Mango

17 mei 2013

MIjn moederbord is de Asrock Z77 Pro3

17 mei 2013

Ik heb al 2 hardeschijfen dus dit wordt mijn derde, maakt dit iets uit?

17 mei 2013

Moet ik die voedingsconnector en dat SATA kabeltje apart kopen? En ook nog een bracket of zo iets?

16 mei 2013

Hij ziet er heel goed uit. Ik had nog een vraagje? Hoe moet ik die harde schijf der bij doen? Krijg ik hier een handleiding bij?

16 mei 2013

Beste,

Ik heb een tijdje geleden een pc gekocht en ik zou nu graag een harde schijf bijsteken. Kunnen jullie me der een adviseren met geheugen tussen 500 GB - 1TB. Niet meer dan 60 Euro zou ik zeggen.

Alvast bedankt,

Marco

14 mei 2013

Helemaal perfect. Heel erg bedankt voor uw tijd en hulp!

14 mei 2013

Hallo,

Zoek.exe Version 4.0.0.2 Updated 12-May-2013

Tool run by Marco on di 14-05-2013 at 15:48:34,12.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Older Logs ======================

C:\zoek-results12-05-2013-1404.log 17043 bytes

==== Deleting Files \ Folders ======================

"C:\users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt" deleted

"C:\Windows\tasks\ROC_REG_JAN_DELETE.job" deleted

"C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948" deleted

======== System Restore Points ========

RP101: 12-5-2013 19:00:12 - Windows Back-up

RP102: 12-5-2013 19:01:00 - Windows Back-up

12 mei 2013

Hier het mbam logje:

Malwarebytes Anti-Malware (-evaluatieversie-) 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.05.12.02

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Marco :: MARCOS-PC [administrator]

Bescherming: Ingeschakeld

12-5-2013 13:54:09

mbam-log-2013-05-12 (13-54-09).txt

Scan type: Snelle scan

Uitgeschakelde scan opties: P2P

Objecten gescand: 268857

Verstreken tijd: 1 minuut/minuten, 19 seconde(n)

Geheugenprocessen gedetecteerd: 1

C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe (Trojan.MWF.Gen) -> 468 -> Zal worden verwijderd tijdens het herstarten.

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft Windows Manager (Trojan.MWF.Gen) -> Data: C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1

C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe (Trojan.MWF.Gen) -> Zal worden verwijderd tijdens het herstarten.

(einde)

En hier het zoek.exe logje:

Zoek.exe Version 4.0.0.2 Updated 12-May-2013

Tool run by Marco on zo 12-05-2013 at 13:58:49,89.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1855381489-1449304910-2271455802-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

E:\Malwarebytes' Anti-Malware\mbamscheduler.exe

E:\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

E:\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Origin\Origin.exe

C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

C:\Users\Marco.Marcos-PC\AppData\Local\Akamai\netsession_win.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

E:\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

E:\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\Marco.Marcos-PC\Downloads\zoek.exe

C:\Windows\SysWOW64\cmd.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_169.exe

C:\Program Files (x86)\AVG\AVG2013\avgcfgex.exe

C:\Windows\SysWOW64\cmd.exe

==== FireFox Fix ======================

ProfilePath: C:\Users\Marco.Marcos-PC\AppData\Roaming\Mozilla\Firefox\Profiles\c7isuqlk.default

user.js not found

---- Lines snap.do removed from prefs.js ----

user_pref("keyword.URL", "http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=fd92bbb4-eefa-4137-b1d5-55519a993edd&searchtype=ds&q=");

---- Lines snap.do modified from prefs.js ----

---- Lines helperbar removed from prefs.js ----

user_pref("extensions.helperbar.DockingPositionDown", false);

user_pref("extensions.helperbar.LastHiddenTime", 22567335);

user_pref("extensions.helperbar.SmartbarDisabled", false);

user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

---- Lines helperbar modified from prefs.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_12-05-2013_1402_.backup

==== Deleting Files \ Folders ======================

"C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f" not found

"C:\ProgramData\9593d.pad" not found

"C:\Users\Marco.Marcos-PC\AppData\Roaming\skype.ini" deleted

"C:\Users\Marco.Marcos-PC\AppData\Roaming\Mozilla\Firefox\Profiles\c7isuqlk.default\searchplugins\Web Search.xml" deleted

"C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f" deleted

"C:\Windows\syswow64\appdata" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files (x86)\Common Files\Wondershare" deleted

"C:\Users\Marco.Marcos-PC\AppData\Roaming\OpenCandy" deleted

"C:\Users\Marco.Marcos-PC\AppData\Local\Wondershare" deleted

"C:\Windows\SysWow64\AI_RecycleBin" deleted

==== Registry Search Results for "$a3a5dff2beec6f70883664bf297a197f" ======================

No instances of string "$a3a5dff2beec6f70883664bf297a197f" found.

