Ga naar inhoud

Citadel virus


Aanbevolen berichten


We zullen eerst eens nagaan of malware of virussen de oorzaak zijn van je probleem.

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.


2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)


3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 0:35:17, on 21/02/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16482)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe

C:\Users\Eigenaar\Downloads\HijackThis.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = blekko | spam-free search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: QWBandToolBar - {8270927A-FB8B-4647-8E21-C9459BB2610D} - C:\Program Files (x86)\BAB6FA9988914AEE8B74BE5839F8D58A\QWS.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O3 - Toolbar: QWBandToolBar - {8270927A-FB8B-4647-8E21-C9459BB2610D} - C:\Program Files (x86)\BAB6FA9988914AEE8B74BE5839F8D58A\QWS.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: *.qword.com

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kaseya Agent (KAERSYS909995750701040) - Kaseya International Limited - C:\Program Files (x86)\Kaseya\Agent\AgentMon.exe

O23 - Service: Kaseya Security Service (KaseyaAVService) - Unknown owner - C:\Program Files (x86)\Kaseya\Agent\KasAVSrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11837 bytes

Link naar reactie
Delen op andere sites


Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = blekko | spam-free search

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O2 - BHO: QWBandToolBar - {8270927A-FB8B-4647-8E21-C9459BB2610D} - C:\Program Files (x86)\BAB6FA9988914AEE8B74BE5839F8D58A\QWS.dll

O3 - Toolbar: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O3 - Toolbar: QWBandToolBar - {8270927A-FB8B-4647-8E21-C9459BB2610D} - C:\Program Files (x86)\BAB6FA9988914AEE8B74BE5839F8D58A\QWS.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O15 - Trusted Zone: *.qword.com

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download MBAM (Malwarebytes Anti-Malware)

Dubbelklik op mbam-setup.exe om het programma te installeren.

Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".

Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.

Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.

Het scannen kan een tijdje duren, dus wees geduldig.

Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.

Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.

Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.

MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.

Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

Plak de inhoud van het logje in je volgende bericht, samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites

Beste kape; hier onder is de inhoud van het logje van MBAM en een nieuw logje van hijackthis

De raport van Malwarebytes Anti – Malware

Malwarebytes Anti-Malware (-evaluatieversie-) 1.70.0.1100

www.malwarebytes.org

Databaseversie: v2013.02.21.09

Windows 8 x64 NTFS

Internet Explorer 10.0.9200.16484

Eigenaar :: PC_VAN_EIGENAAR [administrator]

Bescherming: Ingeschakeld

21/02/2013 20:46:41

mbam-log-2013-02-21 (20-46-41).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 259193

Verstreken tijd: 1 minuut/minuten, 23 seconde(n)

Geheugenprocessen gedetecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 8

HKCR\CLSID\{8270927A-FB8B-4647-8E21-C9459BB2610D} (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\TypeLib\{83C02F52-352E-4D97-BCED-E6B61C924811} (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\Interface\{5C399D68-4C65-41C0-95DD-34C0E711E49F} (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\QWS.QWBand.1 (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCR\QWS.QWBand (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8270927A-FB8B-4647-8E21-C9459BB2610D} (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8270927A-FB8B-4647-8E21-C9459BB2610D} (Adware.QWO) -> Zal worden verwijderd tijdens het herstarten.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8270927A-FB8B-4647-8E21-C9459BB2610D} (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 2

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{8270927A-FB8B-4647-8E21-C9459BB2610D} (Adware.QWO) -> Data: QWBandToolBar -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8270927A-FB8B-4647-8E21-C9459BB2610D} (Adware.QWO) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 1

C:\Program Files (x86)\BAB6FA9988914AEE8B74BE5839F8D58A\QWS.dll (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.

(einde)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:24:09, on 21/02/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16482)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe

C:\Users\Eigenaar\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll

O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" –launchedbylogin

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kaseya Agent (KAERSYS909995750701040) - Kaseya International Limited - C:\Program Files (x86)\Kaseya\Agent\AgentMon.exe

O23 - Service: Kaseya Security Service (KaseyaAVService) - Unknown owner - C:\Program Files (x86)\Kaseya\Agent\KasAVSrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

-End of file - 12048 bytes bedankt en groetjes Srija Linna NB. Is het ook nodig Hitman-Pro te downloaden en te installeren voor dat ik HijackThis begin?

Link naar reactie
Delen op andere sites

Ga naar Start - Alle programma's - Bureauaccesoires.

Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor “uitvoeren als administrator” om het opdrachtprompt te openen.

Tik in: sc stop BrowserProtect en druk op Enter.

Tik in: sc delete BrowserProtect en druk op Enter.

Tik in exit en druk Enter.

Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll

O3 - Toolbar: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll

O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  • Vink nu de onderstaande opties aan.

    • Standard Search
    • Auto Clean
    • Running processes
    • Empty All Temp
    • Recently Created
    • Firefox Look
    • Chrome Look
    • Installed Programs
    • Firefox Defaults
    • IE Defaults
    • Startup Info
    • Reset Chrome

    [*] Klik nu op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

aangepast door kape
foutje in opdracht verwijderd
Link naar reactie
Delen op andere sites


Beste Kape; Wat bedoelt je " kopieer nu onderstaande code en plak die in de invulvenster", ik heb geen code gezien. verder hier het geopende logje van zoek exe.= is het juist zo?

Zoek.exe Version 4.0.0.1 Updated 18-02-2013

Tool run by Eigenaar on vr 22/02/2013 at 13:28:13,31.

Microsoft Windows 8 Pro 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\wininit.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\nvvsvc.exe

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\WINDOWS\system32\nvvsvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\WINDOWS\system32\taskhostex.exe

C:\WINDOWS\system32\svchost.exe -k apphost

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Microsoft LifeCam\MSCamS64.exe

C:\WINDOWS\system32\mqsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\WINDOWS\system32\svchost.exe -k iissvcs

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

C:\WINDOWS\system32\SearchIndexer.exe

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\taskhost.exe

C:\WINDOWS\system32\svchost.exe -k SDRSVC

C:\Windows\System32\RuntimeBroker.exe

C:\WINDOWS\system32\taskeng.exe

C:\Users\Eigenaar\Downloads\zoek.exe

C:\WINDOWS\system32\conhost.exe

==== Installed Programs ======================

@C:\\Program Files (x86)\\Windows Live Safety Center\\wlschost.mui,-1

Adobe AIR

Adobe Download Assistant

Adobe Flash Player 11 Plugin

Adobe Photoshop CS5 13

Adobe Photoshop CS6

Adobe Reader 9.5.3 - Nederlands

Adobe Shockwave Player 11.6

Agatha Christie - Death on the Nile

Apple Application Support

Apple Software Update

AVG 8.5

Bejeweled 2 Deluxe

Bejeweled Twist

Blasterball 3

BrowserProtect

Build-a-lot 2

Chocolatier

Chuzzle Deluxe

Compatibiliteitspakket voor het 2007 Microsoft Office system

CyberLink DVD Suite Deluxe

D3DX10

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Delta Chrome Toolbar

Delta toolbar

Diner Dash

Diner Dash 2 Restaurant Rescue

DirectX for Managed Code Update (Summer 2004)

erLT

Farm Frenzy

FATE

FATE Undiscovered Realms

Garmin Communicator Plugin

Garmin Lifetime Updater

Garmin MapSource

Garmin USB Drivers

Google Earth

Google Update Helper

HEMA Fotoservice

Home'Bank Light 3.3.3

HP Active Support Library

HP Advisor

HP Customer Experience Enhancements

HP Game Console

HP Games

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP Odometer

HP Picasso Media Center Add-In

HP Product Detection

HP Recovery Manager RSS

HP Support Information

HP Total Care Setup

HP Update

Insaniquarium Deluxe

Java 7 Update 11

Java Auto Updater

Java SE Development Kit 7 Update 9

JavaFX 2.1.1

Jewel Quest 3

Junk Mail filter update

Kaseya Agent (pc_van_eigenaar.heusden.cf2009.hs - ivita2.eurosys.be)

