Mango

En als je de upgrade buiten beschouwing laat zou je dan een iets betere kunnen?

Het liefst geen 17 inch maar rond de 15-16 inch. Ik woon in Nederland en mijn voorkeur gaat naar Windows 7 maar, als er laptop is voor de zelfde prijs die beter is kwa hardware en windows 8 heeft, vind ik het niet erg.

Niemand?

Beste, Ik ga waarschijnlijk een nieuwe laptop kopen en ik zou graag willen weten welke het beste is. Mijn budget is ongeveer 700 Euro. Ik ga hem gebruiken voor internet, youtube, skype, office maar geen gaming maar het zou wel leuk zijn als hij wat lichte games op low aan zou kunnen maar het hoeft niet. Marco

Is het niet mogelijk om er een te kopen?

Met alle respect, jullie zijn allemaal vrijwilligers maar ik heb hier geen verstand van en ik zou dit graag willen weten want ik wil die HDD zsm bestellen

Hallo, Bij die Windows event log stond alles hoe het moest maar die BITS zag ik niet bij de kijst met Services staan

Hier het speccy logje: http://speccy.piriform.com/results/teUUTb4xMgL6Oyeofxvcr0x En hoe zit het met die updates?

Ik heb trouwens de pc opnieuw opgestart en heb toen nog een keer bij de updates geschiedenis gekeken en er stonden een heel stel updates alleen bij de WIndows fix stond wel de het nog niet was opgelost. Nu staat er dat ik nog 12 updates kan doen maar als ik daar op klik krijg ik een foutmelding: 80246008.

Als ik de fix uitvoer voor de updates staat er aan het einde: 1 probleem niet opgelost: het windows update probleem(niet precies zo maar ongeveer) Dit staat er bij apparaatbeheer: Ik heb AVG remover uitgevoerd en opnieuw gedownload. Alvast bedankt Marco

Beste, Heel erg bedankt! Als ik naar de windows update geschiedenis kijk staan er geen updates en als ik klik op zoeken naar windows updates krijg ik dit: Er kan momenteel niet naar updates worden gezocht, omdat de Windows Update-service niet actief is. U moet uw computer mogelijk opnieuw opstarten. Hier het ipconfig logje: Windows IP-configuratie Hostnaam . . . . . . . . . . . . : Marcos-PC Primair DNS-achtervoegsel . . . . : Knooppunttype . . . . . . . . . . : hybride IP-routering ingeschakeld . . . . : nee WINS-proxy ingeschakeld . . . . . : nee DNS-achtervoegselzoeklijst. . . . : lan Draadloos LAN-adapter voor Draadloze netwerkverbinding: Verbindingsspec. DNS-achtervoegsel: lan Beschrijving. . . . . . . . . . . : TP-LINK 450Mbps Wireless N Adapter Fysiek adres. . . . . . . . . . . : 64-70-02-18-A0-14 DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Link-local IPv6-adres . . . . . . : fe80::5445:ccb:2b4c:176d%11(voorkeur) IPv4-adres. . . . . . . . . . . . : 192.168.2.40(voorkeur) Subnetmasker. . . . . . . . . . . : 255.255.255.0 Lease verkregen . . . . . . . . . : zaterdag 25 mei 2013 10:15:02 Lease verlopen. . . . . . . . . . : zondag 26 mei 2013 18:01:45 Standaardgateway. . . . . . . . . : 192.168.2.254 DHCP-server . . . . . . . . . . . : 192.168.2.254 DHCPv6 IAID . . . . . . . . . . . : 241463298 DHCPv6-client DUID. . . . . . . . : 00-01-00-01-18-2E-E0-D0-64-70-02-18-A0-14 DNS-servers . . . . . . . . . . . : 8.26.56.26 156.154.70.22 NetBIOS via TCPIP . . . . . . . . : ingeschakeld Tunnel-adapter voor isatap.lan: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja Tunnel-adapter voor LAN-verbinding* 9: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja Tunnel-adapter voor 6TO4 Adapter: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Microsoft 6to4 Adapter Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja

Bedankt voor het nakijken van het logje. Hier het volgende logje: # AdwCleaner v2.301 - Verslag gemaakt op 24/05/2013 om 15:37:12 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Marco - MARCOS-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Marco.Marcos-PC\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** Sleutel Verwijdert : HKLM\Software\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Waarde Verwijdert : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16476 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v20.0.1 (nl) -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] ************************* AdwCleaner[s1].txt - [987 octets] - [24/05/2013 15:37:12] ########## EOF - C:\AdwCleaner[s1].txt - [1046 octets] ##########