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\MARCO~1.MAR\AppData\Local\Temp ====

2013-05-12 09:47:49 CFB6778EEA0AE50BDF4124F9BFA49D27 287 ----a-w- C:\Users\MARCO~1.MAR\AppData\Local\Temp\0727114825.exe

2013-05-12 08:55:45 2FF9B590342C62748885D459D082295F 89248 --sha-w- C:\Users\MARCO~1.MAR\AppData\Local\Temp\InstallFlashPlayer.exe

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-05-12 09:45:10 D527F4855DBB46CDD7E9BD8492B95B5B 6736 ----a-w- C:\Windows\Sysnative\.crusader

====== C:\Windows\Sysnative\drivers =====

2013-04-24 06:04:01 B98F8C6E31CD07B2E6F71F7F648E38C0 1656680 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-05-12 09:43:30 -------- d-----w- C:\Program Files\HitmanPro

======= C:\Program Files (x86) =====

======= C: =====

====== C:\Users\Marco.Marcos-PC\AppData\Roaming ======

2013-05-12 08:55:43 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt

====== C:\Users\Marco.Marcos-PC ======

2013-05-12 09:43:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2013-05-12 09:42:47 -------- d-----w- C:\ProgramData\HitmanPro

2013-05-12 08:55:41 -------- d-sh--r- C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948

====== C: exe-files ==

2013-05-12 11:28:59 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Marco.Marcos-PC\Downloads\mbam-setup-1.75.0.1300.exe

2013-05-12 09:47:49 CFB6778EEA0AE50BDF4124F9BFA49D27 287 ----a-w- C:\Users\Marco.Marcos-PC\AppData\Local\Temp\0727114825.exe

2013-05-12 09:43:31 BE3B1DD6B8F89BD38B5C9ADF9C937B75 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe

2013-05-12 09:43:30 509401F6EC88BAB5463C996197E5EA08 9741664 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

2013-05-12 08:55:45 2FF9B590342C62748885D459D082295F 89248 --sha-w- C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1855381489-1449304910-2271455802-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"EADM"="C:\Origin\Origin.exe -AutoStart"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"

"Akamai NetSession Interface"="C:\Users\Marco.Marcos-PC\AppData\Local\Akamai\netsession_win.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="E:\iTunesHelper.exe"

"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"EADM"="C:\Origin\Origin.exe -AutoStart"

"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"

"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"

"Akamai NetSession Interface"="C:\Users\Marco.Marcos-PC\AppData\Local\Akamai\netsession_win.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-04-2013 15:43]

C:\Windows\tasks\ROC_REG_JAN_DELETE.job --a------ [undertermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Marco.Marcos-PC\AppData\Roaming\Mozilla\Firefox\Profiles\c7isuqlk.default

- DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Marco.Marcos-PC\AppData\Roaming\Mozilla\Firefox\Profiles\c7isuqlk.default

F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash

F00A0EF5835E1B96F783D617F1948704 - E:\Mozilla Plugins\npitunes.dll - iTunes Application Detector

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Use Search Asst"="yes"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=fd92bbb4-eefa-4137-b1d5-55519a993edd&searchtype=ds&q={searchTerms}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=fd92bbb4-eefa-4137-b1d5-55519a993edd&searchtype=ds&q={searchTerms}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"Default"="http://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=NL&userid=fd92bbb4-eefa-4137-b1d5-55519a993edd&searchtype=ds&q={searchTerms}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Use Search Asst"="no"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_USERS\S-1-5-21-1855381489-1449304910-2271455802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_USERS\S-1-5-21-1855381489-1449304910-2271455802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_USERS\S-1-5-21-1855381489-1449304910-2271455802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-1855381489-1449304910-2271455802-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Marco.Marcos-PC\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marco.Marcos-PC\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marco.Marcos-PC\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\Marco.Marcos-PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\MARCO~1.MAR\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