LightScribe System Software

Logitech SetPoint

Magic Academy

Magic Desktop

Mah Jong Quest

Mahjongg Artifacts

Malwarebytes Anti-Malware versie 1.70.0.1100

Mesh Runtime

Messenger Companion

Microsoft Corporation

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (Dutch) 2010

Microsoft Office Excel MUI (Dutch) 2010

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2010

Microsoft Office InfoPath MUI (Dutch) 2010

Microsoft Office Live Add-in 1.5

Microsoft Office OneNote MUI (Dutch) 2010

Microsoft Office Outlook MUI (Dutch) 2010

Microsoft Office PowerPoint MUI (Dutch) 2010

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Office Professional Plus 2010

Microsoft Office Proof (Dutch) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proofing (Dutch) 2010

Microsoft Office Publisher MUI (Dutch) 2010

Microsoft Office Shared MUI (Dutch) 2010

Microsoft Office Word MUI (Dutch) 2010

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft_VC80_CRT_x86

Microsoft_VC90_CRT_x86

Mozilla Firefox 18.0.2 (x86 nl)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Netlog 24

NVIDIA 3D Vision Controller Driver

NVIDIA PhysX

PDF Settings CS6

Peggle Nights

Penguins

PIXresizer 2.0.3

Polar Bowler

Polar Golfer Pineapple Cup

Polar Pool

PowerDirector

Realtek Ethernet Controller Driver

Realtek High Definition Audio Driver

Revo Uninstaller 1.94

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition

Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition

Skype Click to Call

SkypeT 6.1

Slingo Deluxe

sp44407

Spelling Dictionaries Support For Adobe Reader 9

StoneLoops of Jurassica

Switch Sound File Converter

swMSM

TomTom HOME

TomTom HOME Visual Studio Merge Modules

Tradewinds - Caravans

Turbo Pizza

Uninstall 1.0.0.1

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition

Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition

Verbeterde multimedia toetsenbordoplossing

Virtual Villagers - A New Home

Virtual Villagers - The Secret City

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2008 x64 Redistributables

WavePad Sound Editor

Wedding Dash

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen

Windows Live Mesh

Windows Live Messenger

Windows Live Messenger Companion Core

Windows Live Movie Maker

Windows Live OneCare safety scanner

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Wise Disk Cleaner 7.69

Wise Registry Cleaner 7.54

Zuma Deluxe

==== FireFox Fix ======================

Deleted from C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\4bzdcsof.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\4bzdcsof.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== System Specs ======================

Windows: Windows Version 6.2 (Build 9200)

Internet Explorer: 9.10.9200.16484

Memory (RAM): 6144 MB

CPU Info: Intel® Core2 Quad CPU Q8200 @ 2.33GHz

CPU Speed: 2331,1 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

Display Adapters: NVIDIA GeForce G210 | NVIDIA GeForce G210

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1280 X 720 - 32 bit

Network: Network Present

Network Adapters: Realtek PCIe GBE Family-controller

CD / DVD Drives: 1x (E: | ) E: ATAPI DVD A DH16AAL

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 8 Button Wheel Mouse Present

Hard Disks: C: 915,7GB | D: 15,8GB

Hard Disks - Free: C: 797,0GB | D: 2,2GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 07/06/09 | HPQOEM - 20090706

Time Zone: Romance (standaardtijd)

Motherboard *: PEGATRON CORPORATION Eureka3

Sun Java version: 1.7.0_11

Country: Belgi‰

Language: NLB

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2013-02-08 09:59:27 10BBA7938E28716B96F79DE54BE04CFC 883712 ----a-w- C:\WINDOWS\HelpPane.exe

2013-02-08 09:58:09 E13A31D5254C25406A7946BDD9B06364 2380944 ----a-w- C:\WINDOWS\explorer.exe

2013-02-01 13:19:36 D67224440BD9237634871CCA92E8E009 36198 ----a-w- C:\WINDOWS\diagwrn.xml

2013-02-01 13:19:36 D67224440BD9237634871CCA92E8E009 36198 ----a-w- C:\WINDOWS\diagerr.xml

====== C:\Users\Eigenaar\AppData\Local\Temp ====

====== C:\WINDOWS\SysWOW64 =====

2013-02-17 12:51:06 F1361853DCE62DA4540B5CFC072F7CB0 1437696 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll

2013-02-16 11:42:12 BCAB91AF8542D6C82A22732C172DE2DB 17560576 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll

2013-02-16 11:42:12 8515F96E2188A98F42C4D906ED787849 1611776 ----a-w- C:\WINDOWS\SysWOW64\mmc.exe

2013-02-16 11:42:09 1E0DFBB85EA37AB2BA780EA9AB522026 1752064 ----a-w- C:\WINDOWS\SysWOW64\setupapi.dll

2013-02-16 11:42:08 DDD21E285B040AA84BE5EFC6AE3115E1 582144 ----a-w- C:\WINDOWS\SysWOW64\gpprefcl.dll

2013-02-16 11:42:05 84BD45C2D0D582A7F3AA1C0D99D5C36D 202752 ----a-w- C:\WINDOWS\SysWOW64\srmstormod.dll

2013-02-16 11:42:03 B912EF528793F47E59A4E831821D177A 410624 ----a-w- C:\WINDOWS\SysWOW64\Windows.Networking.dll

2013-02-16 11:42:03 B333AC31035042FA1869B79A8BE41469 890880 ----a-w- C:\WINDOWS\SysWOW64\msctf.dll

2013-02-16 11:42:02 E96DC59126525C543CD16A2B19B00373 83968 ----a-w- C:\WINDOWS\SysWOW64\wiaacmgr.exe

2013-02-16 11:42:02 C4EF58B96A3DF00A2F4E8662C8741F2A 261120 ----a-w- C:\WINDOWS\SysWOW64\Windows.Media.dll

2013-02-16 11:42:02 6EAEB51D664FEBA37E2066695446978D 436736 ----a-w- C:\WINDOWS\SysWOW64\MP4SDECD.DLL

2013-02-16 11:42:01 EAD9FCB0370362D84FFE79393B9B2B72 115712 ----a-w- C:\WINDOWS\SysWOW64\netprofm.dll

2013-02-16 11:42:01 AE98CFB98E2A8AAD960D08FE2DA28125 67584 ----a-w- C:\WINDOWS\SysWOW64\samlib.dll

