00040569 _____ () C:\Users\Karin\Desktop\FRST.txt2014-05-10 13:30 - 2014-04-19 11:18 - 00000000 ____D () C:\FRST2014-05-10 13:26 - 2014-05-10 13:25 - 00448512 _____ (OldTimer Tools) C:\Users\Karin\Desktop\TFC.exe2014-05-10 13:20 - 2012-05-07 23:18 - 00001054 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job2014-05-10 13:19 - 2012-05-07 23:26 - 00001066 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000UA.job2014-05-10 12:53 - 2012-05-14 15:42 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Dropbox2014-05-10 12:35 - 2012-05-03 18:54 - 00000940 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job2014-05-10 10:44 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-05-10 10:44 - 2009-07-14 06:45 - 00021200 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-05-10 10:41 - 2011-09-21 01:46 - 01468076 _____ () C:\windows\WindowsUpdate.log2014-05-10 10:40 - 2012-05-07 14:06 - 00000000 ____D () C:\ProgramData\MFAData2014-05-10 10:35 - 2012-05-07 23:18 - 00001050 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job2014-05-10 10:35 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT2014-05-10 10:35 - 2009-07-14 06:51 - 00159923 _____ () C:\windows\setupact.log2014-05-10 10:35 - 2009-07-14 06:45 - 00460208 _____ () C:\windows\system32\FNTCACHE.DAT2014-05-09 13:47 - 2012-05-10 21:28 - 00000000 ____D () C:\ProgramData\Adobe2014-05-09 13:47 - 2012-04-20 19:23 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Adobe2014-05-09 13:45 - 2012-04-20 19:19 - 00123376 _____ () C:\Users\Karin\AppData\Local\GDIPFONTCACHEV1.DAT2014-05-09 12:40 - 2012-05-07 12:35 - 00000000 ____D () C:\ProgramData\Microsoft Help2014-05-09 12:05 - 2014-05-09 12:05 - 00028401 _____ () C:\Users\Karin\Desktop\ComboFix-2.txt2014-05-09 12:05 - 2014-05-09 12:05 - 00028401 _____ () C:\ComboFix.txt2014-05-09 12:05 - 2014-05-09 11:50 - 00000000 ____D () C:\ComboFix2014-05-09 12:05 - 2014-05-03 21:44 - 00000000 ____D () C:\Qoobox2014-05-09 11:59 - 2010-11-21 05:47 - 00431922 _____ () C:\windows\PFRO.log2014-05-09 11:59 - 2009-07-14 04:34 - 00000215 _____ () C:\windows\system.ini2014-05-09 11:50 - 2014-05-03 21:41 - 05200039 ____R (Swearware) C:\Users\Karin\Desktop\ComboFix.exe2014-05-09 10:19 - 2012-05-07 23:26 - 00001014 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000Core.job2014-05-09 10:14 - 2012-05-07 23:26 - 00004036 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000UA2014-05-09 10:14 - 2012-05-07 23:26 - 00003640 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3636504314-1210934719-2044606185-1000Core2014-05-08 20:35 - 2014-05-08 20:35 - 00000000 ___SD () C:\windows\system32\CompatTel2014-05-08 20:26 - 2014-05-08 20:26 - 00000000 ____D () C:\Users\Karin\Desktop\FRST-OlderVersion2014-05-08 20:10 - 2014-05-08 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip2014-05-08 20:10 - 2014-05-08 20:10 - 00000000 ____D () C:\Program Files\7-Zip2014-05-08 20:09 - 2014-05-08 20:09 - 01376768 _____ () C:\Users\Karin\Downloads\7z920-x64.msi2014-05-08 10:07 - 2014-04-24 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote2014-05-08 09:21 - 2012-05-07 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive2014-05-08 