12 mei 2013

Heel erg bedankt voor de snelle reactie hier het logje:

HitmanPro 3.7.3.194
www.hitmanpro.com

  Computer name . . . . : MARCOS-PC
  Windows . . . . . . . : 6.1.1.7601.X64/4
  User name . . . . . . : NT AUTHORITY\SYSTEM
  UAC . . . . . . . . . : Disabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2013-05-12 11:43:31
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 42s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : Yes

  Threats . . . . . . . : 28
  Traces  . . . . . . . : 39

  Objects scanned . . . : 1.286.512
  Files scanned . . . . : 18.950
  Remnants scanned  . . : 275.975 files / 991.587 keys

Malware _____________________________________________________________________

  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n -> Quarantined
     Size . . . . . . . : 42.496 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:55:50)
     Entropy  . . . . . : 5.3
     SHA-256  . . . . . : 8244DDFCBA327A3F67A5582642C53241EE5E58D75808547CD74808BCDED272D0
   > G Data . . . . . . : Trojan.Sirefef.KH
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 138.0
        One or more antivirus vendors have indicated that the file is malicious.
        This file was most recently added as automatic startup.
        The file name extension of this program is not common.
        The hidden file attribute bit is set. This is not common to most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program starts automatically without user intervention.
        Time indicates that the file appeared recently on this computer.
     Startup
        HKLM\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\
     Forensic Cluster
        -9.8s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -9.8s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -7.8s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -7.1s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -7.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -6.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
        -5.7s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
        -4.2s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
        -4.2s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
        -0.0s C:\$Recycle.Bin\S-1-5-18\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
         0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
         0.0s C:\Windows\assembly\gac_64\Desktop.ini
         0.0s C:\Windows\assembly\gac_32\Desktop.ini
         0.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
        18.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
        23.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        36.8s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        37.1s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        39.9s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        40.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        45.7s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        49.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        49.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@ -> Quarantined
     Size . . . . . . . : 15.360 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:56:06)
     Entropy  . . . . . : 5.4
     SHA-256  . . . . . : E483D414588EA9E002CFADD9786088D90557AEB473C0C5C62C8E4B34C58DBDB9
   > G Data . . . . . . : Trojan.Generic.8044919
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 112.0
     Forensic Cluster
        -25.7s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -25.7s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -23.7s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -22.9s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -22.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -22.4s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -21.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -21.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -21.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -21.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
        -21.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
        -21.6s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
        -21.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
        -20.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
        -20.0s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
        -15.9s C:\$Recycle.Bin\S-1-5-18\
        -15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
        -15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
        -15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
        -15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
        -15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
        -15.9s C:\Windows\assembly\gac_64\Desktop.ini
        -15.9s C:\Windows\assembly\gac_32\Desktop.ini
        -15.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        -0.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        -0.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        -0.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
         0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
         2.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
         2.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
         2.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
         7.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        21.0s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        21.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        24.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        24.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        29.8s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        33.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        33.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@ -> Quarantined
     Size . . . . . . . : 90.624 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:56:09)
     Entropy  . . . . . : 6.6
     SHA-256  . . . . . : EF8766EFC0DDC7A56A71DBCC65200537988163512C70F9CE8CD44398943DE5AD
   > Ikarus . . . . . . : Trojan.Win32.Alureon!IK
     Fuzzy  . . . . . . : 112.0
     Forensic Cluster
        -28.4s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -28.4s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -26.4s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -25.7s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -25.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -25.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -24.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -24.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -24.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -24.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
        -24.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
        -24.3s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
        -24.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
        -22.8s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
        -22.8s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
        -18.6s C:\$Recycle.Bin\S-1-5-18\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
        -18.6s C:\Windows\assembly\gac_64\Desktop.ini
        -18.6s C:\Windows\assembly\gac_32\Desktop.ini
        -18.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        -3.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        -3.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        -3.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        -2.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
         0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
         0.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
         0.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
         4.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        18.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        18.5s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        21.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        21.6s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        27.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        30.6s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        30.6s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@ -> Quarantined
     Size . . . . . . . : 77.312 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:56:09)
     Entropy  . . . . . : 6.1
     SHA-256  . . . . . : DBDAEA813662144D3D37323DDAB9C9DC63501FB09E9DA3C70325BE5CA816C92B
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 112.0
     Forensic Cluster
        -28.5s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -28.5s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -26.4s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -25.7s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -25.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -25.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -24.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -24.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -24.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -24.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
        -24.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
        -24.4s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
        -24.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
        -22.8s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
        -22.8s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
        -18.6s C:\$Recycle.Bin\S-1-5-18\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
        -18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
        -18.6s C:\Windows\assembly\gac_64\Desktop.ini
        -18.6s C:\Windows\assembly\gac_32\Desktop.ini
        -18.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        -3.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        -3.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        -3.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        -2.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        -0.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
         0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
         0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
         4.4s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        18.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        18.4s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        21.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        21.5s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        27.0s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        30.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        30.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n -> Quarantined
     Size . . . . . . . : 42.496 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:55:45)
     Entropy  . . . . . : 5.3
     SHA-256  . . . . . : 8244DDFCBA327A3F67A5582642C53241EE5E58D75808547CD74808BCDED272D0
   > G Data . . . . . . : Trojan.Sirefef.KH
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 117.0
     Forensic Cluster
        -4.1s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -4.1s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -2.1s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -1.3s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -1.2s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -0.8s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
         0.0s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
         1.5s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
         1.6s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
         5.7s C:\$Recycle.Bin\S-1-5-18\
         5.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
         5.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
         5.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
         5.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
         5.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
         5.7s C:\Windows\assembly\gac_64\Desktop.ini
         5.7s C:\Windows\assembly\gac_32\Desktop.ini
         6.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        21.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        21.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        21.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        21.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        24.3s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
        24.4s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
        24.4s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
        28.8s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        42.6s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        42.8s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        45.7s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        45.9s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        51.4s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        54.9s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        54.9s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@ -> Quarantined
     Size . . . . . . . : 15.360 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 11:20:39)
     Entropy  . . . . . : 5.4
     SHA-256  . . . . . : E483D414588EA9E002CFADD9786088D90557AEB473C0C5C62C8E4B34C58DBDB9
   > G Data . . . . . . : Trojan.Generic.8044919
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 112.0
     Forensic Cluster
        -0.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        -0.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        -0.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
         0.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
         0.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
         0.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@

