didierbank1
-
Items
58 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door didierbank1
-
-
Ja er staat nog software van mijn printer op mijn computer
-
.....
Weet iemand misschien hoe ik mijn probleem kan oplossen ?
ik weet niet hoe ik dit kan oplossen.
-
euh.. er zijn nog 'openstaande vragen' in mijn vorige post.. (en idd: je printertype had je al verteld
)Ik heb een tijdje geleden de printer van mijn computer verwijderd, maar kan nu niet meer via de cd rom de printer installeren.
-
IK heb windows xp sp3, welke printer dat staat boven mijn berichtje hp psc 1215 al in one. Het is een printer met kabel usb. Er zit inderdaad een printerwerk set in
D. Bank
-
Goedemiddag,
Sinds een hele tijd werkt mijn printer niet meer. Als ik een afdruk wil maken, krijg ik de melding (systeemfout). Ik heb de stekker eruit getrokken.
De kabels eruit en erin gestopt, dus ik weet het ook niet meer. De cartridgen zitten er al een tijd in, ik weet niet of dit ook met het probleem te maken kan hebben, ze zullen inmiddels wel uitgedroogd zijn.
Mvg,
D. Bank
-
Voor die printer kan je inderdaad beter een nieuw topic openen bij "hardware" ;-)
In iedergeval harstikke bedankt voor alle hulp die je mij hebt gegeven.
Mvg,
D. Bank
-
Het geheugenverbruik van Firefox is absoluut normaal. Met enkele openstaande tabbladen ga je zeker een eind hoger, maar dat is geen probleem. Ook de aanwezigheid van verschillende versies van svchost.exe is logisch. Al deze verschillende meldingen van svchost.exe bevatten een pakket van verschillende uitvoerbare taken. Geen enkele is identiek en elk heeft zijn eigen functie. Ook dat is volstrekt normaal.
Op grond van een algemeen overzicht van dit topic, vraag ik me nu af of er nog ergens virus- of andere ongewenste meldingen komen opduiken ? Dat zou me sterk verbazen, maar je weet uiteraard nooit. Daar kan jij alleen een afdoend antwoord op geven ?
Ik denk dat er geen malware meer is op mijn computer, wat nog wel een groot probleem is is dat programma's heel traag opstarten ook het internet.
Een ander probleem dat ik al een hele tijd heb is dat mijn printer niets meer uitprint, ik krijg dan een foutcode. Ik denk dat ik voor de printer een nieuw topic moet openen.
-
Goedeavond,
Allereerst alvast bedankt voor de vele hulp die je me gegeven hebt bij het oplossen van diverse problemen.
Ik heb nog een andere vraag. Als ik fire fox opstart en ik kijk in windows taakbeheer geeft hij een geheugen verbruik aan van 212.500 kb aan. Dit is erg veel, hoe zou dat kunnen komen en hoe verminder je het geheugen verbruik hiervoor ? Ook staat svchost.exe 7 keer in windows taakbeheer.
Mvg,
D. Bank
-
Zoek.exe v5.0.0.0 Updated 22-Januari-2014
Tool run by Barbie on do 23-01-2014 at 21:12:11,43.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2013-12-19-195331.log 38683 bytes
C:\zoek-results2014-01-15-130053.log 98305 bytes
C:\zoek-results2014-01-15-201622.log 82806 bytes
C:\zoek-results2014-01-15-212726.log 7205 bytes
C:\zoek-results2014-01-22-155324.log 950 bytes
==== Deleting Files \ Folders ======================
C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046\extensions\jid1-yZwVFzbsyfMrqQ@jetpack deleted
==== C:\zoek_backup content ======================
C:\zoek_backup (files=77 folders=31 1187498 bytes)
==== EOF on do 23-01-2014 at 21:17:45,85 ======================
-
Zoek.exe v5.0.0.0 Updated 20-Januari-2014
Tool run by Barbie on wo 22-01-2014 at 16:50:44,78.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2013-12-19-195331.log 38683 bytes
C:\zoek-results2014-01-15-130053.log 98305 bytes
C:\zoek-results2014-01-15-201622.log 82806 bytes
C:\zoek-results2014-01-15-212726.log 7205 bytes
==== Deleting Files \ Folders ======================
"C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\extensions\twoo@twoo.com.xpi" not found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=73 folders=29 1186864 bytes)
==== EOF on wo 22-01-2014 at 16:53:24,07 ======================
-
Ik weet niet precies hoe ik dit moet doen, daar heb ik te weinig kennis voor. Internet start heel traag op, ik moet 1 a 2 minuten wachten voor internet opgestart is, ook programma's starten traag op. Ik heb al schijf opruiming op de c schijf en gedefragmenteerd gedaan, maar ik zie nog geen goed effect. malwarebite scan gedaan had niets gevonden. Kun je me hier advies over geven wat te doen. Bijvoorbeeld programma's die met het opstarten van de computer meegaan maar niet horen te doen ? misschien dat een aantal instellingen in mijn computer niet goed staan. Het lijkt echt een probleem van firefox te zijn denk ik, want bij google chrome kan ik wel youtube filmpjes bekijken.
-
Voor zoek exe en rsit was mijn computer erg traag, dat is nu verholpen, waar ik al een tijdje wel problemen mee heb is:
Als ik youtube filmpjes wil bekijken in mozilla fire fox kan ik geen filmpjes bekijken omdat ik een melding krijg dat ik de flasplayer moet downloaden en problemen met pluggins. Als ik deze wil updaten lukt dat niet. Met google chrome kan ik wel youtube filmpjes bekijken. Het andere probleem is misschien dat ik toen ik zoekexe starten kreeg ik de melding dat dit geen geldige win 32 toepassing was.
-
Hier volgt het 2e bericht, ik heb echter een fout gemaakt. Ik ben vergeten aut.cleaning in te vullen in het start exe venster. Onder dit logje staat een 3e logje waar die tekst van aut.cleaning wel heb ingevuld.
Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Barbie on wo 15-01-2014 at 20:22:39,39.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [scan all users] [Deep Scan] [Auto Clean]
==== Older Logs ======================
C:\zoek-results2013-12-19-195331.log 38683 bytes
C:\zoek-results2014-01-15-130053.log 98305 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Thomson\TG122n\WlanCU.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Documents and Settings\Barbie\daemonprocess.txt deleted
C:\Documents and Settings\Barbie\.android deleted
C:\Program Files\ARO 2013 deleted
C:\Program Files\Wondershare deleted
C:\Documents and Settings\Barbie\Application Data\Uniblue deleted
C:\Documents and Settings\Barbie\Local Settings\Application Data\cache deleted
C:\Documents and Settings\All Users\Menu Start\Programma's\Uniblue deleted
C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader deleted
C:\WINDOWS\reimage.ini deleted
C:\WINDOWS\system32\sasnative32.exe deleted
C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\jetpack deleted
C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk deleted
"C:\Documents and Settings\Barbie\Application Data\IObit" deleted
==== System Specs ======================
Windows: Windows XP Professional Service Pack 3 (Build 2600)
Memory (RAM): 1016 MB
CPU Info: Intel® Pentium® 4 CPU 2.80GHz
CPU Speed: 2834,1 MHz
Sound Card: HD Audio-opbouw |
Display Adapters: Intel® 82945G Express Chipset Family | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Plug en Play-monitor |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Broadcom NetXtreme Gigabit Ethernet
CD / DVD Drives: 1x (D: | ) D: ASUS DRW-2014S1
Ports: COM1 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 37,3GB | F: 1863,0GB
Hard Disks - Free: C: 12,6GB | F: 121,4GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 05/18/05 | COMPAQ - 20050518
Time Zone: West-Europa (standaardtijd)
Motherboard *: Hewlett-Packard 09F8h
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: avast! Antivirus On-access scanning disabled (Updated)
Default Browser: Firefox 26.0
Internet Explorer version: 8.0.6001.18702
Mozilla Firefox version: 26.0 (x86 en-US)
Google Chrome version: 31.0.1650.63
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Shockwave Player version: 12.0.5r146
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
2014-01-13 22:36:48 58D3BB05EA7B08BD8B636A7D813B1C71 32288 ----a-w- C:\WINDOWS\SchedLgU.Txt
2014-01-01 19:10:28 A283E768FA12EF33087F07B01F82D6DD 181064 ----a-w- C:\WINDOWS\PSEXESVC.EXE
2013-12-26 23:05:25 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
2013-12-26 23:05:23 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
2013-12-26 23:05:21 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
2013-12-26 23:05:20 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
2013-12-26 23:05:19 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
====== C:\WINDOWS\TEMP ====
2014-01-13 21:04:51 F2674FB523211B8D2F1C75CC7654E0FB 1930728 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\VFSW1389647091\SWVFSetup_x32.exe
2014-01-12 22:00:03 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\install_flashplayer11x32_mssa_aaa_aih_2.exe
2014-01-12 21:59:26 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\install_flashplayer11x32_mssa_aaa_aih_1.exe
2014-01-12 21:59:10 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
2014-01-12 21:46:51 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\fp_pl_pfs_installer-1.exe
2014-01-08 17:56:37 CD8D98FF4A4D862674C5FAA8D570E6C6 1892352 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\nsv3\Helper.dll
2014-01-08 13:26:14 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\x86\regsvr32.exe
2014-01-08 13:26:14 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\x64\regsvr32.exe
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2014-01-15 15:23:07 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\System32\bootdelete.exe
2014-01-15 15:23:07 3982FED5B30B565F68859841836C2894 268 ----a-w- C:\WINDOWS\System32\bootdelete.lst
2014-01-11 11:53:31 55CEF8FE478E41C8EBCF7B27AF991A3F 18968 ----a-w- C:\WINDOWS\System32\sdnclean.exe
2014-01-10 23:09:44 3596A8EBFACFBD48E756B9E9C7955B03 1202 ----a-w- C:\WINDOWS\System32\.crusader
2014-01-10 19:56:09 CC1EA61F70BA631C0801AA152559182F 32256 ----a-w- C:\WINDOWS\System32\rundll32.ex
2014-01-07 00:28:49 CBF36A1D95A3CD642CF72BEEB601932F 214256 ----a-w- C:\WINDOWS\System32\muweb.dll
2014-01-06 00:01:17 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\System32\reimage.rep
2014-01-05 23:41:55 5F6E2456B2A0D75CFB2B238869575FF2 9216 ----a-w- C:\WINDOWS\System32\Native.exe
====== C:\WINDOWS\system32\drivers =====
2014-01-14 20:25:49 4A5FFDF0FE830C448830BD4B02B02B4B 35144 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-01-13 20:42:17 A1DF98A9055B8D5685D011D89FFE6AB9 29576 ----a-w- C:\WINDOWS\System32\drivers\kcom.sys
2014-01-13 20:42:17 3D8A88BD1E6A640807691198A8342E8C 42376 ----a-w- C:\WINDOWS\System32\drivers\ikfilesec.sys
2014-01-13 20:42:17 2402F65F1ECA5159C8F0F16066F4BDED 81288 ----a-w- C:\WINDOWS\System32\drivers\iksyssec.sys
2014-01-13 20:42:16 7583E2211097D273FCA4E3FCE04F639F 66952 ----a-w- C:\WINDOWS\System32\drivers\iksysflt.sys
2014-01-07 19:23:13 5B131ED45BE8F8803F977CC32125EA37 30504 ----a-w- C:\WINDOWS\System32\drivers\DrvAgent32.sys
2013-12-20 22:53:24 093913A016845FE257ED9B7FC8E28ED8 12928 ----a-w- C:\WINDOWS\System32\drivers\filedisk.sys
2013-12-18 16:11:07 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
2014-01-05 19:56:28 6C70A3F581CFA47578836AAA54F79B2F 230 ----a-w- C:\WINDOWS\Tasks\ARO 2013.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-01-13 20:42:03 -------- d-----w- C:\Program Files\Spyware Doctor
2014-01-12 20:33:30 -------- d-----w- C:\Program Files\Microsoft Silverlight
2014-01-10 21:35:15 -------- d-----w- C:\Program Files\HitmanPro
2014-01-09 20:18:04 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-01-05 23:29:35 -------- d-----w- C:\Program Files\Reimage
2014-01-04 17:05:57 -------- d-----w- C:\Program Files\MP3Gain
2014-01-01 16:57:12 -------- d-----w- C:\Program Files\WinZip System Utilities Suite
2013-12-29 11:14:54 -------- d-----w- C:\Program Files\Microsoft
2013-12-29 10:30:01 -------- d-----w- C:\Program Files\Tweaking.com
2013-12-26 21:41:28 -------- d-----w- C:\Program Files\Uniblue
2013-12-23 17:23:01 -------- d-----w- C:\Program Files\ESET
2013-12-19 17:09:33 -------- d-----w- C:\Program Files\trend micro
2013-12-18 13:54:06 -------- d-----w- C:\Program Files\JAM Software
2013-12-17 23:27:47 -------- d-----w- C:\Program Files\Defraggler
======= C: =====
2014-01-01 12:51:33 BE0EE69FC96E1413F282A24B96F650F5 40 ----a-w- C:\WFCNAME.INI
====== C:\Documents and Settings\Barbie\Application Data ======
2014-01-14 05:45:59 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mozilla
2014-01-14 05:45:59 -------- d-----w- C:\Documents and Settings\NetworkService\Application Data\Mozilla
2014-01-13 20:42:03 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PC Tools
2014-01-10 20:25:21 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\Trend Micro
2014-01-04 17:06:01 -------- d-----w- C:\Documents and Settings\Barbie\Menu Start\Programma's\MP3Gain
2014-01-01 21:20:12 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\WinZip
2014-01-01 20:22:27 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\ICAClient
2014-01-01 19:56:46 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\WMTools Downloaded Files
2014-01-01 18:58:42 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PC MightyMax File Extension Repair
2013-12-29 11:01:41 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\ErrorTeck
2013-12-24 16:45:47 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\SUPERAntiSpyware.com
2013-12-20 22:45:58 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\Nico Mak Computing
2013-12-18 13:54:19 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\JAM Software
====== C:\Documents and Settings\Barbie ======
2014-01-15 15:26:32 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend
2014-01-14 19:50:54 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT(1).exe
2014-01-14 05:46:02 -------- d-----r- C:\Documents and Settings\NetworkService\Favorieten
2014-01-01 19:38:42 -------- d-sh--w- C:\Documents and Settings\Default User\Cookies
2014-01-01 18:58:21 -------- d-----w- C:\Documents and Settings\Barbie\WINDOWS
2013-12-28 12:01:00 -------- d-sh--w- C:\Documents and Settings\LocalService\Cookies
2013-12-27 23:40:48 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
2013-12-26 21:46:27 -------- d-----w- C:\Documents and Settings\Barbie\SyncFolder
====== C: exe-files ==
2014-01-14 19:50:54 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT(1).exe
2014-01-13 21:04:51 F2674FB523211B8D2F1C75CC7654E0FB 1930728 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\VFSW1389647091\SWVFSetup_x32.exe
2014-01-12 22:00:03 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\install_flashplayer11x32_mssa_aaa_aih_2.exe
2014-01-12 21:59:26 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\install_flashplayer11x32_mssa_aaa_aih_1.exe
2014-01-12 21:59:10 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\install_flashplayer11x32_mssa_aaa_aih.exe
2014-01-12 21:58:33 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe
2014-01-12 21:46:51 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\fp_pl_pfs_installer-1.exe
2014-01-12 20:45:22 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\adwcleaner(1).exe
2014-01-11 21:01:47 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\esetsmartinstaller_enu.exe
2014-01-10 23:26:01 C38ECB679347C514F8DCBC2A76FF1D33 4689480 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\avast_free_antivirus_setup_online.exe
2014-01-10 22:45:55 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\MicrosoftFixit.IEPerformance.LB.37312821000302438.3.1.Run.exe
2014-01-10 22:04:31 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\WSCTool.exe
2014-01-10 22:04:30 89D579ED4281BF0BC35BFE2E540A6A60 334600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\TmSetACL.exe
2014-01-10 22:04:28 D39AF5D6F218ECE870A0A9C8118193E0 215632 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\InstallSettingMigrate.exe
2014-01-10 22:04:28 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\TiPreAU.exe
2014-01-10 22:04:28 4C6E7BE1DFA0752E93EC43E337EB9EAB 2529072 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\TisEzIns.exe
2014-01-10 22:04:28 40A54D274FA889BD409D2F559B7A3D52 613760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\InstallUCWrapper.exe
2014-01-10 22:04:14 F43138A55D640FF74B8341AC7DF3EFC0 241888 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\TMSToolEx.exe
2014-01-10 22:04:14 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\WSCTool.exe