09:15 - 2012-05-07 23:18 - 00004050 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA2014-05-08 09:15 - 2012-05-07 23:18 - 00003798 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore2014-05-05 17:14 - 2014-05-05 17:14 - 00057410 _____ () C:\Users\Karin\Desktop\Addition-2.txt2014-05-05 17:10 - 2014-05-05 17:10 - 00072733 _____ () C:\Users\Karin\Desktop\FRST-2.txt2014-05-05 17:08 - 2014-04-30 13:51 - 00057410 _____ () C:\Users\Karin\Desktop\Addition.txt2014-05-05 17:02 - 2014-05-05 17:02 - 00000627 _____ () C:\Users\Karin\Desktop\Eset.txt2014-05-05 15:42 - 2014-05-05 15:42 - 02347384 _____ (ESET) C:\Users\Karin\Desktop\esetsmartinstaller_enu.exe2014-05-05 15:42 - 2014-05-05 15:42 - 00000000 ____D () C:\Program Files (x86)\ESET2014-05-05 15:10 - 2014-04-19 09:26 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys2014-05-05 15:06 - 2014-05-05 15:06 - 00003303 _____ () C:\Users\Karin\Desktop\AdwCleaner[s0].txt2014-05-05 15:04 - 2014-05-05 14:36 - 00000000 ____D () C:\AdwCleaner2014-05-05 14:36 - 2014-05-05 14:36 - 01316991 _____ () C:\Users\Karin\Desktop\AdwCleaner.exe2014-05-05 14:23 - 2014-05-05 14:23 - 00005608 _____ () C:\Users\Karin\Desktop\JRT.txt2014-05-05 14:17 - 2014-05-05 14:17 - 01016261 _____ (Thisisu) C:\Users\Karin\Desktop\JRT.exe2014-05-05 14:17 - 2014-05-05 14:17 - 00000000 ____D () C:\windows\ERUNT2014-05-05 14:02 - 2014-05-05 14:02 - 00004462 _____ () C:\Users\Karin\Desktop\JavaRa.log2014-05-05 14:02 - 2014-05-05 14:02 - 00004462 _____ () C:\JavaRa.log2014-05-05 13:59 - 2014-05-05 13:59 - 00000000 ____D () C:\Users\Karin\Desktop\RemoveJava2014-05-05 13:58 - 2014-05-05 13:58 - 00165483 _____ () C:\Users\Karin\Desktop\JavaRa-1.16-28-5-13.zip2014-05-05 13:56 - 2013-02-22 11:07 - 00000000 ____D () C:\Program Files (x86)\Java2014-05-03 22:13 - 2014-05-03 22:13 - 00028344 _____ () C:\Users\Karin\Desktop\ComboFix.txt2014-05-03 22:00 - 2014-04-30 14:11 - 00000000 ____D () C:\windows\ERDNT2014-04-30 18:09 - 2014-04-01 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG2014-04-30 18:09 - 2013-10-14 17:17 - 00000935 _____ () C:\Users\Public\Desktop\AVG 2014.lnk2014-04-30 14:43 - 2014-04-30 14:35 - 00000000 ____D () C:\Users\Karin\Desktop\RK_Quarantine2014-04-30 14:42 - 2014-04-30 14:42 - 00002938 _____ () C:\Users\Karin\Desktop\RKreport[0]_S_04302014_144206.txt2014-04-30 14:35 - 2014-04-30 14:35 - 04527616 _____ () C:\Users\Karin\Downloads\RogueKillerX64.exe2014-04-30 14:30 - 2014-04-30 14:30 - 00001157 _____ () C:\Users\Karin\Desktop\malwarebytes.txt2014-04-30 14:08 - 2014-04-30 14:08 - 00000888 _____ () C:\Users\Karin\Desktop\NTREGOPT.lnk2014-04-30 14:08 - 2014-04-30 14:08 - 00000869 _____ () C:\Users\Karin\Desktop\ERUNT.lnk2014-04-30 14:08 - 2014-04-30 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT2014-04-30 14:08 - 2014-04-30 14:08 - 00000000 ____D () C:\Program Files (x86)\ERUNT2014-04-30 14:06 - 2014-04-30 14:06 - 00791393 _____ (Lars Hederer ) C:\Users\Karin\Downloads\erunt-setup.exe2014-04-30 14:04 - 2014-04-30 14:03 - 00002618 _____ () C:\Users\Karin\Desktop\Rkill.txt2014-04-30 14:03 - 2014-04-30 14:03 