  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@ -> Quarantined
     Size . . . . . . . : 90.624 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 11:20:40)
     Entropy  . . . . . : 6.6
     SHA-256  . . . . . : EF8766EFC0DDC7A56A71DBCC65200537988163512C70F9CE8CD44398943DE5AD
   > Ikarus . . . . . . : Trojan.Win32.Alureon!IK
     Fuzzy  . . . . . . : 112.0
     Forensic Cluster
        -0.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        -0.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        -0.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        -0.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@

  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@ -> Quarantined
     Size . . . . . . . : 77.312 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 11:20:40)
     Entropy  . . . . . : 6.1
     SHA-256  . . . . . : DBDAEA813662144D3D37323DDAB9C9DC63501FB09E9DA3C70325BE5CA816C92B
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 112.0
     Forensic Cluster
        -0.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        -0.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        -0.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        -0.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        -0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
         0.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@

  C:\Users\Marco.Marcos-PC\AppData\Local\Temp\1761647130.exe -> Quarantined
     Size . . . . . . . : 107.520 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 11:06:58)
     Entropy  . . . . . : 5.4
     SHA-256  . . . . . : 45588A043504B8047C2FED0CD8B54CA931B6EADEC3749B2C0B494B8A649DA755
   > Emsisoft . . . . . : Trojan.Ransom.Win32.Foreign.cjgu.AMN!A2
     Fuzzy  . . . . . . : 108.0
     Forensic Cluster
        -3.0s C:\Users\Marco.Marcos-PC\AppData\Roaming\Apple Computer\Logs\asl.110655_12May13.log
         0.0s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\1761647130.exe
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\60577[1]