2014-01-10 22:04:11 AF1B9229AEA1B158ECB116D9AF479E2E 3868048 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\SupportTool.exe
2014-01-10 22:04:04 ED4797AAD9F69771504045D210D98B4B 2139232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\setup.exe
2014-01-10 22:03:15 D50A0D27158946CDC446373A76C1B5AE 240376 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2014-01-10 22:03:15 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2014-01-10 22:03:14 F2AC14C890B3A514D1FDAA1E6C65F8A6 667832 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2014-01-10 22:03:13 E70B486367F56C350D276D4479554316 498624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2014-01-10 22:03:13 B553217AED0FD828C6AFD7951BAA46AD 136600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2014-01-10 22:03:13 0B72072A84DF9B8AE84DBE06FCA34561 1510896 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2014-01-10 22:03:12 384EDA11B4AD201AA069D1F131D3F3F8 293936 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2014-01-10 22:03:12 06C345E350D1B8F02BD7C322CD275532 1152168 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2014-01-10 22:03:11 E8536B70DDB3F5213CDA6862D577EB97 44152 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2014-01-10 22:03:11 30E6AFDE10AFF77EDA92EC418449D1CF 1712728 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1785v0.0.0l1p1r1o1\TMDC\TMDC.exe
2014-01-10 22:03:10 E4127611343EE9BFBA029A6DDACE1FFC 71456 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2014-01-10 22:03:10 D139DAC7F146E431C895E652F387F731 254296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2014-01-10 22:03:10 B38A152FFC86D84010FA3559B7CEE059 517952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2014-01-10 22:03:10 ADE64494B308AF69A9DC7F9D75D461F3 254808 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2014-01-10 22:03:10 6B2F4AE92F05D46D6BF565C1F0B84B23 506104 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2014-01-10 22:03:10 3DD86118E6D0E7DC6D3E65B1ABA8066C 309392 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2014-01-10 22:03:10 37A305172ECA6EA2E8EDCADA0456E978 563272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2014-01-10 22:03:10 170946A0B63022338D0C090BC530A60A 36960 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2014-01-10 22:03:09 E465B93767BECF1548A41EB82970BC41 223360 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2014-01-10 22:03:09 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiPreAU.exe
2014-01-10 22:03:08 3B96C0CBA50FC3F0ED93385053494A08 367584 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2014-01-10 22:03:06 B806DABC0BA505EFE3A4DD8DAB55D5A9 3893816 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\RescueHelper.exe
2014-01-10 22:03:05 E96D8D7908B5F831B3DB4913E752E7B5 136616 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2014-01-10 22:03:05 D220C57FE5CBD1AA6D57DCF7E7C92243 69408 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2014-01-10 22:03:05 94D181DCB8D92FC91BCAA58C0BC1A668 990752 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2014-01-10 22:01:31 BE8F5D0947473CBEEB079B1AD56519A7 210760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\utilRollback.exe
2014-01-10 22:01:31 A640306D84D986E40256ADCBA9A9F5A2 54296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmopHookMgrHelper32.exe
2014-01-10 22:01:30 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 22:01:30 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 22:01:30 9CBB60256F66291E8199660F4CEFD7D9 226328 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\TmopExtIns.exe
2014-01-10 22:01:30 81BCE194CBA3147CB2BBABD489C6ABCB 120856 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2014-01-10 22:01:30 6DF2A0656058A87DD0816E1BAF38B206 25624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.7.1008\DREBoot.exe
2014-01-10 22:01:29 F0256DB33C5B7BF4251DE5290F9892F0 14872 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959864l1p1r1o1\2.0.1080\CheckUI.exe
2014-01-10 22:01:29 2DB42306C5F07D3619C875959E50E52C 287256 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\coreServiceShell.exe
2014-01-10 21:33:17 27016D36B811E97BDADABF46204FDF92 9452704 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\hitmanpro.exe
2014-01-10 20:29:03 D39AF5D6F218ECE870A0A9C8118193E0 215632 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\InstallSettingMigrate.exe
2014-01-10 20:29:03 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\TiPreAU.exe
2014-01-10 20:29:03 89D579ED4281BF0BC35BFE2E540A6A60 334600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\TmSetACL.exe
2014-01-10 20:29:03 4C6E7BE1DFA0752E93EC43E337EB9EAB 2529072 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\TisEzIns.exe
2014-01-10 20:29:03 40A54D274FA889BD409D2F559B7A3D52 613760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\InstallUCWrapper.exe
2014-01-10 20:29:03 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\WSCTool.exe
2014-01-10 20:28:59 F43138A55D640FF74B8341AC7DF3EFC0 241888 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\TMSToolEx.exe
2014-01-10 20:28:59 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\WSCTool.exe
2014-01-10 20:28:58 AF1B9229AEA1B158ECB116D9AF479E2E 3868048 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\SupportTool.exe
2014-01-10 20:28:54 ED4797AAD9F69771504045D210D98B4B 2139232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\setup.exe
2014-01-10 20:28:37 F2AC14C890B3A514D1FDAA1E6C65F8A6 667832 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2014-01-10 20:28:37 E70B486367F56C350D276D4479554316 498624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2014-01-10 20:28:37 D50A0D27158946CDC446373A76C1B5AE 240376 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2014-01-10 20:28:37 B553217AED0FD828C6AFD7951BAA46AD 136600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2014-01-10 20:28:37 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2014-01-10 20:28:37 0B72072A84DF9B8AE84DBE06FCA34561 1510896 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2014-01-10 20:28:37 06C345E350D1B8F02BD7C322CD275532 1152168 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2014-01-10 20:28:36 E8536B70DDB3F5213CDA6862D577EB97 44152 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2014-01-10 20:28:36 E465B93767BECF1548A41EB82970BC41 223360 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2014-01-10 20:28:36 E4127611343EE9BFBA029A6DDACE1FFC 71456 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2014-01-10 20:28:36 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiPreAU.exe
2014-01-10 20:28:36 D139DAC7F146E431C895E652F387F731 254296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2014-01-10 20:28:36 B38A152FFC86D84010FA3559B7CEE059 517952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2014-01-10 20:28:36 ADE64494B308AF69A9DC7F9D75D461F3 254808 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2014-01-10 20:28:36 6B2F4AE92F05D46D6BF565C1F0B84B23 506104 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2014-01-10 20:28:36 3DD86118E6D0E7DC6D3E65B1ABA8066C 309392 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2014-01-10 20:28:36 3B96C0CBA50FC3F0ED93385053494A08 367584 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2014-01-10 20:28:36 384EDA11B4AD201AA069D1F131D3F3F8 293936 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2014-01-10 20:28:36 37A305172ECA6EA2E8EDCADA0456E978 563272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2014-01-10 20:28:36 30E6AFDE10AFF77EDA92EC418449D1CF 1712728 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1785v0.0.0l1p1r1o1\TMDC\TMDC.exe
2014-01-10 20:28:36 170946A0B63022338D0C090BC530A60A 36960 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2014-01-10 20:28:35 E96D8D7908B5F831B3DB4913E752E7B5 136616 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2014-01-10 20:28:35 D220C57FE5CBD1AA6D57DCF7E7C92243 69408 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2014-01-10 20:28:35 B806DABC0BA505EFE3A4DD8DAB55D5A9 3893816 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\RescueHelper.exe
2014-01-10 20:28:35 94D181DCB8D92FC91BCAA58C0BC1A668 990752 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2014-01-10 20:28:01 F0256DB33C5B7BF4251DE5290F9892F0 14872 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959864l1p1r1o1\2.0.1080\CheckUI.exe
2014-01-10 20:28:01 BE8F5D0947473CBEEB079B1AD56519A7 210760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\utilRollback.exe
2014-01-10 20:28:01 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:28:01 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:28:01 A640306D84D986E40256ADCBA9A9F5A2 54296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmopHookMgrHelper32.exe
2014-01-10 20:28:01 9CBB60256F66291E8199660F4CEFD7D9 226328 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\TmopExtIns.exe
2014-01-10 20:28:01 81BCE194CBA3147CB2BBABD489C6ABCB 120856 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2014-01-10 20:28:01 6DF2A0656058A87DD0816E1BAF38B206 25624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.7.1008\DREBoot.exe
2014-01-10 20:28:01 2DB42306C5F07D3619C875959E50E52C 287256 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\coreServiceShell.exe
2014-01-10 20:23:13 89D579ED4281BF0BC35BFE2E540A6A60 334600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\TmSetACL.exe
2014-01-10 20:23:13 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\WSCTool.exe
2014-01-10 20:23:12 D39AF5D6F218ECE870A0A9C8118193E0 215632 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\InstallSettingMigrate.exe
2014-01-10 20:23:12 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\TiPreAU.exe
2014-01-10 20:23:12 4C6E7BE1DFA0752E93EC43E337EB9EAB 2529072 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\TisEzIns.exe
2014-01-10 20:23:12 40A54D274FA889BD409D2F559B7A3D52 613760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\InstallUCWrapper.exe
2014-01-10 20:23:06 F43138A55D640FF74B8341AC7DF3EFC0 241888 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\TMSToolEx.exe
2014-01-10 20:23:06 AF1B9229AEA1B158ECB116D9AF479E2E 3868048 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\SupportTool.exe
2014-01-10 20:23:06 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\WSCTool.exe
2014-01-10 20:23:04 ED4797AAD9F69771504045D210D98B4B 2139232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\setup.exe
2014-01-10 20:22:38 F2AC14C890B3A514D1FDAA1E6C65F8A6 667832 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2014-01-10 20:22:38 D50A0D27158946CDC446373A76C1B5AE 240376 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2014-01-10 20:22:38 B553217AED0FD828C6AFD7951BAA46AD 136600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2014-01-10 20:22:38 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2014-01-10 20:22:38 0B72072A84DF9B8AE84DBE06FCA34561 1510896 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2014-01-10 20:22:37 E8536B70DDB3F5213CDA6862D577EB97 44152 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2014-01-10 20:22:37 E70B486367F56C350D276D4479554316 498624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2014-01-10 20:22:37 D139DAC7F146E431C895E652F387F731 254296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2014-01-10 20:22:37 B38A152FFC86D84010FA3559B7CEE059 517952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2014-01-10 20:22:37 384EDA11B4AD201AA069D1F131D3F3F8 293936 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2014-01-10 20:22:37 30E6AFDE10AFF77EDA92EC418449D1CF 1712728 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1785v0.0.0l1p1r1o1\TMDC\TMDC.exe
2014-01-10 20:22:37 170946A0B63022338D0C090BC530A60A 36960 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2014-01-10 20:22:37 06C345E350D1B8F02BD7C322CD275532 1152168 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2014-01-10 20:22:36 E465B93767BECF1548A41EB82970BC41 223360 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2014-01-10 20:22:36 E4127611343EE9BFBA029A6DDACE1FFC 71456 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2014-01-10 20:22:36 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiPreAU.exe
2014-01-10 20:22:36 ADE64494B308AF69A9DC7F9D75D461F3 254808 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2014-01-10 20:22:36 6B2F4AE92F05D46D6BF565C1F0B84B23 506104 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2014-01-10 20:22:36 3DD86118E6D0E7DC6D3E65B1ABA8066C 309392 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2014-01-10 20:22:36 3B96C0CBA50FC3F0ED93385053494A08 367584 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2014-01-10 20:22:36 37A305172ECA6EA2E8EDCADA0456E978 563272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2014-01-10 20:22:35 E96D8D7908B5F831B3DB4913E752E7B5 136616 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2014-01-10 20:22:35 D220C57FE5CBD1AA6D57DCF7E7C92243 69408 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2014-01-10 20:22:35 B806DABC0BA505EFE3A4DD8DAB55D5A9 3893816 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\RescueHelper.exe
2014-01-10 20:22:35 94D181DCB8D92FC91BCAA58C0BC1A668 990752 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2014-01-10 20:21:59 BE8F5D0947473CBEEB079B1AD56519A7 210760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\utilRollback.exe
2014-01-10 20:21:59 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:21:59 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:21:59 A640306D84D986E40256ADCBA9A9F5A2 54296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmopHookMgrHelper32.exe
2014-01-10 20:21:59 9CBB60256F66291E8199660F4CEFD7D9 226328 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\TmopExtIns.exe
2014-01-10 20:21:59 81BCE194CBA3147CB2BBABD489C6ABCB 120856 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2014-01-10 20:21:58 F0256DB33C5B7BF4251DE5290F9892F0 14872 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959864l1p1r1o1\2.0.1080\CheckUI.exe
2014-01-10 20:21:58 6DF2A0656058A87DD0816E1BAF38B206 25624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.7.1008\DREBoot.exe
2014-01-10 20:21:58 2DB42306C5F07D3619C875959E50E52C 287256 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\coreServiceShell.exe
=== C: other files ==
2014-01-14 20:25:49 4A5FFDF0FE830C448830BD4B02B02B4B 35144 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-01-13 20:42:19 9E9E5990D20192324D6D65712FE9589E 218504 ----a-w- C:\Program Files\Spyware Doctor\NetworkLayer\pctfw2.sys
2014-01-13 20:42:17 A1DF98A9055B8D5685D011D89FFE6AB9 29576 ----a-w- C:\WINDOWS\system32\drivers\kcom.sys
2014-01-13 20:42:17 3D8A88BD1E6A640807691198A8342E8C 42376 ----a-w- C:\WINDOWS\system32\drivers\ikfilesec.sys
2014-01-13 20:42:17 2402F65F1ECA5159C8F0F16066F4BDED 81288 ----a-w- C:\WINDOWS\system32\drivers\iksyssec.sys
2014-01-13 20:42:16 7583E2211097D273FCA4E3FCE04F639F 66952 ----a-w- C:\WINDOWS\system32\drivers\iksysflt.sys
2014-01-12 16:46:35 D94E393EEE12EAADED790D8085C1A554 411922 ----a-w- C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\extensions\twoo@twoo.com.xpi
2014-01-10 22:04:10 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_processes_list.bat
2014-01-10 22:04:10 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_systeminfo.bat
2014-01-10 22:04:10 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_registry.bat
2014-01-10 22:04:10 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_copy_config.bat
2014-01-10 22:04:10 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_ipconfig.bat
2014-01-10 22:04:10 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_folder_tree.bat
2014-01-10 22:04:10 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\ForceRemove.bat
2014-01-10 22:04:10 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\mk_debug_dir.bat
2014-01-10 22:04:09 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\AMSPForceRemove.bat