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Karin\Downloads\iExplore.exe2014-04-30 13:51 - 2014-04-19 11:19 - 00074744 _____ () C:\Users\Karin\Downloads\FRST.txt2014-04-30 13:51 - 2014-04-19 11:19 - 00058874 _____ () C:\Users\Karin\Downloads\Addition.txt2014-04-30 13:48 - 2014-04-30 13:48 - 02061824 _____ (Farbar) C:\Users\Karin\Downloads\FRST64.exe2014-04-29 16:01 - 2014-05-03 22:13 - 23547904 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll2014-04-29 15:40 - 2014-05-03 22:13 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb2014-04-29 14:48 - 2014-05-03 22:13 - 17384448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll2014-04-29 14:34 - 2014-05-03 22:13 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb2014-04-29 12:22 - 2012-05-07 23:26 - 00002394 _____ () C:\Users\Karin\Desktop\Google Chrome.lnk2014-04-29 11:48 - 2012-05-03 18:54 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe2014-04-29 11:48 - 2012-05-03 18:54 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl2014-04-29 02:06 - 2014-04-29 02:06 - 17338544 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe2014-04-22 21:19 - 2011-09-21 02:37 - 00746014 _____ () C:\windows\system32\perfh013.dat2014-04-22 21:19 - 2011-09-21 02:37 - 00153934 _____ () C:\windows\system32\perfc013.dat2014-04-22 21:19 - 2009-07-14 07:13 - 01670960 _____ () C:\windows\system32\PerfStringBackup.INI2014-04-22 14:12 - 2014-02-27 16:13 - 00000000 ____D () C:\windows\pss2014-04-22 14:12 - 2012-04-20 19:08 - 00000000 ___RD () C:\Users\Karin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup2014-04-22 14:12 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup2014-04-19 12:42 - 2014-04-19 12:42 - 02158592 _____ (Farbar) C:\Users\Karin\Downloads\FRST64 (1).exe2014-04-19 11:30 - 2012-06-19 21:40 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\BitTorrent2014-04-19 09:26 - 2014-04-19 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-04-19 09:26 - 2014-04-19 09:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-04-19 09:26 - 2014-02-07 11:47 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-04-19 09:26 - 2012-06-19 10:24 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Malwarebytes2014-04-19 09:26 - 2012-06-19 10:24 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-04-19 09:25 - 2014-04-19 09:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Karin\Downloads\mbam-setup-2.0.1.1004.exe2014-04-19 09:20 - 2014-04-19 09:19 - 00004129 _____ () C:\windows\SysWOW64\jupdate-1.7.0_55-b14.log2014-04-19 09:20 - 2013-10-21 08:56 - 00000000 ____D () C:\ProgramData\Oracle2014-04-18 21:18 - 2012-08-28 14:43 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\vlc2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys2014-04-17 15:05 - 2014-04-17 15:05 - 00000000 ___SD () C:\Users\Karin\Documents\Mijn shapes2014-04-17 14:10 - 2012-05-07 12:56 - 00000441 _____ () C:\windows\BRWMARK.INI2014-04-14 10:23 - 2012-05-10 21:30 - 00000000 ____D () C:\Users\Karin\AppData\Local\Adobe2014-04-14 10:23 - 2012-05-03 18:54 - 00003878 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater2014-04-14 04:24 - 2014-05-08 09:11 - 00465408 