  C:\Users\Marco.Marcos-PC\AppData\Local\Temp\3645093495.exe -> Quarantined
     Size . . . . . . . : 107.520 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 11:19:20)
     Entropy  . . . . . : 5.4
     SHA-256  . . . . . : 45588A043504B8047C2FED0CD8B54CA931B6EADEC3749B2C0B494B8A649DA755
   > Emsisoft . . . . . : Trojan.Ransom.Win32.Foreign.cjgu.AMN!A2
     Fuzzy  . . . . . . : 108.0
     Forensic Cluster
        -2.8s C:\Users\Marco.Marcos-PC\AppData\Roaming\Apple Computer\Logs\asl.111917_12May13.log
         0.0s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\3645093495.exe
         2.4s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\WPDNSE\
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3P7OJCUM\
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3P7OJCUM\desktop.ini
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPC30HLA\
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MPC30HLA\desktop.ini
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R0EXLVJ6\
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KT75R2DP\
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KT75R2DP\desktop.ini
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R0EXLVJ6\desktop.ini
         4.6s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3P7OJCUM\17214[1]

  C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe -> Quarantined
     Size . . . . . . . : 107.520 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:55:43)
     Entropy  . . . . . : 5.4
     SHA-256  . . . . . : 45588A043504B8047C2FED0CD8B54CA931B6EADEC3749B2C0B494B8A649DA755
   > Emsisoft . . . . . : Trojan.Ransom.Win32.Foreign.cjgu.AMN!A2
     Fuzzy  . . . . . . : 108.0
     Forensic Cluster
        -2.7s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -2.7s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -0.7s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
         0.0s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
         0.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
         0.6s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
         1.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
         1.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
         1.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
         1.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
         1.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
         1.3s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
         1.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
         2.9s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
         2.9s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
         7.1s C:\$Recycle.Bin\S-1-5-18\
         7.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
         7.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
         7.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
         7.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
         7.1s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
         7.1s C:\Windows\assembly\gac_64\Desktop.ini
         7.1s C:\Windows\assembly\gac_32\Desktop.ini
         7.4s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        22.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        22.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        22.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        22.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        25.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
        25.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
        25.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
        30.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        43.9s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        44.1s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        47.0s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        47.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        52.7s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        56.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        56.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\Users\Marco.Marcos-PC\AppData\Roaming\skype.dat -> Quarantined
     Size . . . . . . . : 107.520 bytes
     Age  . . . . . . . : 183.1 days (2012-11-10 08:58:41)
     Entropy  . . . . . : 5.4
     SHA-256  . . . . . : 45588A043504B8047C2FED0CD8B54CA931B6EADEC3749B2C0B494B8A649DA755
   > Emsisoft . . . . . : Trojan.Ransom.Win32.Foreign.cjgu.AMN!A2
     Fuzzy  . . . . . . : 138.0
     Startup
        HKU\S-1-5-21-1855381489-1449304910-2271455802-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell

  C:\Windows\assembly\gac_32\Desktop.ini -> Quarantined
     Size . . . . . . . : 5.120 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:55:51)
     Entropy  . . . . . : 3.8
     SHA-256  . . . . . : EDC48416BF17933E73F73C82B2E31F27C9A937389BFB18FC56871C29730D2B04
   > G Data . . . . . . : Trojan.Generic.7743326
   > Ikarus . . . . . . : Backdoor.Win32.ZAccess!IK
     Fuzzy  . . . . . . : 117.0
     Forensic Cluster
        -9.8s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -9.8s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -7.8s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -7.1s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -7.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -6.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
        -5.7s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
        -4.2s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
        -4.2s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
        -0.0s C:\$Recycle.Bin\S-1-5-18\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
        -0.0s C:\Windows\assembly\gac_64\Desktop.ini
         0.0s C:\Windows\assembly\gac_32\Desktop.ini
         0.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
        23.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        36.8s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        37.1s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        39.9s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        40.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        45.7s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        49.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        49.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01

  C:\Windows\assembly\gac_64\Desktop.ini -> Quarantined
     Size . . . . . . . : 6.144 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:55:51)
     Entropy  . . . . . : 3.6
     SHA-256  . . . . . : 2D5832D2CE829B0C4B2BB45CAC4F691423AC8E685F3ADE7BC8941AB1CCA538B5
   > G Data . . . . . . : Trojan.Generic.7700709
   > Ikarus . . . . . . : Trojan.Win64!IK
     Fuzzy  . . . . . . : 117.0
     Forensic Cluster
        -9.8s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
        -9.8s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
        -7.8s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
        -7.1s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
        -7.0s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
        -6.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
        -5.7s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
        -5.7s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
        -4.2s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
        -4.2s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
        -0.0s C:\$Recycle.Bin\S-1-5-18\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
        -0.0s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
         0.0s C:\Windows\assembly\gac_64\Desktop.ini
         0.0s C:\Windows\assembly\gac_32\Desktop.ini
         0.3s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        15.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        15.9s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
        18.6s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
        18.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
        23.1s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        36.8s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        37.1s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        39.9s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        40.2s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        45.7s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        49.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        49.2s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01