2014-01-10 22:02:45 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2014-01-10 22:02:45 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2014-01-10 22:02:45 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2014-01-10 22:02:45 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2014-01-10 22:02:45 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2014-01-10 22:02:44 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2014-01-10 22:02:44 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2014-01-10 22:02:44 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2014-01-10 22:02:44 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2014-01-10 22:02:39 EE80A6D966630DF258A0E4179FA05F10 151308 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\ChromeExtension\tmNSCchromeExt.crx
2014-01-10 22:02:39 68EDBD19489DF3C0A19663AFE1F5FF6E 151666 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\chromeextension\TmOspreychromeExt.crx
2014-01-10 22:02:38 487F9EC22D6735C05D6FCBDAAD0BD8FF 303258 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\8.0.1095\chrome_tmbep.crx
2014-01-10 22:02:35 77680998BB9D2F3614E05294F3810769 84768 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.6.1082\tmusa.sys
2014-01-10 22:02:35 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2014-01-10 22:02:35 1D27CB331BB29BF1F18E4DE677D6C922 282272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\2.0.1065\tmnciesc.sys
2014-01-10 22:02:34 DF6F05E8055B39167F7BC3FC132764E6 102904 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmactmon.sys
2014-01-10 22:02:34 7ECB1B0FB83E4CB9C4AEC286C9214A50 85280 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1137\tmeevw.sys
2014-01-10 22:02:34 7CF4262FD97C60C7D0E51607888B8A0F 83352 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmevtmgr.sys
2014-01-10 22:02:34 45FC922C8505E72DFC3C4D4C5C382832 288840 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmcomm.sys
2014-01-10 22:02:34 35D33B2E928DFEBB175E599BC1F9CE7F 40736 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.5.1017\TMEBC32.sys
2014-01-10 22:02:34 02DE2A9D06CAD95EF5F0BBAA70A26755 90528 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1137\tmeext.sys
2014-01-10 22:01:24 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2014-01-10 22:01:24 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_registry.bat
2014-01-10 22:01:24 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2014-01-10 22:01:24 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2014-01-10 22:01:24 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2014-01-10 22:01:24 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
2014-01-10 20:28:57 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_processes_list.bat
2014-01-10 20:28:57 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\AMSPForceRemove.bat
2014-01-10 20:28:57 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_systeminfo.bat
2014-01-10 20:28:57 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_registry.bat
2014-01-10 20:28:57 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_copy_config.bat
2014-01-10 20:28:57 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_ipconfig.bat
2014-01-10 20:28:57 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_folder_tree.bat
2014-01-10 20:28:57 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\ForceRemove.bat
2014-01-10 20:28:57 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\mk_debug_dir.bat
2014-01-10 20:28:26 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2014-01-10 20:28:26 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2014-01-10 20:28:26 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2014-01-10 20:28:26 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2014-01-10 20:28:26 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2014-01-10 20:28:26 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2014-01-10 20:28:26 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2014-01-10 20:28:26 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2014-01-10 20:28:26 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2014-01-10 20:28:23 EE80A6D966630DF258A0E4179FA05F10 151308 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\ChromeExtension\tmNSCchromeExt.crx
2014-01-10 20:28:23 68EDBD19489DF3C0A19663AFE1F5FF6E 151666 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\chromeextension\TmOspreychromeExt.crx
2014-01-10 20:28:22 487F9EC22D6735C05D6FCBDAAD0BD8FF 303258 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\8.0.1095\chrome_tmbep.crx
2014-01-10 20:28:20 77680998BB9D2F3614E05294F3810769 84768 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.6.1082\tmusa.sys
2014-01-10 20:28:19 DF6F05E8055B39167F7BC3FC132764E6 102904 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmactmon.sys
2014-01-10 20:28:19 7ECB1B0FB83E4CB9C4AEC286C9214A50 85280 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1137\tmeevw.sys
2014-01-10 20:28:19 7CF4262FD97C60C7D0E51607888B8A0F 83352 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmevtmgr.sys
2014-01-10 20:28:19 45FC922C8505E72DFC3C4D4C5C382832 288840 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmcomm.sys
2014-01-10 20:28:19 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2014-01-10 20:28:19 35D33B2E928DFEBB175E599BC1F9CE7F 40736 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.5.1017\TMEBC32.sys
2014-01-10 20:28:19 1D27CB331BB29BF1F18E4DE677D6C922 282272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\2.0.1065\tmnciesc.sys
2014-01-10 20:28:19 02DE2A9D06CAD95EF5F0BBAA70A26755 90528 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1137\tmeext.sys
2014-01-10 20:27:59 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2014-01-10 20:27:59 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_registry.bat
2014-01-10 20:27:59 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2014-01-10 20:27:59 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2014-01-10 20:27:59 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2014-01-10 20:27:59 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
2014-01-10 20:23:05 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_processes_list.bat
2014-01-10 20:23:05 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\AMSPForceRemove.bat
2014-01-10 20:23:05 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_systeminfo.bat
2014-01-10 20:23:05 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_registry.bat
2014-01-10 20:23:05 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_copy_config.bat
2014-01-10 20:23:05 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_ipconfig.bat
2014-01-10 20:23:05 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_folder_tree.bat
2014-01-10 20:23:05 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\ForceRemove.bat
2014-01-10 20:23:05 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\mk_debug_dir.bat
2014-01-10 20:22:27 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2014-01-10 20:22:27 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2014-01-10 20:22:27 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2014-01-10 20:22:27 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2014-01-10 20:22:27 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2014-01-10 20:22:27 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2014-01-10 20:22:27 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2014-01-10 20:22:27 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2014-01-10 20:22:27 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2014-01-10 20:22:24 EE80A6D966630DF258A0E4179FA05F10 151308 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\ChromeExtension\tmNSCchromeExt.crx
2014-01-10 20:22:24 68EDBD19489DF3C0A19663AFE1F5FF6E 151666 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\chromeextension\TmOspreychromeExt.crx
2014-01-10 20:22:23 487F9EC22D6735C05D6FCBDAAD0BD8FF 303258 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\8.0.1095\chrome_tmbep.crx
2014-01-10 20:22:22 DF6F05E8055B39167F7BC3FC132764E6 102904 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmactmon.sys
2014-01-10 20:22:22 7ECB1B0FB83E4CB9C4AEC286C9214A50 85280 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1137\tmeevw.sys
2014-01-10 20:22:22 7CF4262FD97C60C7D0E51607888B8A0F 83352 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmevtmgr.sys
2014-01-10 20:22:22 77680998BB9D2F3614E05294F3810769 84768 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.6.1082\tmusa.sys
2014-01-10 20:22:22 45FC922C8505E72DFC3C4D4C5C382832 288840 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmcomm.sys
2014-01-10 20:22:22 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2014-01-10 20:22:22 35D33B2E928DFEBB175E599BC1F9CE7F 40736 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.5.1017\TMEBC32.sys
2014-01-10 20:22:22 1D27CB331BB29BF1F18E4DE677D6C922 282272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\2.0.1065\tmnciesc.sys
2014-01-10 20:22:22 02DE2A9D06CAD95EF5F0BBAA70A26755 90528 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1137\tmeext.sys
2014-01-10 20:21:56 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2014-01-10 20:21:56 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_registry.bat
2014-01-10 20:21:56 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2014-01-10 20:21:56 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2014-01-10 20:21:56 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2014-01-10 20:21:56 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
[HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe"
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe"
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]
"path"="C:\\Documents and Settings\\Barbie\\Menu Start\\Programma's\\Opstarten\\LimeWire On Startup.lnk"
"backup"="C:\\WINDOWS\\pss\\LimeWire On Startup.lnkStartup"
"command"="F:\\programma mappen\\Program Files\\LimeWire\\LimeWire.exe -startup"
"item"="LimeWire On Startup"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s"
"uTorrent"="\"E:\\Muziek en programma's\\uTorrent\\uTorrent.exe\" /MINIMIZED"
"AROReminder"="C:\\Program Files\\ARO 2013\\ARO.exe -rem"
"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 20:25]
C:\WINDOWS\tasks\ARO 2013.job --a------ C:\Program Files\ARO 2013\ARO.exe []
C:\WINDOWS\tasks\avast\Undetermined Task.exe []
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job --a------ C:H\8nFR s :C:\Program Files\Spybot - Search Destroy 2\SDUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59]
C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAEXEC.exe [03-08-2009 14:07]
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDImmunize.exe []
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDScan.exe []
C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 04:31]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11-01-2014 00:34]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
- Twoo Notifications - %ProfilePath%\extensions\twoo@twoo.com.xpi
ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046
- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\extensions\staged
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
02232EAA0CB3418239D5F6333BE9B346 - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.1
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 10:09]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]
avast Ad Blocker - Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd
Google Wallet - Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\69af6c50-d65e-4274-8e84-f8961f62d606 deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully
==== HijackThis Entries ======================
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe
==== Empty IE Cache ======================
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully
C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\Cache emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mozilla\Firefox\Profiles\oaese77u.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=72 folders=29 1186489 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully
C:\Documents and Settings\Barbie\Local Settings\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\WINDOWS\TEMP successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on wo 15-01-2014 at 21:16:22,54 ======================
3e logje
Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Barbie on wo 15-01-2014 at 21:56:49,29.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted]
==== Older Logs ======================
C:\zoek-results2013-12-19-195331.log 38683 bytes
C:\zoek-results2014-01-15-130053.log 98305 bytes
C:\zoek-results2014-01-15-201622.log 82806 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\WINDOWS\wininit.ini deleted
C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\jetpack deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11-01-2014 00:34]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
- Twoo Notifications - %ProfilePath%\extensions\twoo@twoo.com.xpi
ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046
- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\extensions\staged
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
02232EAA0CB3418239D5F6333BE9B346 - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.1
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 10:09]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Empty IE Cache ======================
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\8gjesupv.default-1362239606375\Cache emptied successfully
C:\Documents and Settings\Barbie\Local Settings\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\Cache emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mozilla\Firefox\Profiles\oaese77u.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Documents and Settings\Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=73 folders=29 1186864 bytes)
==== Empty Temp Folders ======================
C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp emptied successfully
C:\Documents and Settings\Barbie\Local Settings\Temp will be emptied at reboot
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\WINDOWS\TEMP successfully emptied
==== Empty Recycle Bin ======================
C:\RECYCLER successfully emptied
==== Deleting Files / Folders ======================
"C:\Documents and Settings\Barbie\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted
==== EOF on wo 15-01-2014 at 22:27:26,89 ======================
-
hier is het logje van zoek exe
Zoek.exe v5.0.0.0 Updated 12-Januari-2014
Tool run by Barbie on wo 15-01-2014 at 13:42:59,81.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]
==== Older Logs ======================
C:\zoek-results2013-12-19-195331.log 38683 bytes
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
C:\Program Files\Thomson\TG122n\WlanCU.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k imgsvc
==== Deleting Files \ Folders ======================
C:\Program Files\Common Files\DVDVideoSoft not found
C:\Documents and Settings\All Users\Application Data\InstallMate deleted
C:\Documents and Settings\All Users\Application Data\YTD Video Downloader deleted
C:\Qoobox deleted
C:\zoek_backup deleted
"C:\temp293.bat" deleted
"C:\temp550.bat" deleted
"C:\ComboFix.txt" deleted
==== System Specs ======================
Windows: Windows XP Professional Service Pack 3 (Build 2600)
Memory (RAM): 1016 MB
CPU Info: Intel® Pentium® 4 CPU 2.80GHz
CPU Speed: 2753,0 MHz
Sound Card: HD Audio-opbouw |
Display Adapters: Intel® 82945G Express Chipset Family | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Plug en Play-monitor |
Screen Resolution: 1280 X 1024 - 32 bit
Network: Network Present
Network Adapters: Broadcom NetXtreme Gigabit Ethernet
CD / DVD Drives: 1x (D: | ) D: ASUS DRW-2014S1
Ports: COM1 LPT1
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C: 37,3GB | F: 1863,0GB
Hard Disks - Free: C: 11,7GB | F: 117,4GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 05/18/05 | COMPAQ - 20050518
Time Zone: West-Europa (standaardtijd)
Motherboard *: Hewlett-Packard 09F8h
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Virus: avast! Antivirus On-access scanning disabled (Updated)
Default Browser: Firefox 26.0
Internet Explorer version: 8.0.6001.18702
Mozilla Firefox version: 26.0 (x86 en-US)
Google Chrome version: 31.0.1650.63
Adobe Reader version: 11.0.04.63
Sun Java version: 1.7.0_45 (32-bit)
Shockwave Player version: 12.0.5r146
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