2013-02-16 11:42:01 69DF9E1B94CAAF03FABF7819B72BBAA7 278528 ----a-w- C:\WINDOWS\SysWOW64\srm.dll

2013-02-13 14:47:54 5F0C892688E48610D097945E3D529B22 14326784 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

2013-02-13 14:47:53 2E8D3AC86E68F8C08B44DF46585F6BFF 1689600 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll

2013-02-13 14:47:50 E12E86E54E00B36A70081E9A8DC6A5FC 13740032 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll

2013-02-13 14:47:48 E4ED4BC8759829BCEB9CE9CA88A64784 1775616 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll

2013-02-13 14:47:48 0296CECDD7F61A4B92819797D14D5A83 1137664 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll

2013-02-13 14:47:46 9FBA08FAF357A81AD634DB7451223AEF 109056 ----a-w- C:\WINDOWS\SysWOW64\iesysprep.dll

2013-02-13 14:47:46 8F873F084FE66CC8E51213BC84851FFD 2881536 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll

2013-02-13 14:47:46 729ECBDF1068D470D28824F404FFA0FF 493056 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll

2013-02-13 14:47:45 E887EC07CC55775D40411464AD38C681 690688 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll

2013-02-13 14:47:43 6236652EB4141017467057BBFDF487E6 44032 ----a-w- C:\WINDOWS\SysWOW64\UXInit.dll

2013-02-13 14:47:43 1E8549E10F107F0A34AE0A5467A4EE9A 33280 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll

2013-02-13 14:47:42 BE25D0C01B88DC3F308B59FC5C8DF65A 534528 ----a-w- C:\WINDOWS\SysWOW64\uxtheme.dll

2013-02-13 14:47:42 22921396AB06C926366594526A902093 2706432 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb

2013-02-13 14:47:42 0AA39A8B164EDE38EEEE7CE78F77AF9A 61440 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll

2013-02-09 11:44:19 811F6C4F4D37A21BAB35CB78C6F69E2F 78176 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2013-02-09 11:44:19 7E1F7B496B4F0C0C1561E8B80D1554EB 692576 ----a-w- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2013-02-20 20:23:08 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\WINDOWS\Sysnative\bootdelete.exe

2013-02-20 20:23:07 6C5CC1ACB17E78684A8DACA28075B5FA 43782 ----a-w- C:\WINDOWS\Sysnative\bootdelete.lst

2013-02-19 11:32:46 C7C87D2729D07591D15C8F5793B369D9 5077592 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT

2013-02-17 12:51:07 77BA3F9A5E0D3BA8657F14767CC5706D 1690624 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll

2013-02-16 11:42:14 65572D70EB8839462278989E25A37C98 19791360 ----a-w- C:\WINDOWS\Sysnative\shell32.dll

2013-02-16 11:42:13 B330CE47FB74A6BE9A3FFFF4B3F64D9B 1964544 ----a-w- C:\WINDOWS\Sysnative\wlidsvc.dll

2013-02-16 11:42:13 6DAA6F4B2ABC3B53A846D3FDD9D79D3E 820736 ----a-w- C:\WINDOWS\Sysnative\gpprefcl.dll

2013-02-16 11:42:13 173FCB500DEC33373FA6DBA6EA8A11DA 2094592 ----a-w- C:\WINDOWS\Sysnative\mmc.exe

2013-02-16 11:42:11 F9D9FAA0E2460EDA807C32391E5B6DAE 1120768 ----a-w- C:\WINDOWS\Sysnative\msctf.dll

2013-02-16 11:42:11 C166E3CD90AB0781ECDF10EC765B083A 464384 ----a-w- C:\WINDOWS\Sysnative\netprofmsvc.dll

2013-02-16 11:42:11 580B1F9299F474C5ECF616D9AF77BD97 274432 ----a-w- C:\WINDOWS\Sysnative\srmstormod.dll

2013-02-16 11:42:09 A57BA284F5996FFD32DCDBC41A4657DB 438272 ----a-w- C:\WINDOWS\Sysnative\lsm.dll

2013-02-16 11:42:09 7653DB77F0DB2A50392F015321E42E37 1886208 ----a-w- C:\WINDOWS\Sysnative\setupapi.dll

2013-02-16 11:42:09 60CAB7E74DCE70EE38B810E36756360D 406016 ----a-w- C:\WINDOWS\Sysnative\Windows.Media.dll

2013-02-16 11:42:08 C217B8D2E58C57A319B16125C3D4B69C 894464 ----a-w- C:\WINDOWS\Sysnative\iphlpsvc.dll

2013-02-16 11:42:03 E57756F3A0B90E665FCE4527104C2D1D 666112 ----a-w- C:\WINDOWS\Sysnative\MP4SDECD.DLL

2013-02-16 11:42:03 A9183C3BA3759453F4DEF922F9500078 594944 ----a-w- C:\WINDOWS\Sysnative\Windows.Networking.dll

2013-02-16 11:42:03 79FE8418CD57C9E2BDDC2FB0CC2BFB05 728064 ----a-w- C:\WINDOWS\Sysnative\samsrv.dll

2013-02-16 11:42:03 644F1A561B82F670A7A9A613FA8C462B 159232 ----a-w- C:\WINDOWS\Sysnative\inetpp.dll

2013-02-16 11:42:02 B852BB8E1D0902064346A09A7B32FC17 256000 ----a-w- C:\WINDOWS\Sysnative\WSDMon.dll

2013-02-16 11:42:02 8BD33FC2A78607E00D012D550C0E2E69 171520 ----a-w- C:\WINDOWS\Sysnative\ncbservice.dll

2013-02-16 11:42:02 6927AFA68FBD3047A29C9B324272A783 95232 ----a-w- C:\WINDOWS\Sysnative\wiaacmgr.exe

2013-02-16 11:42:02 104BA949E64659ED6B8D23BA08299F55 107520 ----a-w- C:\WINDOWS\Sysnative\httpprxm.dll

2013-02-16 11:42:02 0E2BB2E43DCCE4ED986BF3B8641DFC08 62464 ----a-w- C:\WINDOWS\Sysnative\adhsvc.dll

2013-02-16 11:42:01 D87775F050DD29AADDF479F5C17E4200 22528 ----a-w- C:\WINDOWS\Sysnative\adhapi.dll

2013-02-16 11:42:01 84A464F9BFF154CD560370B515E308AB 151040 ----a-w- C:\WINDOWS\Sysnative\netprofm.dll

2013-02-16 11:42:01 722AD253B1F2697D9D5D0E5347952375 15872 ----a-w- C:\WINDOWS\Sysnative\keepaliveprovider.dll

2013-02-16 11:42:01 6E095338E8F617C4A735FF617CB2B0C6 279040 ----a-w- C:\WINDOWS\Sysnative\srm.dll

2013-02-16 11:42:01 5AACB04BA3A0DB236EA8D510A66F5E26 17920 ----a-w- C:\WINDOWS\Sysnative\httpprxp.dll

2013-02-16 11:42:01 4CA4361F9C6FA21B65821AD74D0CD081 386577 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml

2013-02-13 14:48:16 AAF79606645C4D72B47074A0FB597677 4055552 ----a-w- C:\WINDOWS\Sysnative\win32k.sys

2013-02-13 14:48:01 F50679A98254BF2430237CC570257DCA 6967016 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe

2013-02-13 14:47:57 A7718282B8E701F4FF5AE2CEC55F9E31 19442688 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

2013-02-13 14:47:53 1ED1CC6DDF3CB9EB18775DB66F22A6B1 15417856 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll

2013-02-13 14:47:48 E4D6C2284A861B9E6100AAA8849B6157 3966464 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll

2013-02-13 14:47:48 DC537ED95888E71BA92ED8D9422188BA 2165760 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll

2013-02-13 14:47:47 BDE820861D8107C67E182DF66A27074F 2246656 ----a-w- C:\WINDOWS\Sysnative\wininet.dll

2013-02-13 14:47:47 655214D37BD8E38CFC48B7AA24CB95DB 603136 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll

2013-02-13 14:47:47 05C53C1F84F12FBBF5E779963D6756DE 1351168 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll

2013-02-13 14:47:46 CDE105E44DB12F536B05086EA1054555 907776 ----a-w- C:\WINDOWS\Sysnative\uxtheme.dll

2013-02-13 14:47:45 CD2BAFD85C41E457FCD636FC1A90633A 136704 ----a-w- C:\WINDOWS\Sysnative\iesysprep.dll

2013-02-13 14:47:44 C72C6CB9BC9AECECE67F78D0DE39DC8E 854528 ----a-w- C:\WINDOWS\Sysnative\jscript.dll

2013-02-13 14:47:43 73BC115720CB5D6F2FF0F7B4A9C58DF1 53760 ----a-w- C:\WINDOWS\Sysnative\UXInit.dll

2013-02-13 14:47:43 5A4AC4D144C33947CD9234C51ABDD3CB 50688 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe

2013-02-13 14:47:41 3E56860C3490630B2C9FD5398C10D2E8 2706432 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb

====== C:\WINDOWS\Sysnative\drivers =====

2013-02-16 11:42:12 ED120AA770A78B5079F8C7BB5AF8A035 1448168 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys

2013-02-16 11:42:12 11D7A4A4A1DA60F394F53B413DCDF0DE 1934056 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys

2013-02-16 11:42:08 D6ACCF9F2EEEEA711C14EFD976E573F3 91880 ----a-w- C:\WINDOWS\Sysnative\drivers\partmgr.sys

2013-02-16 11:42:08 C32A7A39B960A42BA9D4FBE47213CA03 28904 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpiowin32.sys

2013-02-16 11:42:08 2ADC985B85A71BD7D99712EC0C24358B 785504 ----a-w- C:\WINDOWS\Sysnative\drivers\Wdf01000.sys

2013-02-16 11:42:04 C66EF7F7E4BA6FB0DF62AA85D33020DC 124648 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys

2013-02-16 11:42:04 28619B6E5A37F71AE1145643949CFA60 303848 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys

2013-02-16 11:42:03 12F06525912BBEF67837DE47D87C60A9 194280 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys

2013-02-13 15:46:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_LocationProvider_01_11_00.Wdf

2013-02-13 14:47:59 D192288CE5FB395F0BBAFDD1A8B5285D 2226408 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys

2013-02-08 09:59:53 FBB6794E3BBAD92D66D59D206C1F849F 496872 ----a-w- C:\WINDOWS\Sysnative\drivers\usbhub.sys

2013-02-08 09:59:53 D25EF4A6EC244C5DE85D88A05B7C149D 32256 ----a-w- C:\WINDOWS\Sysnative\drivers\usbuhci.sys

2013-02-08 09:59:53 CC4A07E51D89575CAB6F4EB590D87CD4 39936 ----a-w- C:\WINDOWS\Sysnative\drivers\hidi2c.sys

2013-02-08 09:59:53 771BE60F1899D8E43CF563162A8A2FBB 83456 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys

2013-02-08 09:59:53 52F267AEE8CA5AA5CEB88C6A71EE1E86 79080 ----a-w- C:\WINDOWS\Sysnative\drivers\usbehci.sys

2013-02-08 09:59:53 3FA129BFC7808A2BB7681BEAF339FACD 21736 ----a-w- C:\WINDOWS\Sysnative\drivers\usbd.sys

2013-02-08 09:59:53 325F6179009B5A7F6118951A5BA422AB 27136 ----a-w- C:\WINDOWS\Sysnative\drivers\usbohci.sys

2013-02-08 09:59:53 169629C36CB835A36E23BBC37664401E 488168 ----a-w- C:\WINDOWS\Sysnative\drivers\usbport.sys

2013-02-08 09:59:28 877D60D6E4156EC4A2E0B6871D41BED9 366080 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb.sys

2013-02-08 09:59:26 E078446D4B8622AA6030C7B8A1A08962 212992 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys

2013-02-08 09:59:24 EF9B4F3136B4C45F421ADE6871659FB6 69864 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys

2013-02-08 09:59:24 B7A948501424805571BF562BB0BFE31D 445160 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS

2013-02-08 09:59:22 29CB98187BB5711F7759540976D295FC 859136 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys

2013-02-08 09:59:20 69C8BF0BC2B0EA10F130F4D3104DC2EF 277736 ----a-w- C:\WINDOWS\Sysnative\drivers\msiscsi.sys

2013-02-08 09:59:20 36D6A3201721558A8AFBCC09C2DA4C2C 560640 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys

2013-02-08 09:59:14 DD979EB6A7212F60E4AFBE96EDC7AE6D 87552 ----a-w- C:\WINDOWS\Sysnative\drivers\processr.sys

2013-02-08 09:59:13 E15CDF68DD73423F15D4AC404793AF0D 89088 ----a-w- C:\WINDOWS\Sysnative\drivers\intelppm.sys

2013-02-08 09:59:13 B849D453E644FAB9BC8EF6DC8CA9C4C6 88064 ----a-w- C:\WINDOWS\Sysnative\drivers\amdppm.sys

2013-02-08 09:59:13 A969D92973DFA895E7776B4BFE36DBB2 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\fxppm.sys

2013-02-08 09:59:13 5A81054B824004B1ECC04F0034A1CDF9 90624 ----a-w- C:\WINDOWS\Sysnative\drivers\amdk8.sys

2013-02-08 09:58:50 C2106BB710AA34A046126AED7BCA6964 618496 ----a-w- C:\WINDOWS\Sysnative\drivers\srv2.sys

2013-02-08 09:58:02 0F89AE618DBA5D8AB7A2DFCC375F4159 1001192 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys

2013-02-08 09:58:01 D10DAEA91AA8412A323DB8EADA23768A 286208 ----a-w- C:\WINDOWS\Sysnative\drivers\portcls.sys

2013-02-08 09:58:01 8379D073110F059415B90B7CDCAF836A 441576 ----a-w- C:\WINDOWS\Sysnative\drivers\netio.sys

2013-02-08 09:58:00 C4D01BD86D6B207275FC143EEA951D75 58088 ----a-w- C:\WINDOWS\Sysnative\drivers\dam.sys