Oke heel erg bedankt voor uw hulp

Nee ik kan hem niet inschakelen, als ik het probeer krijg ik dezelfde foutmelding. Hier het logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:58:31, on 23-5-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16476) Boot mode: Normal Running processes: C:\Origin\Origin.exe C:\Users\Marco.Marcos-PC\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Marco.Marcos-PC\AppData\Local\Akamai\netsession_win.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG2013\avgui.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe E:\League of Legends\RADS\system\rads_user_kernel.exe E:\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.156\deploy\LoLLauncher.exe E:\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.18\deploy\LolClient.exe C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe E:\HjJackThis\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [EADM] "C:\Origin\Origin.exe" -AutoStart O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Marco.Marcos-PC\AppData\Local\Akamai\netsession_win.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.aeriagames.com O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASP.NET-statusservice (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10592 bytes

- - - Updated - - - En ik weet zeker dat mijn anitvirus is ingeschakeld want ik kan hem uitschakelen

Volgens mij is die niet up to date want ik had de proefversie, heb die verwijderd en heb toen de normale versie gedownload - - - Updated - - - de gratis versie bedoel ik

Als AVG open en ik kijk naar firewall, staat er niet geinstalleerd als ik er dan op klik word er gevraagd of ik avg wil kopen

http://speccy.piriform.com/results/saIkw7ByDfqSPvOC4kGlqVP Hier mijn hardware:)

Hij staat volgens mij niet op die ingesteld maar als ik op welke tab dan ook bij windows firewall klik krijg ik een scherm waar ik op aanbevolen instellingen gebruiken kan klikken en als ik daar ik op klik krijg ik de foutmelding: Windows Firewall kan niet alle instellingen wijzigen. Foutcode: 0x80070424

Ik had nog een vraag, als ik in mijn pc kijk zie ik dat de twee hardeschijfen die ik al heb op een soort platform zitten, moet ik deze apart aanschaffen of krijg ik die er bij?

Ik heb AVG anitvirus maar ik weet niet of daar ook een firewall bij zit.

Hoe zet ik mijn firewall uit?

Beste, Als ik op mijn pc (windows 7) wil inloggen op een game dan krijg ik een melding dat mijn firewall het blokkeert of andere dingen, hier wat er precies staat: The game client is unable to gain access to the log in server at this time. This is most commonly caused by a firewall or router settings, security applications, or connecting through a campus network. For additional support, please visit http:/support.guildwars2.com Alvast bedankt, Marco