2014-01-13 22:36:48 754BC4770D1D5F1DE3F742D079901519 31934 ------w- C:\WINDOWS\SchedLgU.Txt
2014-01-01 19:10:28 A283E768FA12EF33087F07B01F82D6DD 181064 ----a-w- C:\WINDOWS\PSEXESVC.EXE
2013-12-26 23:05:25 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe
2013-12-26 23:05:23 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe
2013-12-26 23:05:21 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe
2013-12-26 23:05:20 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe
2013-12-26 23:05:19 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe
====== C:\WINDOWS\TEMP ====
2014-01-13 21:04:51 F2674FB523211B8D2F1C75CC7654E0FB 1930728 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\VFSW1389647091\SWVFSetup_x32.exe
2014-01-12 22:00:03 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\install_flashplayer11x32_mssa_aaa_aih_2.exe
2014-01-12 21:59:26 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\install_flashplayer11x32_mssa_aaa_aih_1.exe
2014-01-12 21:59:10 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\install_flashplayer11x32_mssa_aaa_aih.exe
2014-01-12 21:46:51 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\fp_pl_pfs_installer-1.exe
2014-01-08 17:56:37 CD8D98FF4A4D862674C5FAA8D570E6C6 1892352 ----a-w- C:\Documents and Settings\Barbie\Local Settings\Temp\nsv3\Helper.dll
2014-01-08 13:26:14 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\x86\regsvr32.exe
2014-01-08 13:26:14 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Documents and Settings\Barbie\Local Settings\Temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\x64\regsvr32.exe
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2014-01-11 11:53:31 55CEF8FE478E41C8EBCF7B27AF991A3F 18968 ----a-w- C:\WINDOWS\System32\sdnclean.exe
2014-01-10 23:09:44 3596A8EBFACFBD48E756B9E9C7955B03 1202 ----a-w- C:\WINDOWS\System32\.crusader
2014-01-10 19:56:09 CC1EA61F70BA631C0801AA152559182F 32256 ----a-w- C:\WINDOWS\System32\rundll32.ex
2014-01-07 00:28:49 CBF36A1D95A3CD642CF72BEEB601932F 214256 ----a-w- C:\WINDOWS\System32\muweb.dll
2014-01-06 00:01:17 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\System32\reimage.rep
2014-01-05 23:41:55 5F6E2456B2A0D75CFB2B238869575FF2 9216 ----a-w- C:\WINDOWS\System32\Native.exe
2014-01-01 16:57:29 D9974EF619EC34B3DA5730AE9BB849BD 16384 ----a-w- C:\WINDOWS\System32\sasnative32.exe
====== C:\WINDOWS\system32\drivers =====
2014-01-14 20:25:49 4A5FFDF0FE830C448830BD4B02B02B4B 35144 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2014-01-13 20:42:17 A1DF98A9055B8D5685D011D89FFE6AB9 29576 ----a-w- C:\WINDOWS\System32\drivers\kcom.sys
2014-01-13 20:42:17 3D8A88BD1E6A640807691198A8342E8C 42376 ----a-w- C:\WINDOWS\System32\drivers\ikfilesec.sys
2014-01-13 20:42:17 2402F65F1ECA5159C8F0F16066F4BDED 81288 ----a-w- C:\WINDOWS\System32\drivers\iksyssec.sys
2014-01-13 20:42:16 7583E2211097D273FCA4E3FCE04F639F 66952 ----a-w- C:\WINDOWS\System32\drivers\iksysflt.sys
2014-01-07 19:23:13 5B131ED45BE8F8803F977CC32125EA37 30504 ----a-w- C:\WINDOWS\System32\drivers\DrvAgent32.sys
2013-12-20 22:53:24 093913A016845FE257ED9B7FC8E28ED8 12928 ----a-w- C:\WINDOWS\System32\drivers\filedisk.sys
2013-12-18 16:11:07 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
2014-01-05 19:56:28 6C70A3F581CFA47578836AAA54F79B2F 230 ----a-w- C:\WINDOWS\Tasks\ARO 2013.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-01-13 20:42:03 -------- d-----w- C:\Program Files\Spyware Doctor
2014-01-12 20:33:30 -------- d-----w- C:\Program Files\Microsoft Silverlight
2014-01-10 21:35:15 -------- d-----w- C:\Program Files\HitmanPro
2014-01-09 20:18:04 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2014-01-05 23:29:35 -------- d-----w- C:\Program Files\Reimage
2014-01-04 17:05:57 -------- d-----w- C:\Program Files\MP3Gain
2014-01-01 16:57:12 -------- d-----w- C:\Program Files\WinZip System Utilities Suite
2013-12-29 11:14:54 -------- d-----w- C:\Program Files\Microsoft
2013-12-29 11:10:59 -------- d-----w- C:\Program Files\Wondershare
2013-12-29 10:30:01 -------- d-----w- C:\Program Files\Tweaking.com
2013-12-26 22:23:20 -------- d-----w- C:\Program Files\ARO 2013
2013-12-26 21:41:28 -------- d-----w- C:\Program Files\Uniblue
2013-12-23 17:23:01 -------- d-----w- C:\Program Files\ESET
2013-12-19 17:09:33 -------- d-----w- C:\Program Files\trend micro
2013-12-18 13:54:06 -------- d-----w- C:\Program Files\JAM Software
2013-12-17 23:27:47 -------- d-----w- C:\Program Files\Defraggler
======= C: =====
2014-01-01 12:51:33 BE0EE69FC96E1413F282A24B96F650F5 40 ----a-w- C:\WFCNAME.INI
====== C:\Documents and Settings\Barbie\Application Data ======
2014-01-14 05:45:59 -------- d-----w- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Mozilla
2014-01-14 05:45:59 -------- d-----w- C:\Documents and Settings\NetworkService\Application Data\Mozilla
2014-01-13 20:42:03 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PC Tools
2014-01-10 20:25:21 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\Trend Micro
2014-01-08 12:42:59 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\cache
2014-01-04 17:06:01 -------- d-----w- C:\Documents and Settings\Barbie\Menu Start\Programma's\MP3Gain
2014-01-01 21:20:12 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\WinZip
2014-01-01 20:22:27 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\ICAClient
2014-01-01 19:56:46 -------- d-----w- C:\Documents and Settings\Barbie\Local Settings\Application Data\WMTools Downloaded Files
2014-01-01 18:58:42 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\PC MightyMax File Extension Repair
2013-12-29 11:01:41 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\ErrorTeck
2013-12-26 21:41:28 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\Uniblue
2013-12-24 16:45:47 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\SUPERAntiSpyware.com
2013-12-20 22:45:58 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\Nico Mak Computing
2013-12-18 13:54:19 -------- d-----w- C:\Documents and Settings\Barbie\Application Data\JAM Software
====== C:\Documents and Settings\Barbie ======
2014-01-15 12:25:02 -------- d--h--r- C:\Documents and Settings\Barbie\Onlangs geopend
2014-01-14 19:50:54 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT(1).exe
2014-01-14 05:46:02 -------- d-----r- C:\Documents and Settings\NetworkService\Favorieten
2014-01-08 12:43:13 -------- d-----w- C:\Documents and Settings\Barbie\.android
2014-01-08 12:42:51 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Documents and Settings\Barbie\daemonprocess.txt
2014-01-01 19:38:42 -------- d-sh--w- C:\Documents and Settings\Default User\Cookies
2014-01-01 18:58:21 -------- d-----w- C:\Documents and Settings\Barbie\WINDOWS
2013-12-28 12:01:00 -------- d-sh--w- C:\Documents and Settings\LocalService\Cookies
2013-12-27 23:40:48 -------- d-sh--w- C:\Documents and Settings\NetworkService\Cookies
2013-12-26 21:46:27 -------- d-----w- C:\Documents and Settings\Barbie\SyncFolder
====== C: exe-files ==
2014-01-14 19:50:54 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\RSIT(1).exe
2014-01-13 21:04:51 F2674FB523211B8D2F1C75CC7654E0FB 1930728 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\VFSW1389647091\SWVFSetup_x32.exe
2014-01-12 22:00:03 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\install_flashplayer11x32_mssa_aaa_aih_2.exe
2014-01-12 21:59:26 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\install_flashplayer11x32_mssa_aaa_aih_1.exe
2014-01-12 21:59:10 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\install_flashplayer11x32_mssa_aaa_aih.exe
2014-01-12 21:58:33 3BE0201F7FE62B1845B287EF5B5F4A30 1070944 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\install_flashplayer11x32_mssa_aaa_aih.exe
2014-01-12 21:46:51 91ADC0E26FAEA06BB588AC7C215452CA 17838984 ----a-w- C:\Documents and Settings\Barbie\Local Settings\temp\fp_pl_pfs_installer-1.exe
2014-01-12 20:45:22 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\adwcleaner(1).exe
2014-01-11 21:01:47 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\esetsmartinstaller_enu.exe
2014-01-10 23:26:01 C38ECB679347C514F8DCBC2A76FF1D33 4689480 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\avast_free_antivirus_setup_online.exe
2014-01-10 22:45:55 A0844C730F1091B491A8737404F4C914 347816 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\MicrosoftFixit.IEPerformance.LB.37312821000302438.3.1.Run.exe
2014-01-10 22:04:31 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\WSCTool.exe
2014-01-10 22:04:30 89D579ED4281BF0BC35BFE2E540A6A60 334600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\TmSetACL.exe
2014-01-10 22:04:28 D39AF5D6F218ECE870A0A9C8118193E0 215632 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\InstallSettingMigrate.exe
2014-01-10 22:04:28 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\TiPreAU.exe
2014-01-10 22:04:28 4C6E7BE1DFA0752E93EC43E337EB9EAB 2529072 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\TisEzIns.exe
2014-01-10 22:04:28 40A54D274FA889BD409D2F559B7A3D52 613760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Vizor32\InstallUCWrapper.exe
2014-01-10 22:04:14 F43138A55D640FF74B8341AC7DF3EFC0 241888 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\TMSToolEx.exe
2014-01-10 22:04:14 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\WSCTool.exe
2014-01-10 22:04:11 AF1B9229AEA1B158ECB116D9AF479E2E 3868048 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\SupportTool.exe
2014-01-10 22:04:04 ED4797AAD9F69771504045D210D98B4B 2139232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\setup.exe
2014-01-10 22:03:15 D50A0D27158946CDC446373A76C1B5AE 240376 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2014-01-10 22:03:15 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2014-01-10 22:03:14 F2AC14C890B3A514D1FDAA1E6C65F8A6 667832 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2014-01-10 22:03:13 E70B486367F56C350D276D4479554316 498624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2014-01-10 22:03:13 B553217AED0FD828C6AFD7951BAA46AD 136600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2014-01-10 22:03:13 0B72072A84DF9B8AE84DBE06FCA34561 1510896 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2014-01-10 22:03:12 384EDA11B4AD201AA069D1F131D3F3F8 293936 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2014-01-10 22:03:12 06C345E350D1B8F02BD7C322CD275532 1152168 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2014-01-10 22:03:11 E8536B70DDB3F5213CDA6862D577EB97 44152 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2014-01-10 22:03:11 30E6AFDE10AFF77EDA92EC418449D1CF 1712728 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1785v0.0.0l1p1r1o1\TMDC\TMDC.exe
2014-01-10 22:03:10 E4127611343EE9BFBA029A6DDACE1FFC 71456 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2014-01-10 22:03:10 D139DAC7F146E431C895E652F387F731 254296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2014-01-10 22:03:10 B38A152FFC86D84010FA3559B7CEE059 517952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2014-01-10 22:03:10 ADE64494B308AF69A9DC7F9D75D461F3 254808 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2014-01-10 22:03:10 6B2F4AE92F05D46D6BF565C1F0B84B23 506104 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2014-01-10 22:03:10 3DD86118E6D0E7DC6D3E65B1ABA8066C 309392 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2014-01-10 22:03:10 37A305172ECA6EA2E8EDCADA0456E978 563272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2014-01-10 22:03:10 170946A0B63022338D0C090BC530A60A 36960 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2014-01-10 22:03:09 E465B93767BECF1548A41EB82970BC41 223360 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2014-01-10 22:03:09 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiPreAU.exe
2014-01-10 22:03:08 3B96C0CBA50FC3F0ED93385053494A08 367584 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2014-01-10 22:03:06 B806DABC0BA505EFE3A4DD8DAB55D5A9 3893816 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\RescueHelper.exe
2014-01-10 22:03:05 E96D8D7908B5F831B3DB4913E752E7B5 136616 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2014-01-10 22:03:05 D220C57FE5CBD1AA6D57DCF7E7C92243 69408 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2014-01-10 22:03:05 94D181DCB8D92FC91BCAA58C0BC1A668 990752 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2014-01-10 22:01:31 BE8F5D0947473CBEEB079B1AD56519A7 210760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\utilRollback.exe
2014-01-10 22:01:31 A640306D84D986E40256ADCBA9A9F5A2 54296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmopHookMgrHelper32.exe
2014-01-10 22:01:30 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 22:01:30 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 22:01:30 9CBB60256F66291E8199660F4CEFD7D9 226328 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\TmopExtIns.exe
2014-01-10 22:01:30 81BCE194CBA3147CB2BBABD489C6ABCB 120856 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2014-01-10 22:01:30 6DF2A0656058A87DD0816E1BAF38B206 25624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.7.1008\DREBoot.exe
2014-01-10 22:01:29 F0256DB33C5B7BF4251DE5290F9892F0 14872 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959864l1p1r1o1\2.0.1080\CheckUI.exe
2014-01-10 22:01:29 2DB42306C5F07D3619C875959E50E52C 287256 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\coreServiceShell.exe
2014-01-10 21:33:17 27016D36B811E97BDADABF46204FDF92 9452704 ----a-w- C:\Documents and Settings\Barbie\Mijn documenten\Downloads\hitmanpro.exe
2014-01-10 20:29:03 D39AF5D6F218ECE870A0A9C8118193E0 215632 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\InstallSettingMigrate.exe
2014-01-10 20:29:03 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\TiPreAU.exe
2014-01-10 20:29:03 89D579ED4281BF0BC35BFE2E540A6A60 334600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\TmSetACL.exe
2014-01-10 20:29:03 4C6E7BE1DFA0752E93EC43E337EB9EAB 2529072 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\TisEzIns.exe
2014-01-10 20:29:03 40A54D274FA889BD409D2F559B7A3D52 613760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\InstallUCWrapper.exe
2014-01-10 20:29:03 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Vizor32\WSCTool.exe
2014-01-10 20:28:59 F43138A55D640FF74B8341AC7DF3EFC0 241888 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\TMSToolEx.exe
2014-01-10 20:28:59 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\WSCTool.exe
2014-01-10 20:28:58 AF1B9229AEA1B158ECB116D9AF479E2E 3868048 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\SupportTool.exe
2014-01-10 20:28:54 ED4797AAD9F69771504045D210D98B4B 2139232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\setup.exe
2014-01-10 20:28:37 F2AC14C890B3A514D1FDAA1E6C65F8A6 667832 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2014-01-10 20:28:37 E70B486367F56C350D276D4479554316 498624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2014-01-10 20:28:37 D50A0D27158946CDC446373A76C1B5AE 240376 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2014-01-10 20:28:37 B553217AED0FD828C6AFD7951BAA46AD 136600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2014-01-10 20:28:37 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2014-01-10 20:28:37 0B72072A84DF9B8AE84DBE06FCA34561 1510896 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2014-01-10 20:28:37 06C345E350D1B8F02BD7C322CD275532 1152168 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2014-01-10 20:28:36 E8536B70DDB3F5213CDA6862D577EB97 44152 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2014-01-10 20:28:36 E465B93767BECF1548A41EB82970BC41 223360 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2014-01-10 20:28:36 E4127611343EE9BFBA029A6DDACE1FFC 71456 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2014-01-10 20:28:36 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiPreAU.exe