2013-02-08 09:58:00 5A7D11E36533429F64D2CDD54F4ED487 336104 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys

2013-02-08 09:57:57 BB107AA9980B0DA4E19A3A90C3BD4460 56552 ----a-w- C:\WINDOWS\Sysnative\drivers\sdstor.sys

2013-02-08 09:57:57 04F5D7396FE6414150FEEDB60FDAC670 33512 ----a-w- C:\WINDOWS\Sysnative\drivers\battc.sys

2013-02-08 09:57:55 E708BFF0473EC6B271EA46B65B16CA56 562392 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys

2013-02-08 09:57:55 127FB0AAD232BAAD2C9BBACD374F4FC5 172264 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys

2013-02-08 09:57:54 A9858597B6DB695F78A37F6755A6FF98 43008 ----a-w- C:\WINDOWS\Sysnative\drivers\usbscan.sys

2013-02-08 09:57:41 946ECE07334A74373FAFBFAA063E62F2 111616 ----a-w- C:\WINDOWS\Sysnative\drivers\drmk.sys

2013-02-08 09:57:40 9C7C183F937951AE17C5B8B3259CF3FF 5632 ----a-w- C:\WINDOWS\Sysnative\drivers\drmkaud.sys

2013-02-08 09:57:40 0D1609DD82C7440F5D5BF21A9D4D5C0C 74752 ----a-w- C:\WINDOWS\Sysnative\drivers\mpsdrv.sys

2013-02-08 09:57:15 57F4787E4602A3FCA719C0A33137C6DA 27880 ----a-w- C:\WINDOWS\Sysnative\drivers\rdpvideominiport.sys

2013-02-08 09:57:15 117AB365D2385D9BCCF946662424B526 329960 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys

2013-02-08 09:57:13 DCB4EBD928A6FB368BE6CAE522412DE1 29952 ----a-w- C:\WINDOWS\Sysnative\drivers\BthhfHid.sys

2013-02-08 09:57:13 3AA4309EBD9491E516F13FE3DC752FEE 31104 ----a-w- C:\WINDOWS\Sysnative\drivers\BthAvrcpTg.sys

2013-02-08 09:57:13 1CD7C6C5B2CA70AD9589FBE166CDBE61 18432 ----a-w- C:\WINDOWS\Sysnative\drivers\BtaMPM.sys

2013-02-08 09:56:35 5AB97B3282D7D6114949D1EB5C8598E4 3265256 ----a-w- C:\WINDOWS\Sysnative\drivers\evbda.sys

2013-02-08 09:56:19 87AB5BB072A3F128541D5B815F82FFDD 533224 ----a-w- C:\WINDOWS\Sysnative\drivers\bxvbda.sys

2013-02-08 09:56:02 F2C69C3D98249DE14D4B2832516D4FD5 571392 ----a-w- C:\WINDOWS\Sysnative\drivers\csc.sys

2013-02-08 09:55:58 9CD4259AD15F84DE27B94A956C978D6C 337128 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS

2013-02-08 09:55:58 975AABEB243B800C23626D6B652C5A9C 425192 ----a-w- C:\WINDOWS\Sysnative\drivers\acpi.sys

2013-02-08 09:55:51 CA18ECFCFFDD638ECE80799A9056B238 120040 ----a-w- C:\WINDOWS\Sysnative\drivers\msgpioclx.sys

2013-02-08 09:55:50 FA228F4BB10DC7ED7E7D131C034E2331 465128 ----a-w- C:\WINDOWS\Sysnative\drivers\fvevol.sys

2013-02-08 09:55:46 CB9EAD11F3312C77CE9B7F29B59C3A39 62488 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpfve.sys

2013-02-08 09:55:46 B44EFE254C0B3719E4037088D24FE4B5 148712 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys

2013-02-08 09:55:46 853F24FD0379C2A3804D7E437525E5B0 411880 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS

2013-02-08 09:55:45 1ED222DFE6C13DA50FE081ABF90CAFE1 212200 ----a-w- C:\WINDOWS\Sysnative\drivers\UCX01000.SYS

2013-02-08 09:55:42 DFA480F6DED551464F3A5B959F437800 100072 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecdd.sys

2013-02-08 09:55:27 BC8B5CB336E63BB25EAD1CE8EDD34B81 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\ws2ifsl.sys

2013-02-08 09:55:19 7D87B5B6C7188D553E11B59DC7F0B111 71168 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys

2013-02-08 09:55:18 CE6EBC0AD38CC6482D8FBB744FF15CE2 60416 ----a-w- C:\WINDOWS\Sysnative\drivers\ndproxy.sys

2013-02-08 09:55:18 7A6F8A6D0E01432EBA294EF29CDD0FA7 25088 ----a-w- C:\WINDOWS\Sysnative\drivers\ndistapi.sys

2013-02-08 09:55:18 6081CEC9EF9EB145D8B46655C7708D51 83456 ----a-w- C:\WINDOWS\Sysnative\drivers\wanarp.sys

2013-02-08 09:55:17 09799E701B4327097E9F63D3FE221083 210304 ----a-w- C:\WINDOWS\Sysnative\drivers\usbvideo.sys

2013-02-01 13:10:57 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-02-22 00:56:53 -------- d-----w- C:\Program Files\WinZip

2013-02-20 20:16:33 -------- d-----w- C:\Program Files\HitmanPro

2013-02-15 19:49:58 -------- d-----w- C:\Program Files\Enigma Software Group

2013-02-10 16:17:51 -------- d-----w- C:\Program Files\Adobe

2013-02-10 16:13:17 -------- d-----w- C:\Program Files\Common Files\Adobe

2013-02-10 15:45:17 -------- d-----w- C:\Program Files\Garmin GPS Plugin

2013-02-01 13:12:40 -------- d-----w- C:\Program Files\NVIDIA Corporation

2013-02-01 13:12:01 -------- d-----w- C:\Program Files\Realtek

2013-02-01 13:03:48 -------- d-----w- C:\Program Files\Reference Assemblies

2013-02-01 13:03:48 -------- d-----w- C:\Program Files\MSBuild

======= C:\Program Files (x86) =====

2013-02-16 00:05:13 -------- d-----w- C:\Program Files (x86)\Wise

2013-02-15 19:48:50 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2013-02-09 20:24:42 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2013-02-07 00:59:23 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service

2013-02-01 13:03:49 -------- d-----w- C:\Program Files (x86)\Reference Assemblies

2013-02-01 13:03:49 -------- d-----w- C:\Program Files (x86)\MSBuild

2013-01-29 13:29:10 -------- d-----w- C:\Program Files (x86)\Common Files\Skype

======= C: =====

2013-02-15 19:50:22 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

2013-01-31 14:42:20 93B885ADFE0DA089CDF634904FD59F71 1 --sha-w- C:\BOOTNXT

====== C:\Users\Eigenaar\AppData\Roaming ======

2013-02-22 12:30:03 -------- d-----w- C:\users\Eigenaar\AppData\Local\{868172C6-2157-473A-84F6-48A4E1527B51}

2013-02-22 00:57:35 -------- d-----w- C:\users\Eigenaar\AppData\Local\WinZip

2013-02-21 01:05:18 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\GoforFiles