Beste, Ik had een paar weken geleden het politie virus, nu heeft mijn vader het ook. Hier zijn logje van Hitmanpro: HitmanPro 3.7.3.194 www.hitmanpro.com Computer name . . . . : ESTLS104053 Windows . . . . . . . : 6.1.1.7601.X86/4 User name . . . . . . : NT AUTHORITY\SYSTEM UAC . . . . . . . . . : Disabled License . . . . . . . : Free Scan date . . . . . . : 2013-05-20 10:46:31 Scan mode . . . . . . : Normal Scan duration . . . . : 2m 33s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 2 Traces . . . . . . . : 55 Objects scanned . . . : 1,210,875 Files scanned . . . . : 58,389 Remnants scanned . . : 342,884 files / 809,602 keys Malware _____________________________________________________________________ C:\Program Files\Yontoo\YontooIEClient.dll Size . . . . . . . : 197,920 bytes Age . . . . . . . : 84.5 days (2013-02-24 23:24:50) Entropy . . . . . : 6.4 SHA-256 . . . . . : 5DA9DA1648BAE0F19137BA19D5E41743A7FDB0D8309898797CE47C03357B189B Product . . . . . : Yontoo Runtime Publisher . . . . : Yontoo LLC Description . . . : Yontoo Runtime Version . . . . . : 1.10.01 Copyright . . . . : Copyright (c) 2011 Yontoo LLC. All rights reserved. RSA Key Size . . . : 2048 Authenticode . . . : Valid > Emsisoft . . . . . : Adware.Win32.Yontoo.AMN!A2 Fuzzy . . . . . . : 97.0 Startup HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ References HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\ HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1\ HKLM\SOFTWARE\Classes\YontooIEClient.Layers\ HKU\S-1-5-21-3877897231-801669177-1469586255-24500\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll Size . . . . . . . : 454,144 bytes Age . . . . . . . : 84.5 days (2013-02-24 23:24:50) Entropy . . . . . : 6.4 SHA-256 . . . . . : 1D25C1AF5C7A3A9A7CFBB899F22A3D015A928B42BC7F43E52EBF5056551065EB > Emsisoft . . . . . : Adware.Win32.Yontoo.AMN!A2 Fuzzy . . . . . . : 106.0 Suspicious files ____________________________________________________________ C:\ProgramData\76zjefo.dat Size . . . . . . . : 110,592 bytes Age . . . . . . . : 1.5 days (2013-05-18 21:40:27) Entropy . . . . . : 6.6 SHA-256 . . . . . : D10E6976F9D06C5CA02B7CCDAB3B77C295F8544E65D1180A704A99B3FFEFF253 Product . . . . . : Microsoft® Windows® Operating System Publisher . . . . : Microsoft Corporation Description . . . : Atm Epvc Install DLL Version . . . . . : 5.1.2600.0 Copyright . . . . : © Microsoft Corporation. All rights reserved. Service . . . . . : Winmgmt Fuzzy . . . . . . : 51.0 The file name extension of this program is not common. This file was most recently added as automatic startup. Uses the Startup folder in the Start Menu to run each time the user logs on. Starts automatically as a service during system bootup. Uses the Windows Registry to run each time the user logs on. Program starts automatically without user intervention. Time indicates that the file appeared recently on this computer. The file is in use by one or more active processes. Startup C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\ HKU\S-1-5-21-3877897231-801669177-1469586255-24500\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe Forensic Cluster -47.6s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\G1HRSG43.txt -47.6s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\NSERQPK5.txt -47.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\processflightqry[5].htm -45.6s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\ZVL4EXRS.txt -45.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\gadoormetboeken[1].gif -45.5s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\S4NVFI57.txt -45.3s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\5A87YQFV.txt -45.3s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\O03FWQJA.txt -45.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\visited[1].gif -45.3s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\SNSPQM4A.txt -45.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\schedule_bg7_2[1].gif -45.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\schedule_bg7_5[1].gif -45.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\schedule_bg_empty7[1].gif -45.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\schedule_bg7_1[1].gif -43.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\71e5b141d1[9] -42.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\creative[7].jsonp -41.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\i[2].txt -41.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\st[2] -40.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\imp[4] -40.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\iframe3[1].htm -39.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\8gcf744Waxolp752[1].htm -37.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\search[2].htm -30.6s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\index[1].htm -30.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\jquery.min[2].js -30.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\lp.3244[1].css -29.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\support[1].js -29.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\bg[1].jpg -29.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\bg_form[1].png -29.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\bg_girl2[1].jpg -29.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\regform[1].js -29.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\submit[1].png -28.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\messages_registration[1].js -28.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\counter[1].htm -28.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\autofilling.funn[1].js -28.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\M0sgMn0BXMD10TFk0BtgY0PFWd0Snkt05UW80t3tJ0yNLt0D7eP0wven0n0lp0d1SF0YCtw0LXMK0zz960dUZc0E7at0ul6t0wC0L0oTvr05lyi0KYCE0BIsy04c3R09sOM12yJV0Zomi0SB2z[1].htm -27.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\logo[2].png -27.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\bg_footer2[1].png -27.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\slogan[1].png -27.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\ed2[1].swf -27.6s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\kyofeyag[1].html -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#stat.easydate.biz\ -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#stat.easydate.biz\settings.sol -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5US3R7TS\stat.easydate.biz\ -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5US3R7TS\stat.easydate.biz\images\ -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5US3R7TS\stat.easydate.biz\images\ed2.swf\ -27.6s C:\Users\Stefano Capitanio\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\5US3R7TS\stat.easydate.biz\images\ed2.swf\srfp_28.sol -27.