Suspicious files ____________________________________________________________

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll
     Size . . . . . . . : 949.613 bytes
     Age  . . . . . . . : 182.8 days (2012-11-10 17:24:40)
     Entropy  . . . . . : 7.6
     SHA-256  . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0
     Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll
     Size . . . . . . . : 959.376 bytes
     Age  . . . . . . . : 74.8 days (2013-02-26 15:59:48)
     Entropy  . . . . . : 7.6
     SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
     RSA Key Size . . . : 2048
     Authenticode . . . : Valid
     Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
     Size . . . . . . . : 959.376 bytes
     Age  . . . . . . . : 17.6 days (2013-04-24 21:45:37)
     Entropy  . . . . . : 7.6
     SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
     RSA Key Size . . . : 2048
     Authenticode . . . : Valid
     Fuzzy  . . . . . . : 23.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
     Size . . . . . . . : 959.376 bytes
     Age  . . . . . . . : 183.6 days (2012-11-09 21:08:00)
     Entropy  . . . . . : 7.6
     SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
     RSA Key Size . . . : 2048
     Authenticode . . . : Valid
     Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
     Size . . . . . . . : 137.992 bytes
     Age  . . . . . . . : 183.6 days (2012-11-09 21:08:22)
     Entropy  . . . . . : 7.8
     SHA-256  . . . . . : 21A3D2E3A063EA2F986EF1BAFD1A71F7FC9EDB3F69E0265E51A18DBC111084F1
     RSA Key Size . . . : 2048
     Authenticode . . . : Valid
     Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BLR\pb\pbcl.dll
     Size . . . . . . . : 949.190 bytes
     Age  . . . . . . . : 112.6 days (2013-01-19 21:04:15)
     Entropy  . . . . . : 7.6
     SHA-256  . . . . . : DAF43E93528BEEECC015FA98D6EE6D6FD6D19A049321E47A65665144E4511F41
     Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\Marco.Marcos-PC\AppData\Local\PunkBuster\BLR\pb\PnkBstrK.sys
     Size . . . . . . . : 140.360 bytes
     Age  . . . . . . . : 112.6 days (2013-01-19 21:04:26)
     Entropy  . . . . . : 7.8
     SHA-256  . . . . . : 0F41B3843E2D2D1BB1ACF8B7CAA293309CC1CF8CF478B1AC86DD6BB214928DC4
     RSA Key Size . . . : 2048
     Authenticode . . . : Valid
     Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
     Size . . . . . . . : 62.976 bytes
     Age  . . . . . . . : 0.0 days (2013-05-12 10:55:41)
     Entropy  . . . . . : 7.1
     SHA-256  . . . . . : 66C1E15DEAD761C9790A083B027DD134BBD2515DBEE54FE173FD9819272D951C
     Fuzzy  . . . . . . : 23.0
        The hidden file attribute bit is set. This is not common to most programs.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Uses the Windows Registry to run each time the user logs on.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program starts automatically without user intervention.
        Time indicates that the file appeared recently on this computer.
        Program contains PE structure anomalies. This is not typical for most programs.
     Startup
        HKU\S-1-5-21-1855381489-1449304910-2271455802-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Windows Manager
     Forensic Cluster
        -0.0s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\
         0.0s C:\Users\Marco.Marcos-PC\M-3950-5949-8593-3948\winmgr.exe
         2.0s C:\Users\Marco.Marcos-PC\AppData\Roaming\winsvcna.txt
         2.7s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\6829803844.exe
         2.8s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$R28AFB608
         3.3s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\2\05\05E1Ed01
         4.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\
         4.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\
         4.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\
         4.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@
         4.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\n
         4.1s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\InstallFlashPlayer.exe
         4.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$RA49A1934
         5.6s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$I28AFB608
         5.6s C:\Users\Marco.Marcos-PC\AppData\Local\Temp\15FF.tmp
         9.8s C:\$Recycle.Bin\S-1-5-18\
         9.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\
         9.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\
         9.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@
         9.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\
         9.8s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\n
         9.8s C:\Windows\assembly\gac_64\Desktop.ini
         9.8s C:\Windows\assembly\gac_32\Desktop.ini
        10.1s C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$IA49A1934
        25.4s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@
        25.4s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@
        25.4s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@
        25.7s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000000.@
        28.4s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000032.@
        28.5s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\80000064.@
        28.5s C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@
        32.9s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\1\41\A2A35d01
        46.6s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\incalladwidget[2].htm
        46.9s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\index-b7304d2291ffbd00555d74590ccfa04a.min[1].js
        49.7s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\thumbnails\7b596b88b849c5a64a66ff6fd4fc1633.png
        50.0s C:\Users\Marco.Marcos-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0J13OBCF\ads-in-client[2].js
        55.5s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\startupCache\startupCache.4.little
        59.0s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\
        59.0s C:\Users\Marco.Marcos-PC\AppData\Local\Mozilla\Firefox\Profiles\c7isuqlk.default\Cache\0\E2\7D487d01