2013-02-19 20:38:00 -------- d-----w- C:\users\Eigenaar\AppData\Local\Paint.NET

2013-02-19 20:36:36 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\IsolatedStorage

2013-02-19 20:36:29 -------- d-----w- C:\users\Eigenaar\AppData\Local\_

2013-02-16 00:09:08 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\Wise Registry Cleaner

2013-02-16 00:06:04 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\Wise Disk Cleaner

2013-02-10 22:53:36 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2013-02-10 21:06:53 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\NVIDIA

2013-02-09 22:57:52 -------- d-----w- C:\users\Eigenaar\AppData\Local\OOBE

2013-02-09 22:57:52 -------- d-----w- C:\users\Eigenaar\AppData\Local\Color

2013-02-09 22:57:10 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\SwitchBoard

2013-02-09 22:57:10 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\Extension Manager CS6

2013-02-09 22:57:10 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\ExtendScript Toolkit

2013-02-09 22:57:10 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\CS6ServiceManager

2013-02-09 22:57:10 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\Adobe QT32 Server

2013-02-09 22:57:10 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\Adobe Photoshop CS6

2013-02-09 20:26:09 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2013-02-01 14:03:29 -------- d-----w- C:\users\Eigenaar\AppData\Local\Packages

2013-02-01 13:53:29 -------- d-sh--we C:\users\Default\AppData\Local\Geschiedenis

2013-02-01 13:53:29 -------- d-sh--we C:\users\Default User\AppData\Local\Geschiedenis

2013-02-01 13:32:10 -------- d-----w- C:\users\Default\AppData\Roaming\TuneUp Software

2013-02-01 13:32:10 -------- d-----w- C:\users\Default\AppData\Roaming\Media Center Programs

2013-02-01 13:32:10 -------- d-----w- C:\users\Default\AppData\Local\Microsoft Help

2013-02-01 13:32:10 -------- d-----w- C:\users\Default User\AppData\Roaming\TuneUp Software

2013-02-01 13:32:10 -------- d-----w- C:\users\Default User\AppData\Roaming\Media Center Programs

2013-02-01 13:32:10 -------- d-----w- C:\users\Default User\AppData\Local\Microsoft Help

2013-02-01 13:19:33 -------- d-sh--we C:\users\Eigenaar\AppData\Local\Temporary Internet Files

2013-02-01 13:19:33 -------- d-sh--we C:\users\Eigenaar\AppData\Local\Geschiedenis

2013-02-01 13:19:33 -------- d-sh--we C:\users\Eigenaar\AppData\Local\Application Data

2013-02-01 13:19:32 -------- d-s---w- C:\users\Eigenaar\AppData\Roaming\Microsoft

2013-02-01 13:19:32 -------- d-----w- C:\users\Eigenaar\AppData\Local\Temp

2013-02-01 13:19:32 -------- d-----w- C:\users\Eigenaar\AppData\Local\Microsoft

2013-02-01 13:19:27 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Temporary Internet Files

2013-02-01 13:19:27 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Geschiedenis

2013-02-01 13:19:27 -------- d-sh--we C:\users\UpdatusUser\AppData\Local\Application Data

2013-02-01 13:19:26 -------- d-s---w- C:\users\UpdatusUser\AppData\Roaming\Microsoft

2013-02-01 13:19:26 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Temp

2013-02-01 13:19:26 -------- d-----w- C:\users\UpdatusUser\AppData\Local\Microsoft

2013-02-01 08:52:31 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\VSRevoGroup

2013-02-01 08:39:07 -------- d-----w- C:\users\Eigenaar\AppData\Local\CrashDumps

2013-01-31 12:55:48 -------- d-----w- C:\users\Eigenaar\AppData\Roaming\TuneUp Software

====== C:\Users\Eigenaar ======

2013-02-22 00:56:56 -------- d-----w- C:\ProgramData\WinZip

2013-02-20 20:13:48 -------- d-----w- C:\ProgramData\HitmanPro

2013-02-19 20:36:36 -------- d-----w- C:\ProgramData\IsolatedStorage

2013-02-10 22:03:14 -------- d-----w- C:\ProgramData\B1 Free Archiver

2013-02-10 16:07:42 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2013-02-09 22:57:52 -------- d-----w- C:\ProgramData\SLStore

2013-02-09 22:57:24 -------- d-----w- C:\ProgramData\CameraRaw

2013-02-09 22:57:24 -------- d-----w- C:\ProgramData\Adobe PDF

2013-02-09 22:57:10 -------- d-----w- C:\ProgramData\Extension Manager CS6

2013-02-07 01:10:40 -------- d-----w- C:\Users\Eigenaar\dwhelper

2013-02-01 14:03:29 -------- d-----w- C:\ProgramData\PRICache

2013-02-01 14:03:19 70F3B35C7754B71A347B43660D5C55ED 636 --sha-r- C:\Users\Eigenaar\ntuser.pol

2013-02-01 14:03:17 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Eigenaar\ntuser.ini

2013-02-01 13:53:29 -------- d-sh--we C:\Users\Default\Sjablonen

2013-02-01 13:53:29 -------- d-sh--we C:\Users\Default\Netwerkprinteromgeving

2013-02-01 13:53:29 -------- d-sh--we C:\Users\Default\Menu Start

2013-02-01 13:53:28 -------- d-sh--we C:\Users\Default\Mijn documenten

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Sjablonen

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\SendTo

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Recent

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Netwerkprinteromgeving

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\NetHood

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Mijn documenten

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Menu Start

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Local Settings

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Cookies

2013-02-01 13:19:33 -------- d-sh--we C:\Users\Eigenaar\Application Data

2013-02-01 13:19:32 -------- d--h--w- C:\Users\Eigenaar\AppData

2013-02-01 13:19:32 -------- d-----r- C:\Users\Eigenaar\Favorites

2013-02-01 13:19:32 -------- d-----r- C:\Users\Eigenaar\Desktop

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Sjablonen

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\SendTo

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Recent

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Netwerkprinteromgeving

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\NetHood

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Mijn documenten

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Menu Start

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Local Settings

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Cookies

2013-02-01 13:19:26 -------- d-sh--we C:\Users\UpdatusUser\Application Data

2013-02-01 13:19:26 -------- d--h--w- C:\Users\UpdatusUser\AppData

2013-02-01 13:19:26 -------- d-----r- C:\Users\UpdatusUser\Favorites

2013-02-01 13:19:26 -------- d-----r- C:\Users\UpdatusUser\Desktop

2013-02-01 13:12:56 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-01-31 12:55:40 -------- d-----w- C:\ProgramData\TuneUp Software

2013-01-31 12:55:34 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}

====== C: exe-files ==

2013-02-22 00:48:52 121D7779C197E948A6CC6BCA50B638B7 118640 ----a-w- C:\Users\Eigenaar\Downloads\winzip.exe

2013-02-21 19:29:47 0FB6D382FA5FBF72D05FC2A4503B7DF2 10156344 ----a-w- C:\Users\Eigenaar\Downloads\mbam-setup-1.70.0.1100.exe

2013-02-21 13:55:44 23A1B35643A888826E57966211BFEB7D 172032 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\DismHost.exe