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\pdfx[1].html -26.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\bhqzfu[1].html -26.6s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\SD2IGAPM.txt -26.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\fnts[1].html -20.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\EPzWV[1].eot -17.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\jovf[1].html -8.3s C:\Users\Stefano Capitanio\AppData\Local\Temp\jar_cache5150577693533343309.tmp -2.9s C:\Users\Stefano Capitanio\AppData\Local\Temp\0.8400041962097492.bfg -2.5s C:\Windows\Prefetch\JP2LAUNCHER.EXE-42754454.pf -2.1s C:\Users\Stefano Capitanio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\46a3c6bf-4f9c338f -2.1s C:\Users\Stefano Capitanio\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\46a3c6bf-4f9c338f.idx -1.7s C:\Windows\Prefetch\JAVA.EXE-066C5985.pf -1.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\kyofeyag[2].html -0.1s C:\ProgramData\rundll32.exe 0.0s C:\ProgramData\76zjefo.dat 3.4s C:\ProgramData\ofejz67.pad 4.6s C:\ProgramData\as98213.txt 4.8s C:\Quarantine\7dd51215281f34b0.bup 6.5s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA161.pf 6.7s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\msconfig.lnk 6.8s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA13C.pf 6.8s C:\ProgramData\McAfee\Common Framework\AgentEvents\20130518214033574800000000AC0.txml 8.2s C:\Windows\Prefetch\REGSVR32.EXE-55A4EE79.pf 9.3s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA186.pf 11.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\acr_depnx_error[1] 11.8s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA117.pf 12.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\acr[1] 12.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\red_x[1] 12.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\bullet[1] 12.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\main[1].html 14.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\brand[2] 15.1s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA1AB.pf 15.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\ADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=1368906041577;misc=1368906041577[1] 15.3s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA1F5.pf 15.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\AdId=8953884;BnId=12;itime=906040674;key=key1+key2+key3+key4;nodecode=yes;link=[1] 16.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\FEB15_Bupa%20Int%20-%20Get%20A%20Quote%20-%2030%20Secs%20-%20728x90[1].swf 16.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906043340[1] 16.6s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906043512[1] 17.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906044292[1] 17.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\ADTECH;loc=100;target=_blank;misc=1368906044432[1] 17.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\ADTECH;loc=100;target=_blank;grp=[group];misc=1368906044775[1] 17.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\bdr2__[1].gif 18.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\u6QPaOchmhM[1].htm 18.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\vonage_227161_final_01[1].jpg 18.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\ADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=1368906041577;misc=1368906045150[1] 18.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\likebox[1].htm 18.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\13f35_be8f[1].jpg 18.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\13ead_88fa[1].jpg 18.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\13f2d_b3ba[1].jpg 18.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\AdId=8953884;BnId=13;itime=906043072;key=key1+key2+key3+key4;nodecode=yes;link=[1] 18.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\195626_100000284857521_1447576048_q[1].jpg 18.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\48773_589976486_674363087_q[1].jpg 18.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\624068_1657050534_771470215_q[1].jpg 18.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\211490_100002207186000_6917111_q[1].jpg 18.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\FEB15_Bupa%20Int%20-%20Find%20Out%20More%20NEW%20-%2030%20Secs%20-%20120x600[1].swf 19.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\161880_100001870251990_136350863_q[1].jpg 19.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\ADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=1368906041577;misc=1368906045914[1] 19.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906046212[1] 19.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\watch-strings-en_GB-vfloS7TQG[1].xml 19.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906046321[1] 19.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\crossdomain[2].xml 19.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\safe_image[1].jpg 19.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\267625_10151497848932600_1565594850_n[1].jpg 20.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\941546_10151493115247600_1135248158_n[1].png 20.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\179962_10151497848927600_1091016716_n[1].jpg 20.0s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\943681_10151494529952600_2090120174_n[1].png 20.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\557870_10151497849022600_65642210_n[1].jpg 20.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\safe_image[2].jpg 20.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\941565_10151490224222600_1346889520_n[1].png 20.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\923038_10151492698442600_1914801765_n[1].jpg 20.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\ADTECH;loc=100;target=_blank;key=key1+key2+key3+key4;grp=1368906041577;misc=1368906047226[1] 20.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\hqdefault[1].jpg 20.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\969276_10151496075742600_1726108414_n[1].png 20.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\safe_image[1].jpg 20.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\safe_image[2].png 20.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\safe_image[1].jpg 20.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906047335[1] 20.6s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{D5ED5693-BFF2-11E2-AE85-402CF41CB5D7}.dat 20.6s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\ADTECH;loc=100;target=_blank;grp=1368906041577;misc=1368906047569[1] 20.