2014-01-10 20:28:36 D139DAC7F146E431C895E652F387F731 254296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2014-01-10 20:28:36 B38A152FFC86D84010FA3559B7CEE059 517952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2014-01-10 20:28:36 ADE64494B308AF69A9DC7F9D75D461F3 254808 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2014-01-10 20:28:36 6B2F4AE92F05D46D6BF565C1F0B84B23 506104 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2014-01-10 20:28:36 3DD86118E6D0E7DC6D3E65B1ABA8066C 309392 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2014-01-10 20:28:36 3B96C0CBA50FC3F0ED93385053494A08 367584 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2014-01-10 20:28:36 384EDA11B4AD201AA069D1F131D3F3F8 293936 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2014-01-10 20:28:36 37A305172ECA6EA2E8EDCADA0456E978 563272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2014-01-10 20:28:36 30E6AFDE10AFF77EDA92EC418449D1CF 1712728 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1785v0.0.0l1p1r1o1\TMDC\TMDC.exe
2014-01-10 20:28:36 170946A0B63022338D0C090BC530A60A 36960 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2014-01-10 20:28:35 E96D8D7908B5F831B3DB4913E752E7B5 136616 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2014-01-10 20:28:35 D220C57FE5CBD1AA6D57DCF7E7C92243 69408 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2014-01-10 20:28:35 B806DABC0BA505EFE3A4DD8DAB55D5A9 3893816 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\RescueHelper.exe
2014-01-10 20:28:35 94D181DCB8D92FC91BCAA58C0BC1A668 990752 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2014-01-10 20:28:01 F0256DB33C5B7BF4251DE5290F9892F0 14872 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959864l1p1r1o1\2.0.1080\CheckUI.exe
2014-01-10 20:28:01 BE8F5D0947473CBEEB079B1AD56519A7 210760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\utilRollback.exe
2014-01-10 20:28:01 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:28:01 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:28:01 A640306D84D986E40256ADCBA9A9F5A2 54296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmopHookMgrHelper32.exe
2014-01-10 20:28:01 9CBB60256F66291E8199660F4CEFD7D9 226328 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\TmopExtIns.exe
2014-01-10 20:28:01 81BCE194CBA3147CB2BBABD489C6ABCB 120856 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2014-01-10 20:28:01 6DF2A0656058A87DD0816E1BAF38B206 25624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.7.1008\DREBoot.exe
2014-01-10 20:28:01 2DB42306C5F07D3619C875959E50E52C 287256 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\coreServiceShell.exe
2014-01-10 20:23:13 89D579ED4281BF0BC35BFE2E540A6A60 334600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\TmSetACL.exe
2014-01-10 20:23:13 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\WSCTool.exe
2014-01-10 20:23:12 D39AF5D6F218ECE870A0A9C8118193E0 215632 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\InstallSettingMigrate.exe
2014-01-10 20:23:12 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\TiPreAU.exe
2014-01-10 20:23:12 4C6E7BE1DFA0752E93EC43E337EB9EAB 2529072 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\TisEzIns.exe
2014-01-10 20:23:12 40A54D274FA889BD409D2F559B7A3D52 613760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Vizor32\InstallUCWrapper.exe
2014-01-10 20:23:06 F43138A55D640FF74B8341AC7DF3EFC0 241888 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\TMSToolEx.exe
2014-01-10 20:23:06 AF1B9229AEA1B158ECB116D9AF479E2E 3868048 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\SupportTool.exe
2014-01-10 20:23:06 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\WSCTool.exe
2014-01-10 20:23:04 ED4797AAD9F69771504045D210D98B4B 2139232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\setup.exe
2014-01-10 20:22:38 F2AC14C890B3A514D1FDAA1E6C65F8A6 667832 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCHandler.exe
2014-01-10 20:22:38 D50A0D27158946CDC446373A76C1B5AE 240376 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\WSCStatusController.exe
2014-01-10 20:22:38 B553217AED0FD828C6AFD7951BAA46AD 136600 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiWatchDog.exe
2014-01-10 20:22:38 2A68AA4A3573F9E717BA212A38730AC0 273336 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\WSCTool.exe
2014-01-10 20:22:38 0B72072A84DF9B8AE84DBE06FCA34561 1510896 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1725v0.0.0l1p1r1o1\uiWinMgr.exe
2014-01-10 20:22:37 E8536B70DDB3F5213CDA6862D577EB97 44152 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLMMon.exe
2014-01-10 20:22:37 E70B486367F56C350D276D4479554316 498624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiUpdateTray.exe
2014-01-10 20:22:37 D139DAC7F146E431C895E652F387F731 254296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLImp.exe
2014-01-10 20:22:37 B38A152FFC86D84010FA3559B7CEE059 517952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\WLM\TMAS_WLM.exe
2014-01-10 20:22:37 384EDA11B4AD201AA069D1F131D3F3F8 293936 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1783v0.0.0l1p1r1o1\plugin\Win8Cpnt\TmToastNotificationCaller.exe
2014-01-10 20:22:37 30E6AFDE10AFF77EDA92EC418449D1CF 1712728 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1785v0.0.0l1p1r1o1\TMDC\TMDC.exe
2014-01-10 20:22:37 170946A0B63022338D0C090BC530A60A 36960 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OLSentry.exe
2014-01-10 20:22:37 06C345E350D1B8F02BD7C322CD275532 1152168 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c11t1103v0.0.0l1p1r1o1\uiSeAgnt.exe
2014-01-10 20:22:36 E465B93767BECF1548A41EB82970BC41 223360 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiMiniService.exe
2014-01-10 20:22:36 E4127611343EE9BFBA029A6DDACE1FFC 71456 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEMon.exe
2014-01-10 20:22:36 D19748D75F510ED576A357594137E47F 362952 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiPreAU.exe
2014-01-10 20:22:36 ADE64494B308AF69A9DC7F9D75D461F3 254808 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OEImp.exe
2014-01-10 20:22:36 6B2F4AE92F05D46D6BF565C1F0B84B23 506104 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OL\TMAS_OL.exe
2014-01-10 20:22:36 3DD86118E6D0E7DC6D3E65B1ABA8066C 309392 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\TiResumeSrv.exe
2014-01-10 20:22:36 3B96C0CBA50FC3F0ED93385053494A08 367584 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\ShorcutLauncher.exe
2014-01-10 20:22:36 37A305172ECA6EA2E8EDCADA0456E978 563272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1717v0.0.0l1p1r1o1\OE\TMAS_OE.exe
2014-01-10 20:22:35 E96D8D7908B5F831B3DB4913E752E7B5 136616 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\OEMConsole.exe
2014-01-10 20:22:35 D220C57FE5CBD1AA6D57DCF7E7C92243 69408 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\PackageRemover.exe
2014-01-10 20:22:35 B806DABC0BA505EFE3A4DD8DAB55D5A9 3893816 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\RescueHelper.exe
2014-01-10 20:22:35 94D181DCB8D92FC91BCAA58C0BC1A668 990752 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\Remove.exe
2014-01-10 20:21:59 BE8F5D0947473CBEEB079B1AD56519A7 210760 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\utilRollback.exe
2014-01-10 20:21:59 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:21:59 AC4BF5D916C4CAB6760CCF8BF574E472 222232 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959569l1p1r1o1\6.8.1118\TmExtIns.exe
2014-01-10 20:21:59 A640306D84D986E40256ADCBA9A9F5A2 54296 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\TmopHookMgrHelper32.exe
2014-01-10 20:21:59 9CBB60256F66291E8199660F4CEFD7D9 226328 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\TmopExtIns.exe
2014-01-10 20:21:59 81BCE194CBA3147CB2BBABD489C6ABCB 120856 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tdiins.exe
2014-01-10 20:21:58 F0256DB33C5B7BF4251DE5290F9892F0 14872 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959864l1p1r1o1\2.0.1080\CheckUI.exe
2014-01-10 20:21:58 6DF2A0656058A87DD0816E1BAF38B206 25624 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959570l-1p1r-1o-1\1.7.1008\DREBoot.exe
2014-01-10 20:21:58 2DB42306C5F07D3619C875959E50E52C 287256 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\coreServiceShell.exe
2014-01-08 13:26:14 57E626878D667E65127D1725279B0965 12384 ----atw- C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\x86\regsvr32.exe
2014-01-08 13:26:14 157FE300857E06020BCB38A04D5B3B75 12896 ----atw- C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\x64\regsvr32.exe
=== C: other files ==
2014-01-14 20:25:49 4A5FFDF0FE830C448830BD4B02B02B4B 35144 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys
2014-01-13 20:42:19 9E9E5990D20192324D6D65712FE9589E 218504 ----a-w- C:\Program Files\Spyware Doctor\NetworkLayer\pctfw2.sys
2014-01-13 20:42:17 A1DF98A9055B8D5685D011D89FFE6AB9 29576 ----a-w- C:\WINDOWS\system32\drivers\kcom.sys
2014-01-13 20:42:17 3D8A88BD1E6A640807691198A8342E8C 42376 ----a-w- C:\WINDOWS\system32\drivers\ikfilesec.sys
2014-01-13 20:42:17 2402F65F1ECA5159C8F0F16066F4BDED 81288 ----a-w- C:\WINDOWS\system32\drivers\iksyssec.sys
2014-01-13 20:42:16 7583E2211097D273FCA4E3FCE04F639F 66952 ----a-w- C:\WINDOWS\system32\drivers\iksysflt.sys
2014-01-12 16:46:35 D94E393EEE12EAADED790D8085C1A554 411922 ----a-w- C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562\extensions\twoo@twoo.com.xpi
2014-01-10 22:04:10 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_processes_list.bat
2014-01-10 22:04:10 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_systeminfo.bat
2014-01-10 22:04:10 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_registry.bat
2014-01-10 22:04:10 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_copy_config.bat
2014-01-10 22:04:10 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_ipconfig.bat
2014-01-10 22:04:10 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\AMSP_folder_tree.bat
2014-01-10 22:04:10 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\ForceRemove.bat
2014-01-10 22:04:10 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\tool\mk_debug_dir.bat
2014-01-10 22:04:09 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\SupportTool\32bit\AMSPForceRemove.bat
2014-01-10 22:02:45 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2014-01-10 22:02:45 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2014-01-10 22:02:45 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2014-01-10 22:02:45 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2014-01-10 22:02:45 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2014-01-10 22:02:44 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2014-01-10 22:02:44 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2014-01-10 22:02:44 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2014-01-10 22:02:44 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2014-01-10 22:02:39 EE80A6D966630DF258A0E4179FA05F10 151308 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\ChromeExtension\tmNSCchromeExt.crx
2014-01-10 22:02:39 68EDBD19489DF3C0A19663AFE1F5FF6E 151666 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\chromeextension\TmOspreychromeExt.crx
2014-01-10 22:02:38 487F9EC22D6735C05D6FCBDAAD0BD8FF 303258 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\8.0.1095\chrome_tmbep.crx
2014-01-10 22:02:35 77680998BB9D2F3614E05294F3810769 84768 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.6.1082\tmusa.sys
2014-01-10 22:02:35 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2014-01-10 22:02:35 1D27CB331BB29BF1F18E4DE677D6C922 282272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\2.0.1065\tmnciesc.sys
2014-01-10 22:02:34 DF6F05E8055B39167F7BC3FC132764E6 102904 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmactmon.sys
2014-01-10 22:02:34 7ECB1B0FB83E4CB9C4AEC286C9214A50 85280 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1137\tmeevw.sys
2014-01-10 22:02:34 7CF4262FD97C60C7D0E51607888B8A0F 83352 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmevtmgr.sys
2014-01-10 22:02:34 45FC922C8505E72DFC3C4D4C5C382832 288840 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmcomm.sys
2014-01-10 22:02:34 35D33B2E928DFEBB175E599BC1F9CE7F 40736 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.5.1017\TMEBC32.sys
2014-01-10 22:02:34 02DE2A9D06CAD95EF5F0BBAA70A26755 90528 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1137\tmeext.sys
2014-01-10 22:01:24 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2014-01-10 22:01:24 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_registry.bat
2014-01-10 22:01:24 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2014-01-10 22:01:24 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2014-01-10 22:01:24 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2014-01-10 22:01:24 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389391238\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
2014-01-10 20:28:57 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_processes_list.bat
2014-01-10 20:28:57 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\AMSPForceRemove.bat
2014-01-10 20:28:57 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_systeminfo.bat
2014-01-10 20:28:57 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_registry.bat
2014-01-10 20:28:57 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_copy_config.bat
2014-01-10 20:28:57 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_ipconfig.bat
2014-01-10 20:28:57 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\AMSP_folder_tree.bat
2014-01-10 20:28:57 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\ForceRemove.bat
2014-01-10 20:28:57 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\SupportTool\32bit\tool\mk_debug_dir.bat
2014-01-10 20:28:26 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2014-01-10 20:28:26 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2014-01-10 20:28:26 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2014-01-10 20:28:26 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2014-01-10 20:28:26 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2014-01-10 20:28:26 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2014-01-10 20:28:26 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2014-01-10 20:28:26 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2014-01-10 20:28:26 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2014-01-10 20:28:23 EE80A6D966630DF258A0E4179FA05F10 151308 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\ChromeExtension\tmNSCchromeExt.crx
2014-01-10 20:28:23 68EDBD19489DF3C0A19663AFE1F5FF6E 151666 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\chromeextension\TmOspreychromeExt.crx
2014-01-10 20:28:22 487F9EC22D6735C05D6FCBDAAD0BD8FF 303258 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\8.0.1095\chrome_tmbep.crx
2014-01-10 20:28:20 77680998BB9D2F3614E05294F3810769 84768 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.6.1082\tmusa.sys
2014-01-10 20:28:19 DF6F05E8055B39167F7BC3FC132764E6 102904 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmactmon.sys
2014-01-10 20:28:19 7ECB1B0FB83E4CB9C4AEC286C9214A50 85280 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1137\tmeevw.sys
2014-01-10 20:28:19 7CF4262FD97C60C7D0E51607888B8A0F 83352 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmevtmgr.sys
2014-01-10 20:28:19 45FC922C8505E72DFC3C4D4C5C382832 288840 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmcomm.sys
2014-01-10 20:28:19 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2014-01-10 20:28:19 35D33B2E928DFEBB175E599BC1F9CE7F 40736 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.5.1017\TMEBC32.sys
2014-01-10 20:28:19 1D27CB331BB29BF1F18E4DE677D6C922 282272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\2.0.1065\tmnciesc.sys
2014-01-10 20:28:19 02DE2A9D06CAD95EF5F0BBAA70A26755 90528 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1137\tmeext.sys
2014-01-10 20:27:59 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2014-01-10 20:27:59 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_registry.bat
2014-01-10 20:27:59 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2014-01-10 20:27:59 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2014-01-10 20:27:59 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2014-01-10 20:27:59 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385661\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