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll2014-04-14 04:19 - 2014-05-08 09:11 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll2014-04-13 18:08 - 2014-04-13 18:08 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieUserList2014-04-13 18:08 - 2014-04-13 18:08 - 00000000 __SHD () C:\Users\Karin\AppData\Local\EmieSiteList2014-04-12 20:55 - 2014-04-12 20:55 - 00000000 ____D () C:\Users\Karin\Documents\QPPriv2014-04-12 20:55 - 2014-04-11 12:07 - 00000000 ____D () C:\Users\Karin\AppData\Roaming\Corel2014-04-11 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache2014-04-11 17:34 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions2014-04-11 12:30 - 2014-04-11 12:30 - 00000000 ____D () C:\Program Files (x86)\MSECache2014-04-11 12:09 - 2014-04-11 12:09 - 01151310 _____ () C:\Users\Karin\Downloads\X7_Incentive_Files.zip2014-04-11 12:09 - 2014-04-11 12:09 - 00000000 ____D () C:\Users\Karin\Documents\Working Files2014-04-11 12:09 - 2014-04-11 12:07 - 00000000 ____D () C:\ProgramData\Protexis2014-04-11 12:07 - 2014-04-11 12:03 - 00000000 ____D () C:\ProgramData\WordPerfect Office X72014-04-11 12:06 - 2014-04-11 12:06 - 00002911 _____ () C:\Users\Public\Desktop\WordPerfect Lightning.lnk2014-04-11 12:06 - 2014-04-11 12:06 - 00002402 _____ () C:\Users\Public\Desktop\Presentations X7.lnk2014-04-11 12:06 - 2014-04-11 12:06 - 00002368 _____ () C:\Users\Public\Desktop\Quattro Pro X7.lnk2014-04-11 12:06 - 2014-04-11 12:06 - 00002338 _____ () C:\Users\Public\Desktop\WordPerfect X7.lnk2014-04-11 12:06 - 2014-04-11 12:05 - 00000000 ____D () C:\Users\Public\Documents\WordPerfect Office2014-04-11 12:06 - 2014-04-11 12:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X72014-04-11 12:06 - 2014-04-11 12:05 - 00000000 ____D () C:\ProgramData\Corel2014-04-11 12:05 - 2014-04-11 12:05 - 00000000 ____D () C:\ProgramData\Borland2014-04-11 12:05 - 2014-04-11 12:05 - 00000000 ____D () C:\Program Files\Common Files\Corel2014-04-11 12:05 - 2014-04-11 12:05 - 00000000 ____D () C:\Program Files (x86)\Corel2014-04-11 12:01 - 2014-04-11 11:56 - 430117032 _____ (Acresso Software Inc. ) C:\Users\Karin\Downloads\WordPerfectOfficeInstaller.exe2014-04-10 18:18 - 2014-04-10 18:17 - 32139488 _____ () C:\Users\Karin\Downloads\fah-installer_7.4.4_x86.exe2014-04-10 14:12 - 2012-05-05 12:37 - 00000000 ____D () C:\Users\Karin\AppData\Local\CrashDumps ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legitC:\Windows\System32\wininit.exe => MD5 is legitC:\Windows\SysWOW64\wininit.exe => MD5 is legitC:\Windows\explorer.exe => MD5 is legitC:\Windows\SysWOW64\explorer.exe => MD5 is legitC:\Windows\System32\svchost.exe => MD5 is legitC:\Windows\SysWOW64\svchost.exe => MD5 is legitC:\Windows\System32\services.exe => MD5 is legitC:\Windows\System32\User32.dll => MD5 is legitC:\Windows\SysWOW64\User32.dll => MD5 is legitC:\Windows\System32\userinit.exe => MD5 is legitC:\Windows\SysWOW64\userinit.exe => MD5 is legitC:\Windows\System32\rpcss.dll => MD5 is legitC:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-09 10:36 ==================== End Of Log ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.