2013-02-21 01:20:36 EA38F23762824559FEEB0F4D09849097 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1473728906-2079399457-2340751515-1000\$ILM5GST.exe

2013-02-20 20:25:42 110E3A5E9B36510C33B1D0483DD00510 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1473728906-2079399457-2340751515-1000\$IMMDTXV.exe

2013-02-20 20:23:08 5614386D4CFDF9E56F355C45BEEBC976 12872 ----a-w- C:\Windows\System32\bootdelete.exe

2013-02-20 20:16:33 7ABCE0394795CDA46B3D4D6696FF5C51 9754024 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe

2013-02-19 22:47:02 9F5119B4D8EAB88EC8B7CB2804EA7AF5 635864 ----a-w- C:\Users\Eigenaar\Downloads\cbsidlm-tr1_10a-PhotoViewer-ORG-10163573.exe

2013-02-17 00:17:51 C678718A8340A19FB35DDB1C2A4C5AB1 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-1473728906-2079399457-2340751515-1000\$I2M8WC9.exe

2013-02-16 11:42:13 173FCB500DEC33373FA6DBA6EA8A11DA 2094592 ----a-w- C:\Windows\System32\mmc.exe

2013-02-16 11:42:12 8515F96E2188A98F42C4D906ED787849 1611776 ----a-w- C:\Windows\SysWOW64\mmc.exe

2013-02-16 11:42:02 E96DC59126525C543CD16A2B19B00373 83968 ----a-w- C:\Windows\SysWOW64\wiaacmgr.exe

2013-02-16 11:42:02 6927AFA68FBD3047A29C9B324272A783 95232 ----a-w- C:\Windows\System32\wiaacmgr.exe

2013-02-16 00:24:22 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-02-16 00:24:22 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-02-16 00:24:21 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-02-16 00:24:20 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-02-16 00:24:20 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-02-16 00:24:20 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-02-16 00:24:17 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe

2013-02-16 00:08:26 CC4715CB69105378182D079E69917BD5 3125288 ----a-w- C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe

2013-02-16 00:08:25 8B0EE76CE662F803B100466FD9A1CAD0 1232424 ----a-w- C:\Program Files (x86)\Wise\Wise Registry Cleaner\unins000.exe

2013-02-16 00:05:14 8C12A8EB7EAFABD8C2ABACBEB56F1A0C 3371560 ----a-w- C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe

2013-02-16 00:05:13 BB34A67E5032B44368343B5BAEDC8485 1232424 ----a-w- C:\Program Files (x86)\Wise\Wise Disk Cleaner\unins000.exe

2013-02-15 23:48:06 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla31.exe

2013-02-15 19:49:02 8BE4ED63F6E098F75F8996541791C231 190411 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla36.exe

=== C: other files ==

2013-02-22 12:28:57 86E44F84A7903EA6E7734466322D4CB8 716 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\test9.bat

2013-02-21 13:55:56 F149764D7348F12FF047F69AC33CD8EA 212992 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\MsiProvider.dll

2013-02-21 13:55:54 3FB6CF9125365704C83C3D642EF3B9A2 314880 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\IntlProvider.dll

2013-02-21 13:55:53 0175734439DE83CE7AD14463FCFEAB7B 211456 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\ImagingProvider.dll

2013-02-21 13:55:51 2B8A8D78DE6EC4E817DF662C0F1ED832 55296 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\IBSProvider.dll

2013-02-21 13:55:50 967B290EAF92B1D834BBFFEAEAC8C85A 55808 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\FolderProvider.dll

2013-02-21 13:55:48 769523A8A6CC40D192839CF904B85675 367616 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\DmiProvider.dll

2013-02-21 13:55:47 8568A35143328B3EE7D1556F98386A8F 260096 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\DismProv.dll

2013-02-21 13:55:41 5E66C18104882EAB2E014E5FE4D5FCA9 134656 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\DismCorePS.dll

2013-02-21 13:55:39 DCA4392014EA44078B8A3C69C7390744 385024 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\DismCore.dll

2013-02-21 13:55:36 57B881E657365E97D9122C1F8E0D60CB 182272 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\CompatProvider.dll

2013-02-21 13:55:33 ED0653A338DA79EB81C7ED14C44BD024 785408 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\CbsProvider.dll

2013-02-21 13:55:30 FEB8B9965ABFC110D7BEC4A11B4EA803 123904 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\AssocProvider.dll

2013-02-21 13:55:26 64D5C27350066825FD8C1D83B0C148F3 275456 ----a-w- C:\Windows\Temp\19B8F858-B465-453E-82B4-93970076041F\AppxProvider.dll

2013-02-17 12:51:07 77BA3F9A5E0D3BA8657F14767CC5706D 1690624 ----a-w- C:\Windows\System32\GdiPlus.dll

2013-02-17 12:51:06 F1361853DCE62DA4540B5CFC072F7CB0 1437696 ----a-w- C:\Windows\SysWOW64\GdiPlus.dll

2013-02-16 11:42:14 65572D70EB8839462278989E25A37C98 19791360 ----a-w- C:\Windows\System32\shell32.dll

2013-02-16 11:42:13 D9656CE867A982814AF3C9C558D04A82 1918464 ----a-w- C:\Windows\System32\wbem\cimwin32.dll

2013-02-16 11:42:13 B330CE47FB74A6BE9A3FFFF4B3F64D9B 1964544 ----a-w- C:\Windows\System32\wlidsvc.dll

2013-02-16 11:42:13 6DAA6F4B2ABC3B53A846D3FDD9D79D3E 820736 ----a-w- C:\Windows\System32\gpprefcl.dll

2013-02-16 11:42:12 F032A54A4AA6EF47A1AB9D2EDF210CA1 1239552 ----a-w- C:\Windows\System32\IME\IMESC\IMSCTIP.dll

2013-02-16 11:42:12 ED120AA770A78B5079F8C7BB5AF8A035 1448168 ----a-w- C:\Windows\System32\Drivers\dxgkrnl.sys

2013-02-16 11:42:12 BCAB91AF8542D6C82A22732C172DE2DB 17560576 ----a-w- C:\Windows\SysWOW64\shell32.dll

2013-02-16 11:42:12 11D7A4A4A1DA60F394F53B413DCDF0DE 1934056 ----a-w- C:\Windows\System32\Drivers\ntfs.sys

2013-02-16 11:42:11 F9D9FAA0E2460EDA807C32391E5B6DAE 1120768 ----a-w- C:\Windows\System32\msctf.dll

2013-02-16 11:42:11 C166E3CD90AB0781ECDF10EC765B083A 464384 ----a-w- C:\Windows\System32\netprofmsvc.dll

2013-02-16 11:42:11 580B1F9299F474C5ECF616D9AF77BD97 274432 ----a-w- C:\Windows\System32\srmstormod.dll

2013-02-16 11:42:09 A57BA284F5996FFD32DCDBC41A4657DB 438272 ----a-w- C:\Windows\System32\lsm.dll

2013-02-16 11:42:09 7653DB77F0DB2A50392F015321E42E37 1886208 ----a-w- C:\Windows\System32\setupapi.dll

2013-02-16 11:42:09 60CAB7E74DCE70EE38B810E36756360D 406016 ----a-w- C:\Windows\System32\Windows.Media.dll