2014-01-10 20:23:05 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_processes_list.bat
2014-01-10 20:23:05 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\AMSPForceRemove.bat
2014-01-10 20:23:05 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_systeminfo.bat
2014-01-10 20:23:05 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_registry.bat
2014-01-10 20:23:05 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_copy_config.bat
2014-01-10 20:23:05 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_ipconfig.bat
2014-01-10 20:23:05 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\AMSP_folder_tree.bat
2014-01-10 20:23:05 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\ForceRemove.bat
2014-01-10 20:23:05 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\SupportTool\32bit\tool\mk_debug_dir.bat
2014-01-10 20:22:27 A250838A4FB04698F397D80E09D58B23 79 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_processes_list.bat
2014-01-10 20:22:27 93AEADE1C41822B8171419822C466978 3487 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\AMSPForceRemove.bat
2014-01-10 20:22:27 804EFB9D45EE29E8429B767D9DC824BF 177 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_systeminfo.bat
2014-01-10 20:22:27 4D032D7AE1BF541DE6291D523E4DD661 70 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_registry.bat
2014-01-10 20:22:27 30F85507993D81F4D5144CD3D3493702 196 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_copy_config.bat
2014-01-10 20:22:27 1E6C1B2E400B83F6B93480C9757651D4 36 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_ipconfig.bat
2014-01-10 20:22:27 177F0C8C1ED5DA0D30D7D3476ACB7908 51 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\AMSP_folder_tree.bat
2014-01-10 20:22:27 0CD79E398FCCA25546554D37EE04F4EC 3770 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\ForceRemove.bat
2014-01-10 20:22:27 0852D10B59DA00A42D0DE0CE88332857 120 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\UCPlugin\c17t1705v0.0.0l1p1r1o1\tool\mk_debug_dir.bat
2014-01-10 20:22:24 EE80A6D966630DF258A0E4179FA05F10 151308 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679608320l1p1r1o1\6.8.1118\ChromeExtension\tmNSCchromeExt.crx
2014-01-10 20:22:24 68EDBD19489DF3C0A19663AFE1F5FF6E 151666 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959829l1p1r1o1\1.6.1083\chromeextension\TmOspreychromeExt.crx
2014-01-10 20:22:23 487F9EC22D6735C05D6FCBDAAD0BD8FF 303258 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959553l1p1r1o1\8.0.1095\chrome_tmbep.crx
2014-01-10 20:22:22 DF6F05E8055B39167F7BC3FC132764E6 102904 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmactmon.sys
2014-01-10 20:22:22 7ECB1B0FB83E4CB9C4AEC286C9214A50 85280 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959618l1p1r1o1\1.5.1137\tmeevw.sys
2014-01-10 20:22:22 7CF4262FD97C60C7D0E51607888B8A0F 83352 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmevtmgr.sys
2014-01-10 20:22:22 77680998BB9D2F3614E05294F3810769 84768 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959831l1p1r1o1\1.6.1082\tmusa.sys
2014-01-10 20:22:22 45FC922C8505E72DFC3C4D4C5C382832 288840 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t570425408l-1p1r-1o-1\6.0.1058\tmcomm.sys
2014-01-10 20:22:22 43C1B7C778B296D492AF6D2ABB2ECF7F 92304 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t679485440l1p1r1o1\6.8.1072\tmtdi.sys
2014-01-10 20:22:22 35D33B2E928DFEBB175E599BC1F9CE7F 40736 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959843l1p1r1o1\1.5.1017\TMEBC32.sys
2014-01-10 20:22:22 1D27CB331BB29BF1F18E4DE677D6C922 282272 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959587l1p1r1o1\2.0.1065\tmnciesc.sys
2014-01-10 20:22:22 02DE2A9D06CAD95EF5F0BBAA70A26755 90528 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\update\engine\c2t1207959624l1p1r1o1\1.5.1137\tmeext.sys
2014-01-10 20:21:56 E8213D15469B2457C4178CBE9F8AF38A 170 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_copy_config.bat
2014-01-10 20:21:56 D94DA6C34EB7385F346FCA15EC85F212 245 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_registry.bat
2014-01-10 20:21:56 B113F6999C5139FEA922611AB5940529 20 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_ipconfig.bat
2014-01-10 20:21:56 83729C698248980FA0A016DE7E0D5CE2 91 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\CollectICRCPerfmon.bat
2014-01-10 20:21:56 592F188323683FC4F2497C9BCDB31E04 60 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_processes_list.bat
2014-01-10 20:21:56 0FAA7EB13610A9BAA9C643019694FF12 159 ----a-w- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer\Trend_Micro_1389385285\Setup32\AMSP\debug\script\AMSP_systeminfo.bat
2014-01-08 13:13:51 9BC1C36500D0C2A464673D44D56576AA 18899 ----a-w- C:\Documents and Settings\Barbie\Bureaublad\Old Firefox Data\k34p2zue.default-1388092157578\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
[HKEY_USERS\S-1-5-21-1060284298-1677128483-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe"
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe"
"DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]
"path"="C:\\Documents and Settings\\Barbie\\Menu Start\\Programma's\\Opstarten\\LimeWire On Startup.lnk"
"backup"="C:\\WINDOWS\\pss\\LimeWire On Startup.lnkStartup"
"command"="F:\\programma mappen\\Program Files\\LimeWire\\LimeWire.exe -startup"
"item"="LimeWire On Startup"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"TomTomHOME.exe"="\"C:\\Program Files\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s"
"uTorrent"="\"E:\\Muziek en programma's\\uTorrent\\uTorrent.exe\" /MINIMIZED"
"AROReminder"="C:\\Program Files\\ARO 2013\\ARO.exe -rem"
"ccleaner"="\"C:\\Program Files\\CCleaner\\ccleaner.exe\" /AUTO"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"DivXUpdate"="\"C:\\Program Files\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW"
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 20:25]
C:\WINDOWS\tasks\ARO 2013.job --a------ C:\Program Files\ARO 2013\ARO.exe []
C:\WINDOWS\tasks\avast\Undetermined Task.exe []
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job --a------ C:H\8nFR s:C:\Program Files\Spybot - Search Destroy 2\SDUpdate.exe []
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-02-2013 21:59]
C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAEXEC.exe [03-08-2009 14:07]
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDImmunize.exe []
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job --a------ C:\Program Files\Spybot - Search Destroy 2\SDScan.exe []
C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job --ah----- C:\WINDOWS\system32\msfeedssync.exe [08-03-2009 04:31]
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11-01-2014 00:34]
==== Firefox Extensions ======================
ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
- Twoo Notifications - %ProfilePath%\extensions\twoo@twoo.com.xpi
ProfilePath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cyn6v1jy.default-1361706640046
- Undetermined - %ProfilePath%\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\extensions\staged
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- avast Ad Blocker - %AppDir%\extensions\adblocker@avast.com.xpi
==== Firefox Plugins ======================
Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In
02232EAA0CB3418239D5F6333BE9B346 - C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll - WPI Detector 1.1
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight
Profilepath: C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\wapo6j95.default-1369758160968
901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fplhdcjmbpfkejbhngmlngaecbjmoimd - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx[25-02-2013 10:09]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]
avast Ad Blocker - Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd
Google Wallet - Barbie\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://mozilla firefox/"
"Default_Page_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com"
"CustomizeSearch"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== shortcuts on Users Desktops ======================
C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar adwcleaner(1).lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\adwcleaner(1).exe
C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar Norman_Malware_Cleaner(1).lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Norman_Malware_Cleaner(1).exe
C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar Norman_Malware_Cleaner.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Norman_Malware_Cleaner.exe
C:\Documents and Settings\Barbie\Bureaublad\Snelkoppeling naar zoek.lnk - C:\Documents and Settings\Barbie\Mijn documenten\Downloads\zoek.exe
==== shortcuts on All Users Desktop ======================
C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk - C:\AdwCleaner\Quarantine\C\Program Files\GreenTree Applications\YTD Video Downloader\ytd.exe.vir
==== shortcuts in Users Start Menu ======================
C:\Documents and Settings\Barbie\Menu Start\µTorrent.lnk - C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Outlook Express.lnk - C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1
C:\Documents and Settings\Barbie\Menu Start\Programma's\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Adresboek.lnk - C:\Program Files\Outlook Express\wab.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\HiJackThis\HiJackThis.lnk - C:\Documents and Settings\Barbie\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\MP3Gain\MP3Gain Help.lnk - C:\Program Files\MP3Gain\MP3Gain.chm
C:\Documents and Settings\Barbie\Menu Start\Programma's\MP3Gain\MP3Gain.lnk - C:\Program Files\MP3Gain\MP3GainGUI.exe
C:\Documents and Settings\Barbie\Menu Start\Programma's\MP3Gain\Uninstall MP3Gain.lnk - C:\Program Files\MP3Gain\uninst-mp3gain.exe
C:\Documents and Settings\Default User\Menu Start\Programma's\Hulp op afstand.lnk - C:\WINDOWS\system32\rcimlby.exe -LaunchRA
C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Kladblok.lnk - C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Rondleiding door Windows XP.lnk - C:\WINDOWS\system32\tourstart.exe
C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Synchroniseren.lnk - C:\WINDOWS\system32\mobsync.exe
C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Hulpprogrammabeheer.lnk - C:\WINDOWS\system32\utilman.exe /start
C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Schermtoetsenbord.lnk - C:\WINDOWS\system32\osk.exe
C:\Documents and Settings\Default User\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Vergrootglas.lnk - C:\WINDOWS\system32\magnify.exe
==== shortcuts in All Users Start Menu ======================
C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Web Platform Installer.lnk - C:\Program Files\Microsoft\Web Platform Installer\WebPlatformInstaller.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot-S&D Start Center.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Avast\avast Free Antivirus.lnk -
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Paint.lnk - C:\WINDOWS\system32\mspaint.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Programmatoegang en -instellingen.lnk - C:\WINDOWS\system32\control.exe appwiz.cpl,,3
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Rekenmachine.lnk - C:\WINDOWS\system32\calc.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Verbinding met extern bureaublad.lnk - C:\WINDOWS\system32\mstsc.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Windows Update.lnk - C:\WINDOWS\system32\wupdmgr.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Draadloos netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe shell32.dll,Control_RunDLL NetSetup.cpl,@0,WNSW
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Netwerk instellen.lnk - C:\WINDOWS\system32\rundll32.exe hnetwiz.dll,HomeNetWizardRunDll
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Communicatie\Wizard Nieuwe verbinding.lnk - C:\WINDOWS\system32\rundll32.exe netshell.dll,StartNCW
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Entertainment\Geluidsrecorder.lnk - C:\WINDOWS\system32\sndrec32.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Entertainment\Volumeregeling.lnk - C:\WINDOWS\system32\sndvol32.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Back-up.lnk - C:\WINDOWS\system32\ntbackup.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Beveiligingscentrum.lnk - C:\WINDOWS\system32\wscui.cpl
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Schijfdefragmentatie.lnk - C:\WINDOWS\system32\dfrg.msc
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Schijfopruiming.lnk - C:\WINDOWS\system32\cleanmgr.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Speciale tekens.lnk - C:\WINDOWS\system32\charmap.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Toegankelijkheid\Wizard Toegankelijkheid.lnk - C:\WINDOWS\system32\accwiz.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Defraggler\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Defraggler\Uninstall Defraggler.lnk - C:\Program Files\Defraggler\uninst.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\HitmanPro\HitmanPro.lnk - C:\Program Files\HitmanPro\HitmanPro.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\HitmanPro\Verwijder HitmanPro 3.7.lnk - C:\Program Files\HitmanPro\HitmanPro.exe /uninstall
C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm
C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm
C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\FreeCell.lnk - C:\WINDOWS\system32\freecell.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Hartenjagen.lnk - C:\WINDOWS\system32\mshearts.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Mijnenveger.lnk - C:\WINDOWS\system32\winmine.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Patience.lnk - C:\WINDOWS\system32\sol.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Ontspanning\Spider Solitaire.lnk - C:\WINDOWS\system32\spider.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Security Task Manager\Help.lnk - C:\Program Files\Security Task Manager\Setup.exe -redirect taskman chm
C:\Documents and Settings\All Users\Menu Start\Programma's\Security Task Manager\Manueel.lnk - C:\Program Files\Security Task Manager\Setup.exe -redirect manual pdf
C:\Documents and Settings\All Users\Menu Start\Programma's\Security Task Manager\Security Task Manager nu aankopen.lnk -
C:\Documents and Settings\All Users\Menu Start\Programma's\Security Task Manager\Security Task Manager.lnk - C:\Program Files\Security Task Manager\TaskMan.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Security Task Manager\Verwijderen.lnk - C:\Program Files\Security Task Manager\uninstal.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\Create System Report.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDLogReport.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\File Scan.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDFiles.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\Immunization.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\Rootkit Scan.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDRootAlyzer.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDWelcome.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\System Scan.lnk - C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk - C:\Program Files\Spybot - Search & Destroy 2\unins000.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spyware Doctor\Snelle Startersgids van Spyware Doctor.lnk - C:\Program Files\Spyware Doctor\ned-sdhelp.chm
C:\Documents and Settings\All Users\Menu Start\Programma's\Spyware Doctor\Spyware Doctor Verwijderen.lnk - C:\Program Files\Spyware Doctor\unins000.exe /LOG
C:\Documents and Settings\All Users\Menu Start\Programma's\Spyware Doctor\Spyware Doctor.lnk - C:\Program Files\Spyware Doctor\pctsGui.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Spyware Doctor\Verdere oplossingen van PC Tools.lnk - C:\Program Files\Spyware Doctor\homepage.url
C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Computerbeheer.lnk - C:\WINDOWS\system32\compmgmt.msc /s