Malware remnants ____________________________________________________________

  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-18\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\L\00000004.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000004.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\00000008.@ (ZeroAccess) -> Deleted
  C:\$Recycle.Bin\S-1-5-21-1855381489-1449304910-2271455802-1000\$a3a5dff2beec6f70883664bf297a197f\U\000000cb.@ (ZeroAccess) -> Deleted

12 mei 2013

Hallo,

Ik heb weer eens het politie virus. Ik heb mijn pc geprobeerd op te starten in veilige modus met netwerkmogelijkheden maar dan sluit de pc zichzelf automatisch af, wat moet ik doen??

Alvast heel erg bedankt

Marco

22 januari 2013

Hallo,

Ik heb een normale pc met een beeldscherm maar ik heb ook een kleine laptop. Zou ik het scherm van mijn laptop aan mij pc kunnen koppelen? Alvast bedankt

1 oktober 2012

Ok bedankt

Ja klopt maar met een samenstelling moet je het er voor 99 euro bijkopen

1 oktober 2012

Hallo,

Ik ga een nieuwe pc kopen en heb momenteel een oude laptop waar wel Windows 7 op staat. Kan ik dan Windows 7 van mijn oude laptop afhalen en het op die andere PC installeren?

Alvast bedankt

30 september 2012

Ok, heel erg bedankt. Ik kan hier zeker wat mee!!

30 september 2012

Hallo,

Waarvoor heb ik een PC nodig ?

Gamen

Wat is mijn budget ?

1150

Een merkcomputer of een samenstelling?

Samenstelling

Ga ik overklokken ?

Niet zolang ik garantie heb.

Ga ik later upgraden ?

Ja over een jaartje of 3-4

Heb ik al die nieuwe functies wel nodig?

Ja, die heb ik nodig

Ga ik zelf assembleren?

Nee

Heb ik een besturingssysteem nodig ?

Ja Windows 7 Home Premium

Ga ik zelf installeren ?

Nee ga ik niet zelf doen

Heb ik een voorkeur aan onderdelen ?

Nee niet echt.

Heb ik nog randapparatuur nodig ?

Ja, Netwerk kaart, speakers, monitor, wireless toetsenbord en muis en een cardreader.

Heb ik specifieke wensen ?

Hij moet, WoW en andere zware spellen op max kunnen draaien, en als het binnen mijn budget kan ook een stille pc, maar hoeft niet.

Woont u in Nederland of België, wil u bestellen bij een specifieke (web)winkel?

Geen specifieke webwinkel, woon in Nederland.

Inloggen

Mango

Items

Registratiedatum

Laatst bezocht

Inhoudstype

Profielen

Forums

Store

Berichten die geplaatst zijn door Mango

Harde schijf bijsteken

Harde schijf bijsteken

Harde schijf bijsteken

Harde schijf bijsteken

Harde schijf bijsteken

Politie virus

Politie virus

Politie virus

Politie virus

Politie virus

Laptop scherm aan pc scherm vast maken

Windows vraag

Windows vraag

Aankoop nieuwe Game PC

Aankoop nieuwe Game PC

OVER ONS

SITEMAP

Home

Info

Handleidingen & Tips

Activiteit

Belangrijke informatie