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Last Active\{D5ED5694-BFF2-11E2-AE85-402CF41CB5D7}.dat 20.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\ads[2].htm 20.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\bgr_footer[1].png 20.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\bgr_inside_ttl[1].gif 20.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\bgr_inside[1].gif 20.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\bgr_inside_div[1].gif 20.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\expatica_logo_icon[1].gif 20.9s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\iframe[1].htm 21.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\small_2146610179[1].jpg 21.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\small_1168374910[1].jpg 21.2s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\small_1239253467[1].jpg 21.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\small_392490866[1].jpg 21.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\s[1].htm 22.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\pixel[1].htm 22.2s C:\Windows\Prefetch\CTFMON.EXE-AF4187A6.pf 22.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\favicon[4].ico 22.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\si[1].htm 22.5s C:\Users\Stefano Capitanio\AppData\Roaming\Microsoft\Windows\Cookies\RTA4PL1S.txt 23.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\Gj2ad6O09TZ[1].png 25.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\getData[3].html 26.5s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\extension[5].js 28.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\ancbanner_general_728x90_264[3].htm 28.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\sf_main[2].htm 29.3s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\creative[8].jsonp 29.6s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\i[7].txt 29.7s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\st[7] 30.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\imp[6] 30.8s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LQF70R63\f779499d58f9453da0dbd5055738b03b[1].swf 35.1s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56DBT6FG\WUAhotphoto[1].jpg 35.7s C:\Windows\Prefetch\RUNDLL32.EXE-EBECA1D0.pf 37.3s C:\Windows\Prefetch\RUNDLL32.EXE-E4D382E6.pf 43.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGNFXPII\AMD1a[1].jpg 51.4s C:\Users\Stefano Capitanio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8DCMIVL1\HSBC_expatkids_hot[1].jpg Potential Unwanted Programs _________________________________________________ C:\Program Files\Yontoo\ (Yontoo) C:\Program Files\Yontoo\sqlite3.exe (Yontoo) Size . . . . . . . : 465,408 bytes Age . . . . . . . : 84.5 days (2013-02-24 23:24:50) Entropy . . . . . : 6.5 SHA-256 . . . . . : F7B2783B68E6B991EEDAB07F6B2BFF0E6594E19AD470EDAA89618BC9ED367B3C Fuzzy . . . . . . : 12.0 C:\Program Files\Yontoo\Y2Desktop.Updater.exe (Yontoo) Size . . . . . . . : 23,552 bytes Age . . . . . . . : 84.5 days (2013-02-24 23:24:50) Entropy . . . . . : 5.6 SHA-256 . . . . . : 967B7FA83171485DA1EEF51DB2A21FD17DFB4846E1F700C83E516BD40A542DCA Product . . . . . : Y2Desktop.Updater Publisher . . . . : Microsoft Description . . . : Y2Desktop.Updater Version . . . . . : 1.0.0.0 Copyright . . . . : Copyright © Microsoft 2013 Service . . . . . : Yontoo Desktop Updater Fuzzy . . . . . . : 5.0 Startup HKLM\SYSTEM\CurrentControlSet\Services\Yontoo Desktop Updater\ C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo) C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll (Yontoo) C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat (Yontoo) C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe (Yontoo) Size . . . . . . . : 228,496 bytes Age . . . . . . . : 84.5 days (2013-02-24 23:24:50) Entropy . . . . . : 6.4 SHA-256 . . . . . : 1E03B1B06BBFFABBA51D1981F6361A8BDAC9902EF2F99BCA832674A20163E684 Product . . . . . : Tarma® Installer Publisher . . . . : Tarma Software Research Pty Ltd Description . . . : Tarma® Installer Version . . . . . : 2011.08.09.0847U Copyright . . . . : © 1990-2011 Tarma Software Research Pty Ltd RSA Key Size . . . : 2048 Authenticode . . . : Valid Fuzzy . . . . . . : -7.0 C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico (Yontoo) C:\Users\Stefano Capitanio\AppData\Roaming\Funmoods\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\esrv.EXE\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL\ (Yontoo) HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}\ (Yontoo) HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}\ (Funmoods) HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo) HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}\ (Funmoods) HKLM\SOFTWARE\Classes\CLSID\{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}\ (Yontoo) HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo) HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ (Yontoo) HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44b0-A826-84C829536E93}\ (Yontoo) HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1\ (Funmoods) HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc\ (Funmoods) HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ (Yontoo) HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ (Yontoo) HKLM\SOFTWARE\Classes\s\ (Softonic) HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}\ (Funmoods) HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\ (Yontoo) HKLM\SOFTWARE\Classes\YontooIEClient.Api.1\ (Yontoo) HKLM\SOFTWARE\Classes\YontooIEClient.Api\ (Yontoo) HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1\ (Yontoo) HKLM\SOFTWARE\Classes\YontooIEClient.Layers\ (Yontoo) HKLM\SOFTWARE\Funmoods\ (Funmoods) HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc\ (Yontoo) HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}\ (Funmoods) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ (Yontoo) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ (Yontoo) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{8D8654CD-7FBC-4C7E-84E9-371BFA8DB04E}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{9307081B-7444-494C-8CF6-2FA7C0E92BFB}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{9D9785E5-3424-40B6-A287-BA143AD53109}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{B6783DFA-B8C8-4CB6-AB9F-EF1A1F7F7AE8}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Products\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\ (Yontoo) Alvast Bedankt, Marco

Mijn voeding is de Corsair GS600