C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Gegevensbronnen (ODBC).lnk - C:\WINDOWS\system32\odbcad32.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Logboeken.lnk - C:\WINDOWS\system32\eventvwr.msc /s
C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Lokaal beveiligingsbeleid.lnk - C:\WINDOWS\system32\secpol.msc /s
C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Prestaties.lnk - C:\WINDOWS\system32\perfmon.msc /s
C:\Documents and Settings\All Users\Menu Start\Programma's\Systeembeheer\Services.lnk - C:\WINDOWS\system32\services.msc /s
C:\Documents and Settings\All Users\Menu Start\Programma's\TreeSize Free\TreeSize Free Help.lnk - C:\Program Files\JAM Software\TreeSize Free\TreeSizeFree.chm
C:\Documents and Settings\All Users\Menu Start\Programma's\TreeSize Free\TreeSize Free.lnk - C:\Program Files\JAM Software\TreeSize Free\TreeSizeFree.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\TreeSize Free\Uninstall TreeSize Free.lnk - C:\Program Files\JAM Software\TreeSize Free\unins000.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\Documentation.lnk - F:\Muziek en programma's\VLC\Documentation.url
C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\Release Notes.lnk - F:\Muziek en programma's\VLC\NEWS.txt
C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\VideoLAN Website.lnk - F:\Muziek en programma's\VLC\VideoLAN Website.url
C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\VLC media player - reset preferences and cache files.lnk - F:\Muziek en programma's\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit
C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\VLC media player skinned.lnk - F:\Muziek en programma's\VLC\vlc.exe -Iskins
C:\Documents and Settings\All Users\Menu Start\Programma's\VideoLAN\VLC media player.lnk - F:\Muziek en programma's\VLC\vlc.exe
C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader\Uninstall.lnk - C:\AdwCleaner\Quarantine\C\Program Files\GreenTree Applications\YTD Video Downloader\Uninstall.exe.vir
C:\Documents and Settings\All Users\Menu Start\Programma's\YTD Video Downloader\YTD Video Downloader.lnk - C:\AdwCleaner\Quarantine\C\Program Files\GreenTree Applications\YTD Video Downloader\ytd.exe.vir
C:\Documents and Settings\All Users\Menu Start\Programs\SUPERAntiSpyware\BootSafe.lnk - C:\Program Files\SUPERAntiSpyware\BOOTSAFE.EXE
C:\Documents and Settings\All Users\Menu Start\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk - C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
C:\Documents and Settings\All Users\Menu Start\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\All Users\Menu Start\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm
C:\Documents and Settings\All Users\Menu Start\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe /register
==== shortcuts in Quick Launch ======================
C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\WinZip System Utilities Suite.lnk - C:\Program Files\WinZip System Utilities Suite\HighestAvailable.exe C:\Program Files\WinZip System Utilities Suite\WINZIPSS.exe
C:\Documents and Settings\Barbie\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe
==== HijackThis Entries ======================
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe
==== C:\zoek_backup content ======================
C:\zoek_backup (files=
==== EOF on wo 15-01-2014 at 14:00:53,10 ======================
D. Bank
-
hier het logje van RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Barbie at 2014-01-14 20:51:56
Microsoft Windows XP Professional Service Pack 3
System drive C: has 12 GB (30%) free of 38 GB
Total RAM: 1015 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:10:30, on 19-12-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
C:\Program Files\Thomson\TG122n\WlanCU.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Barbie\Bureaublad\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\trend micro\Barbie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mozilla firefox/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O1 - Hosts: 127\Device\HarddiskVolume1\Program Files\Java\jre7\bin\javaw.exe127.0.0.1 ferreari.it
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - (no file)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\4389e9f1-ae57-4fc7-8ff0-52821b0e76a2.exe /check
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe
O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe
O24 - Desktop Component AutorunsDisabled: (no name) - (no file)
--
End of file - 6006 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\ARO 2013.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\OGALogon.job
C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
C:\WINDOWS\tasks\User_Feed_Synchronization-{E7254A12-7898-484D-8A27-4FAE8FBBFA12}.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Barbie\Application Data\Mozilla\Firefox\Profiles\cletvnax.default-1389186826562
"{20a82645-c095-46ed-80e3-08825760534b}"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Web Player Plug-In,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/wpi,version=1.0]
"Description"=
"Path"=C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=F:\Muziek en programma's\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.0]
"Description"=VLC Multimedia Plugin
"Path"=F:\Muziek en programma's\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.1]
"Description"=VLC Multimedia Plugin
"Path"=F:\Muziek en programma's\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.2]
"Description"=VLC Multimedia Plugin
"Path"=F:\Muziek en programma's\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Program Files\Mozilla Firefox\extensions\
staged
C:\Program Files\Mozilla Firefox\components\
nsIBitCometAgent.xpt
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-11 1138536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-01-11 1138536]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ContentTransferWMDetector.exe"=C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe [2009-11-19 583016]
"HPDJ Taskbar Utility"=C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe [2003-03-09 188416]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29 1861968]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-12-17 3764024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-12-20 5625624]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Barbie^Menu Start^Programma's^Opstarten^LimeWire On Startup.lnk]
F:\programma mappen\Program Files\LimeWire\LimeWire.exe -startup []
C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
ICIDU 11n USB Wireless LAN Utility.lnk - C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
Wireless Configuration Utility.lnk - C:\Program Files\Thomson\TG122n\WlanCU.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-08-24 208896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon]
SDWinLogon.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-07 115440]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup"
"C:\Program Files\DownloadManager\jre\bin\javaw.exe"="C:\Program Files\DownloadManager\jre\bin\javaw.exe:*:Enabled:Java Platform SE binary"
"C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe"="C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe:*:Enabled:RtWlan"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Mozilla Firefox"
"F:\Muziek en programma's\VLC\vlc.exe"="F:\Muziek en programma's\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe"="C:\Documents and Settings\Barbie\Application Data\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon"
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater"
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.WMV3"=wmv9vcm.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.avis"=ff_acm.acm
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.LAGS"=lagarith.dll
"vidc.XVID"=xvidvfw.dll
"VIDC.CTRX"=ctrxvid.drv
======List of files/folders created in the last 1 month======
2014-01-13 23:36:48 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-13 21:42:17 ----A---- C:\WINDOWS\system32\drivers\kcom.sys
2014-01-13 21:42:17 ----A---- C:\WINDOWS\system32\drivers\iksyssec.sys
2014-01-13 21:42:17 ----A---- C:\WINDOWS\system32\drivers\ikfilesec.sys
2014-01-13 21:42:16 ----A---- C:\WINDOWS\system32\drivers\iksysflt.sys
2014-01-13 21:42:03 ----D---- C:\Program Files\Spyware Doctor
2014-01-13 21:42:03 ----D---- C:\Documents and Settings\Barbie\Application Data\PC Tools
2014-01-13 18:47:59 ----D---- C:\Program Files\Security Task Manager
2014-01-12 21:33:30 ----D---- C:\Program Files\Microsoft Silverlight
2014-01-11 12:53:31 ----A---- C:\WINDOWS\system32\sdnclean.exe
2014-01-11 12:52:52 ----D---- C:\Program Files\Spybot - Search & Destroy 2
2014-01-10 22:35:15 ----D---- C:\Program Files\HitmanPro
2014-01-10 22:33:46 ----D---- C:\Documents and Settings\All Users\Application Data\HitmanPro
2014-01-10 21:17:51 ----D---- C:\Documents and Settings\All Users\Application Data\Trend Micro Installer
2014-01-09 21:18:04 ----D---- C:\Program Files\SUPERAntiSpyware
2014-01-08 14:27:29 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2014-01-08 14:22:31 ----D---- C:\WINDOWS\system32\X86
2014-01-08 14:22:10 ----D---- C:\Documents and Settings\All Users\Application Data\InstallMate
2014-01-07 20:23:13 ----A---- C:\WINDOWS\system32\drivers\DrvAgent32.sys
2014-01-07 07:22:27 ----HDC---- C:\WINDOWS\ie8
2014-01-07 07:16:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2510581$
2014-01-07 01:28:49 ----A---- C:\WINDOWS\system32\muweb.dll
2014-01-07 01:10:33 ----D---- C:\WINDOWS\SoftwareDistribution
2014-01-07 01:05:20 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-06 00:41:55 ----A---- C:\WINDOWS\system32\Native.exe
2014-01-06 00:41:34 ----D---- C:\ReimageUndo
2014-01-06 00:29:35 ----D---- C:\Program Files\Reimage
2014-01-06 00:29:28 ----D---- C:\rei
2014-01-04 18:05:57 ----D---- C:\Program Files\MP3Gain
2014-01-03 20:19:25 ----D---- C:\Windows xp 2e
2014-01-03 19:10:45 ----D---- C:\Windows xp
2014-01-02 23:53:17 ----ASH---- C:\pagefile.sys
2014-01-01 22:20:12 ----D---- C:\Documents and Settings\Barbie\Application Data\WinZip
2014-01-01 21:22:27 ----D---- C:\Documents and Settings\Barbie\Application Data\ICAClient
2014-01-01 20:34:39 ----A---- C:\temp293.bat
2014-01-01 20:34:29 ----A---- C:\temp550.bat
2014-01-01 20:10:28 ----A---- C:\WINDOWS\PSEXESVC.EXE
2014-01-01 20:07:59 ----D---- C:\RegBackup
2014-01-01 19:58:42 ----D---- C:\Documents and Settings\Barbie\Application Data\PC MightyMax File Extension Repair
2014-01-01 17:57:29 ----A---- C:\WINDOWS\system32\sasnative32.exe
2014-01-01 17:57:12 ----D---- C:\Program Files\WinZip System Utilities Suite
2014-01-01 13:51:33 ----A---- C:\WFCNAME.INI
2013-12-29 12:14:54 ----D---- C:\Program Files\Microsoft
2013-12-29 12:10:59 ----D---- C:\Program Files\Wondershare
2013-12-29 12:01:41 ----D---- C:\Documents and Settings\Barbie\Application Data\ErrorTeck
2013-12-29 11:30:01 ----D---- C:\Program Files\Tweaking.com
2013-12-28 18:44:28 ----D---- C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
2013-12-28 15:08:18 ----SHD---- C:\Documents and Settings\All Users\Application Data\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-28 01:08:19 ----SHD---- C:\RECYCLER
2013-12-27 21:28:59 ----A---- C:\ComboFix.txt
2013-12-27 00:27:34 ----RASHD---- C:\cmdcons
2013-12-27 00:05:25 ----A---- C:\WINDOWS\MBR.exe
2013-12-27 00:05:24 ----A---- C:\WINDOWS\NIRCMD.exe
2013-12-27 00:05:23 ----A---- C:\WINDOWS\PEV.exe
2013-12-27 00:05:22 ----A---- C:\WINDOWS\SWREG.exe
2013-12-27 00:05:21 ----A---- C:\WINDOWS\zip.exe
2013-12-27 00:05:20 ----A---- C:\WINDOWS\sed.exe
2013-12-27 00:05:20 ----A---- C:\WINDOWS\grep.exe
2013-12-27 00:05:19 ----A---- C:\WINDOWS\SWSC.exe
2013-12-27 00:05:18 ----A---- C:\WINDOWS\SWXCACLS.exe
2013-12-26 23:55:41 ----D---- C:\Qoobox
2013-12-26 23:23:20 ----D---- C:\Program Files\ARO 2013
2013-12-26 22:41:28 ----D---- C:\Program Files\Uniblue
2013-12-26 22:41:28 ----D---- C:\Documents and Settings\Barbie\Application Data\Uniblue
2013-12-24 17:49:56 ----D---- C:\SUPERDelete
2013-12-24 17:45:47 ----D---- C:\Documents and Settings\Barbie\Application Data\SUPERAntiSpyware.com
2013-12-24 17:45:30 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2013-12-23 18:23:01 ----D---- C:\Program Files\ESET
2013-12-22 10:31:43 ----D---- C:\Documents and Settings\All Users\Application Data\PC Unleashed Online
2013-12-20 23:53:24 ----A---- C:\WINDOWS\system32\drivers\filedisk.sys
2013-12-20 23:45:58 ----D---- C:\Documents and Settings\Barbie\Application Data\Nico Mak Computing
2013-12-19 20:51:28 ----D---- C:\WINDOWS\TEMP
2013-12-19 20:50:56 ----D---- C:\Program Files\HiJackThis
2013-12-19 20:23:54 ----D---- C:\zoek_backup
2013-12-19 18:09:33 ----D---- C:\rsit
2013-12-19 18:09:33 ----D---- C:\Program Files\trend micro
2013-12-18 17:11:07 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2013-12-18 17:11:07 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2013-12-18 17:02:03 ----D---- C:\AdwCleaner
2013-12-18 14:54:19 ----D---- C:\Documents and Settings\Barbie\Application Data\JAM Software
2013-12-18 14:54:06 ----D---- C:\Program Files\JAM Software
2013-12-18 00:27:47 ----D---- C:\Program Files\Defraggler
2013-12-17 22:47:17 ----D---- C:\Documents and Settings\Barbie\Application Data\Malwarebytes
2013-12-17 19:50:32 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
======List of files/folders modified in the last 1 month======
2014-01-14 18:18:48 ----D---- C:\WINDOWS\Prefetch
2014-01-14 00:45:34 ----D---- C:\WINDOWS\system32\drivers
2014-01-13 23:43:14 ----D---- C:\WINDOWS\system32
2014-01-13 23:43:07 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-13 23:42:00 ----D---- C:\WINDOWS
2014-01-13 22:05:15 ----SHD---- C:\WINDOWS\Installer
2014-01-13 21:42:03 ----D---- C:\Program Files
2014-01-13 18:56:05 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2014-01-12 18:29:52 ----D---- C:\Documents and Settings\Barbie\Application Data\vlc
2014-01-11 13:08:43 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-01-11 12:55:13 ----SD---- C:\WINDOWS\Tasks
2014-01-11 12:54:16 ----D---- C:\WINDOWS\system32\config
2014-01-11 12:54:09 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2014-01-08 19:17:12 ----D---- C:\WINDOWS\system
2014-01-08 18:58:06 ----D---- C:\Documents and Settings\All Users\Application Data\ReviverSoft
2014-01-08 18:51:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-08 17:48:47 ----DC---- C:\WINDOWS\$NtUninstallWdf01009$
2014-01-08 14:05:13 ----D---- C:\WINDOWS\inf
2014-01-08 14:05:08 ----D---- C:\WINDOWS\system32\CatRoot
2014-01-08 14:05:04 ----D---- C:\WINDOWS\ie8updates
2014-01-07 21:09:37 ----A---- C:\WINDOWS\reimage.ini
2014-01-07 17:36:51 ----D---- C:\WINDOWS\Debug
2014-01-07 07:31:10 ----D---- C:\WINDOWS\system32\nl-nl
2014-01-07 07:31:10 ----D---- C:\WINDOWS\Media
2014-01-07 07:31:10 ----D---- C:\Program Files\Internet Explorer
2014-01-07 07:31:09 ----D---- C:\WINDOWS\Help
2014-01-07 07:24:07 ----RD---- C:\WINDOWS\Offline Web Pages
2014-01-07 07:15:53 ----D---- C:\WINDOWS\ie7updates
2014-01-07 07:05:40 ----D---- C:\WINDOWS\$hf_mig$
2014-01-07 00:58:07 ----D---- C:\WINDOWS\system32\drivers\etc
2014-01-07 00:55:55 ----SD---- C:\WINDOWS\Downloaded Program Files
2014-01-06 00:15:15 ----DC---- C:\WINDOWS\$NtUninstallWudf01000$
2014-01-02 22:59:25 ----D---- C:\Program Files\Common Files
2014-01-01 21:43:46 ----D---- C:\Program Files\PC Unleashed Online
2014-01-01 21:20:56 ----D---- C:\Documents and Settings\Barbie\Application Data\licenses
2014-01-01 20:56:51 ----SD---- C:\Documents and Settings\Barbie\Application Data\Microsoft
2014-01-01 20:39:19 ----D---- C:\Documents and Settings\Barbie\Application Data\Identities
2014-01-01 17:57:12 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2014-01-01 13:52:49 ----A---- C:\WINDOWS\ODBCINST.INI
2014-01-01 13:52:49 ----A---- C:\WINDOWS\ODBC.INI
2013-12-29 12:15:01 ----RSD---- C:\WINDOWS\assembly
2013-12-28 15:20:24 ----D---- C:\Program Files\AVG
2013-12-27 21:23:58 ----N---- C:\WINDOWS\system.ini
2013-12-27 21:21:47 ----D---- C:\WINDOWS\erdnt
2013-12-27 21:18:44 ----D---- C:\WINDOWS\AppPatch
2013-12-27 00:27:41 ----ASH---- C:\boot.ini
2013-12-26 23:17:20 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-26 13:42:07 ----D---- C:\Program Files\Mozilla Firefox
2013-12-26 12:47:08 ----D---- C:\Program Files\CCleaner
2013-12-24 17:49:57 ----D---- C:\Program Files\IObit
2013-12-24 17:49:57 ----D---- C:\Documents and Settings\Barbie\Application Data\IObit
2013-12-24 01:11:17 ----A---- C:\rsqXPdir.ini
2013-12-24 00:52:27 ----D---- C:\Program Files\AbiWord
2013-12-20 21:33:28 ----D---- C:\Documents and Settings\Barbie\Application Data\uTorrent
2013-12-18 16:48:40 ----D---- C:\Documents and Settings\Barbie\Application Data\DriverTurbo
2013-12-18 16:42:36 ----D---- C:\WINDOWS\WinSxS
2013-12-18 16:30:02 ----D---- C:\Documents and Settings\All Users\Application Data\Common Toolkit Suite
2013-12-17 20:06:34 ----A---- C:\WINDOWS\system32\aswBoot.exe
2013-12-17 18:24:15 ----D---- C:\WINDOWS\system32\wbem
2013-12-17 18:19:27 ----D---- C:\WINDOWS\system32\LogFiles
2013-12-17 18:13:56 ----RSD---- C:\WINDOWS\Fonts
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-10-30 49944]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-12-17 180248]
R0 gfibto;gfibto; C:\WINDOWS\system32\drivers\gfibto.sys [2013-06-20 13560]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2010-07-12 45648]
R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2013-09-10 466008]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2010-10-18 82380]
R1 AswRdr;aswRdr; \??\C:\WINDOWS\system32\drivers\aswRdr.sys []
R1 aswSnx;aswSnx; \??\C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; \??\C:\WINDOWS\system32\drivers\aswSP.sys []
R1 aswTdi;aswTdi; \??\C:\WINDOWS\system32\drivers\aswTdi.sys []
R1 FileDisk;FileDisk; C:\WINDOWS\system32\drivers\FileDisk.sys [2013-04-23 12928]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS []
R1 WmiAcpi;Microsoft Windows Beheerinterface voor ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-09-07 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2010-12-07 21361]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 WLNdis50;Wireless Lan NDIS Protocol I/O Control; C:\WINDOWS\system32\DRIVERS\wlndis50.sys [2008-02-27 20480]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2008-07-25 176640]
R3 HdAudAddService;Microsoft UAA-functiestuurprogramma voor High Definition Audio-service; C:\WINDOWS\system32\drivers\HdAudio.sys [2005-01-07 145920]
R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-08-24 5776928]
R3 IKFileSec;File Security Driver; C:\WINDOWS\system32\drivers\ikfilesec.sys [2014-01-13 42376]
R3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2007-12-10 66952]
R3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2007-12-10 81288]
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-07 12288]
R3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 cnnctfy2MP;cnnctfy2MP; C:\WINDOWS\system32\DRIVERS\cnnctfy2.sys []
S3 DrvAgent32;DrvAgent32; \??\C:\WINDOWS\system32\Drivers\DrvAgent32.sys []
S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2003-03-09 51024]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2003-03-09 16080]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2003-03-09 21456]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2011-08-17 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2011-08-17 23168]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8192su.sys [2009-08-05 588032]
S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2009-11-12 7168]
S3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-10 120088]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-17 50344]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2014-01-10 106280]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre7\bin\jqs.exe [2013-10-17 182696]
R2 ReimageRealTimeProtection;Reimage Real Time Protection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [2013-12-19 4023656]
R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-09-20 1042272]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592]
R2 WINZIPSSDiskOptimizer;WINZIPSSDiskOptimizer; C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe [2013-07-15 267384]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-15 3921880]
S2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-09-13 171416]
S2 WLSVC;WLSVC; C:\Program Files\Thomson\TG122n\WLSVC.exe [2009-02-11 167936]
S2 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 917504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET-statusservice; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 116648]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-02-13 116648]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
S3 PSEXESVC;PsExec; C:\WINDOWS\PSEXESVC.EXE [2014-01-02 181064]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2014-01-13 337800]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2014-01-13 1017224]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
D. Bank
- - - Updated - - -
Hier is een 2e bericht van mij.
Ik heb gisteren spyware doctor gedownload en een scan gedaan, ik kreef het volgende scanresultaat:
- Adware.weird_On_The_Web (3695 infecties)
- Application.nirCmd (24 infecties)
- Hijacker.specific 911_Hijack (2 infecties)
ik heb deze infecties niet kunnen verwijderen, omdat ik erachter kwam dat spyware doctor niet gratis is en ik daar niet voor wil betalen.
Maar ik heb wel kunnen zien wat voor infecties er op mijn pc staan, de vraag is hoe te verwijderen.
Gr,
D. Bank
-
Kijk HIER eens voor die foutmelding.
Ik heb dit gedaan, volgens mij is dit nu goed. wat ik wel merkte is dat mij systeem erg traag is de laatste tijd. Ik heb een maleware bite scan gedaan niets gevonden, spyhunter gestart die heeft heel veel malware gevonden. adware.savingsmagnet (172 infecties) een van die infecties zit in pad :c:\program files\avast software\avast\webreb\chrome\aswwebreb chrome.crx. De andere infectie is Rogue.spy protector, dit schijnt een gevaarlijke te zijn. Ik hoop na dat deze scan afgelopen is de malware volledig verwijderd is. Wat mij wel zorgen maakt is de malware in de avast software.
D. Bank
-
1. Download HijackThis. (klik er op)
De download start automatisch na 5 seconden.
Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".
Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.
Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere PC en het bestand met een USB-stick overbrengen
Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden. Dit kan je HIER doen.
Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map. De logjes kan je dan ook in die map terugvinden.
2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)
Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".
Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.
Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.
Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)
hier is het logje van HJT
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:31:41, on 9-1-2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
C:\Program Files\Thomson\TG122n\WlanCU.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\trend micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = PC Helpforum - Gratis hulp bij computer problemen firefox/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: ICIDU 11n USB Wireless LAN Utility.lnk = C:\Program Files\ICIDU\ICIDU 11n USB Wireless LAN\RtWLan.exe
O4 - Global Startup: Wireless Configuration Utility.lnk = C:\Program Files\Thomson\TG122n\WlanCU.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351283024296
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1340821704281
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE
O23 - Service: Reimage Real Time Protection (ReimageRealTimeProtection) - Reimage® - C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: WINZIPSSDiskOptimizer - WinZip Computing, S.L. (WinZip Computing) - C:\Program Files\WinZip System Utilities Suite\WINZIPSSDefragSrv.exe
O23 - Service: WLSVC - Unknown owner - C:\Program Files\Thomson\TG122n\WLSVC.exe
--
End of file - 5331 bytes
-
hier het 2e logje van malware bites
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware
Databaseversie: v2014.01.08.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Barbie :: HP-DD4A2B89C61D [administrator]
8-1-2014 19:01:37
mbam-log-2014-01-08 (19-01-37).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 227739
Verstreken tijd: 12 minuut/minuten, 48 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 4
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\iLividSetup-r484-n-bf.exe (PUP.Optional.Bandoo) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\newtab_setup.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\ytab_setup.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\ytbmk_setup.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Ik heb nog een scan gedraaid nu heeft malw bites niets meer gevonden.
De melding die ik wel krijg bij het opstarten van de computer is : fout c:\windows\system 32\rundll32.exe. daaronder krijg ik bericht weer van deze bewerking geen programma aan het opgegeven bestand gekoppeld. Ik heb een beetje zitten uitpluizen op het internet dat deze fout misschien met een worm te maken kan hebben.
D. Bank
-
En na het herstarten een blanco logje van Malwarebytes bij een nieuwe scan ?
hier het 2e logje van malware bites
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware
Databaseversie: v2014.01.08.05
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Barbie :: HP-DD4A2B89C61D [administrator]
8-1-2014 19:01:37
mbam-log-2014-01-08 (19-01-37).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 227739
Verstreken tijd: 12 minuut/minuten, 48 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 4
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\iLividSetup-r484-n-bf.exe (PUP.Optional.Bandoo) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\newtab_setup.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\ytab_setup.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\ytbmk_setup.exe (PUP.Optional.MultiPlug.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
-
hier is het logje van malwarebites:
Malwarebytes Anti-Malware 1.75.0.1300
Malwarebytes : Free Anti-Malware
Databaseversie: v2014.01.08.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Barbie :: HP-DD4A2B89C61D [administrator]
8-1-2014 14:45:01
mbam-log-2014-01-08 (14-45-01).txt
Scan type: Volledige scan (C:\|D:\|F:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 554306
Verstreken tijd: 2 uur/uren, 57 minuut/minuten, 35 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 1
HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252} (PUP.Optional.GreatSaver.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.GreatSaver.A) -> Slecht: (c:\progra~1\gs-ena~1\assist~1.dll) Goed: () -> Succesvol in quarantaine geplaatst en gerepareerd.
Mappen gedetecteerd: 2
C:\Documents and Settings\Barbie\Application Data\newnext.me (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Application Data\newnext.me\cache (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
Bestanden gedetecteerd: 19
C:\Documents and Settings\Barbie\Local Settings\temp\fullpackage_temp1389184756\Baofeng.exe (PUP.Optional.NationZoom.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\fullpackage_temp1389184756\tmp\desk365.exe (PUP.Optional.Desk365.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Local Settings\temp\{B896F875-49C0-4ECC-AC27-01E26375DA83}\Addons\OptimizerProInstaller.exe (PUP.Optional.OptimizerPro.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Registry%20Reviver%203.0.1.142%20Includes%20Crack%20x32%2Fx64%20Bit%20%5BNaptrap%5D.exe (PUP.Optional.InstalleRex) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Registry_Reviver_2.1.648(1).exe (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Mijn documenten\Downloads\Registry_Reviver_2.1.648.exe (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Documents and Settings\All Users\Application Data\WPM\wprotectmanager.exe.vir (PUP.Optional.WpManager.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProReminder.exe.vir (PUP.Optional.OptimizerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptimizerPro.exe.vir (PUP.Optional.OptimizerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProGuard.exe.vir (PUP.Optional.OptimizerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProSchedule.exe.vir (PUP.Optional.OptimizerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProSmartScan.exe.vir (PUP.Optional.OptimizerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\AdwCleaner\Quarantine\C\Program Files\optimizer pro\OptProStart.exe.vir (PUP.Optional.OptimizerPro) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Program Files\GS-Enabler\Assistant.dll (PUP.Optional.GreatSaver.A) -> Zal worden verwijderd tijdens het herstarten.
C:\Program Files\GS-Enabler\AssistantSvc.dll (PUP.Optional.GreatSaver.A) -> Zal worden verwijderd tijdens het herstarten.
C:\Documents and Settings\Barbie\SendTo\Desk 365.lnk (PUP.Optional.Desk365.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Application Data\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Application Data\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
C:\Documents and Settings\Barbie\Application Data\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Succesvol in quarantaine geplaatst en verwijderd.
(einde)
Gr,
D. Bank
-
Voor de opdracht sfc /scannow is een koppeling met een programma niet nodig. Dit is een DOS-opdracht en geen klassieke opdracht (zoals bvb. wanneer je een .exe-bestand zou gebruiken). In het geval van een klassieke opdracht is de koppeling met een programma wel noodzakelijk. Gaat deze melding wel degelijk over sfc /scannow ? Of is er nog een bijkomende aanduiding die zou kunnen verwijzen naar een ander programma of bestand ?
Indien het openen van een aantal programma's weer lukt, lijkt het er sterk op dat de koppeling met .exe-bestanden is hersteld. Laat anders Malwarebytes nu eens scannen en hang het logje in een volgende bericht. Kunnen we eens bekijken of dit iets oplevert ?
de melding als ik sfc /scannow invoer klopt echt, hij heeft het over mapopties etc, zie eerder bericht. Gisteravond heb ik via start opdrachtpromt het toch voorelkaar gekregen om sfc /scannow uit te voeren, er werd gevraagd om de xp cd op te starten. Dit heb ik gedaan alleen toen de scan klaar was kreeg ik geen melding meer wat verder te doen, of zijn de fouten dan al hersteld ? en hoef ik niets meer te doen. Ik ben nu een malware bite scan aan het uitvoeren, als de scan klaar is verwijder ik de rotzooi ( hij heeft er al 14 gevonden) em stuur ik je het logje toe.
D. Bank
-
Bij het scannen met sfc /scannow wordt (normaal) naar het inbrengen van de CD gevraagd. De ontbrekende gegevens worden dan van de CD gehaald en toegevoegd aan de bestaande Windows-installatie.
Ik heb het geprobeert met cd maar het lukt niet, wat wel weer lukt is het openen van malware bites en nog een paar andere programma's.
Maar wat mij vraag is :
Als ik sfc /scannnow intoets bij uitvoeren krijg ik de volgende melding:
Er is voor deze bewerking geen programma aan het opgegeven bestand gekoppeld. Maak een koppeling via het onderdeel mapopties van het configuratiescherm.
Mijn vraag is kun je iets met deze informatie en wat te doen. Er is dus een probleem met een koppeling hoe herstel je dit? handmatig misschien, maar ik weet niet hoe. Er moet iets gebeuren in het onderdeel mapopties.
D. bank
-
En dus via de CD niet enkel de fouten in de oude XP verbeterd ?
ik heb alleen de xp cd op de computer opgeslagen, maar niet de fouten verbeterd. Hoe moet ik die fouten dan verbeteren, moet ik dan een bepaalde map aanklikken om de fouten te verbeteren. De opgeslagen mappen van de cd xp hebben de volgende mappen:
1 Docs
2 I386
3 Support
4 Valuedd
5 Autorun
6 Bootfont
7 Leesmij
8 Setup
9 Win51
10 Win51ip
-
Heb je die XP volledig nieuw opgeslagen of de CD enkel gebruikt om de fouten te herstellen ?
Ik heb de xp cd volledig opgeslagen, er staan volgens mij zo'n 6 mappen op
)
Printer HP PSC 1215 All in One werkt niet meer
in Archief Hardware algemeen
Geplaatst:
Ik heb het icoontjes van de printer verwijderd in het configuratie scherm. Als ik bij zoek in het start menu het type van mijn printer intik komt er wel een map tevoorschijn, dus er moet nog wel iets van de printer op mijn computer staan.