2013-02-16 11:42:09 1E0DFBB85EA37AB2BA780EA9AB522026 1752064 ----a-w- C:\Windows\SysWOW64\setupapi.dll

2013-02-16 11:42:08 DDD21E285B040AA84BE5EFC6AE3115E1 582144 ----a-w- C:\Windows\SysWOW64\gpprefcl.dll

2013-02-16 11:42:08 D6ACCF9F2EEEEA711C14EFD976E573F3 91880 ----a-w- C:\Windows\System32\Drivers\partmgr.sys

2013-02-16 11:42:08 C32A7A39B960A42BA9D4FBE47213CA03 28904 ----a-w- C:\Windows\System32\Drivers\msgpiowin32.sys

2013-02-16 11:42:08 C217B8D2E58C57A319B16125C3D4B69C 894464 ----a-w- C:\Windows\System32\iphlpsvc.dll

2013-02-16 11:42:08 2ADC985B85A71BD7D99712EC0C24358B 785504 ----a-w- C:\Windows\System32\Drivers\Wdf01000.sys

2013-02-16 11:42:07 EC79BDDFDD16AF0773A9462F8CC08F80 1080832 ----a-w- C:\Windows\SysWOW64\IME\IMESC\IMSCTIP.dll

2013-02-16 11:42:05 84BD45C2D0D582A7F3AA1C0D99D5C36D 202752 ----a-w- C:\Windows\SysWOW64\srmstormod.dll

2013-02-16 11:42:05 211D14C958D01E1CB801F836AD2861FE 49152 ----a-w- C:\Windows\System32\Drivers\UMDF\HidBthLE.dll

2013-02-16 11:42:04 C66EF7F7E4BA6FB0DF62AA85D33020DC 124648 ----a-w- C:\Windows\System32\Drivers\dumpsd.sys

2013-02-16 11:42:04 28619B6E5A37F71AE1145643949CFA60 303848 ----a-w- C:\Windows\System32\Drivers\dxgmms1.sys

2013-02-16 11:42:03 E57756F3A0B90E665FCE4527104C2D1D 666112 ----a-w- C:\Windows\System32\MP4SDECD.DLL

2013-02-16 11:42:03 B912EF528793F47E59A4E831821D177A 410624 ----a-w- C:\Windows\SysWOW64\Windows.Networking.dll

2013-02-16 11:42:03 B333AC31035042FA1869B79A8BE41469 890880 ----a-w- C:\Windows\SysWOW64\msctf.dll

2013-02-16 11:42:03 A9183C3BA3759453F4DEF922F9500078 594944 ----a-w- C:\Windows\System32\Windows.Networking.dll

2013-02-16 11:42:03 79FE8418CD57C9E2BDDC2FB0CC2BFB05 728064 ----a-w- C:\Windows\System32\samsrv.dll

2013-02-16 11:42:03 644F1A561B82F670A7A9A613FA8C462B 159232 ----a-w- C:\Windows\System32\inetpp.dll

2013-02-16 11:42:03 12F06525912BBEF67837DE47D87C60A9 194280 ----a-w- C:\Windows\System32\Drivers\sdbus.sys

2013-02-16 11:42:02 C4EF58B96A3DF00A2F4E8662C8741F2A 261120 ----a-w- C:\Windows\SysWOW64\Windows.Media.dll

2013-02-16 11:42:02 B852BB8E1D0902064346A09A7B32FC17 256000 ----a-w- C:\Windows\System32\WSDMon.dll

2013-02-16 11:42:02 B55709A480FB9CC38B1F3EF736253AF9 59392 ----a-w- C:\Windows\System32\migration\IphlpsvcMigPlugin.dll

2013-02-16 11:42:02 8BD33FC2A78607E00D012D550C0E2E69 171520 ----a-w- C:\Windows\System32\ncbservice.dll

2013-02-16 11:42:02 89F26905D007AF2B975ABBDD0A5773AC 263680 ----a-w- C:\Windows\System32\wbem\netttcim.dll

2013-02-16 11:42:02 777D77FCBD1DDC2855CFC4DF2819B1DD 80896 ----a-w- C:\Windows\System32\wbem\netdacim.dll

2013-02-16 11:42:02 6EAEB51D664FEBA37E2066695446978D 436736 ----a-w- C:\Windows\SysWOW64\MP4SDECD.DLL

2013-02-16 11:42:02 104BA949E64659ED6B8D23BA08299F55 107520 ----a-w- C:\Windows\System32\httpprxm.dll

2013-02-16 11:42:02 0E2BB2E43DCCE4ED986BF3B8641DFC08 62464 ----a-w- C:\Windows\System32\adhsvc.dll

2013-02-16 11:42:01 EAD9FCB0370362D84FFE79393B9B2B72 115712 ----a-w- C:\Windows\SysWOW64\netprofm.dll

2013-02-16 11:42:01 E2ABD0014E9C6FD36F0C5F73F74C13A3 44032 ----a-w- C:\Windows\System32\wbem\netnccim.dll

2013-02-16 11:42:01 D87775F050DD29AADDF479F5C17E4200 22528 ----a-w- C:\Windows\System32\adhapi.dll

2013-02-16 11:42:01 AE98CFB98E2A8AAD960D08FE2DA28125 67584 ----a-w- C:\Windows\SysWOW64\samlib.dll

2013-02-16 11:42:01 84A464F9BFF154CD560370B515E308AB 151040 ----a-w- C:\Windows\System32\netprofm.dll

2013-02-16 11:42:01 722AD253B1F2697D9D5D0E5347952375 15872 ----a-w- C:\Windows\System32\keepaliveprovider.dll

2013-02-16 11:42:01 6E095338E8F617C4A735FF617CB2B0C6 279040 ----a-w- C:\Windows\System32\srm.dll

2013-02-16 11:42:01 69DF9E1B94CAAF03FABF7819B72BBAA7 278528 ----a-w- C:\Windows\SysWOW64\srm.dll

2013-02-16 11:42:01 60D88858B7196455CB2C2B29A10A9146 49152 ----a-w- C:\Windows\SysWOW64\migration\IphlpsvcMigPlugin.dll

2013-02-16 11:42:01 5AACB04BA3A0DB236EA8D510A66F5E26 17920 ----a-w- C:\Windows\System32\httpprxp.dll

2013-02-16 00:24:22 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

2013-02-16 00:24:21 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll

2013-02-16 00:24:21 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll

2013-02-16 00:24:21 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll

2013-02-16 00:24:21 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll

2013-02-16 00:24:21 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll

2013-02-16 00:24:21 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll

2013-02-16 00:24:21 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll

2013-02-16 00:24:21 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll

2013-02-16 00:24:21 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll

2013-02-16 00:24:21 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll

2013-02-16 00:24:21 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll

2013-02-16 00:24:21 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll

2013-02-16 00:24:21 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll

2013-02-16 00:24:21 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll

2013-02-16 00:24:21 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll

2013-02-16 00:24:21 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll

2013-02-16 00:24:21 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll

2013-02-16 00:24:21 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll

2013-02-16 00:24:21 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll

2013-02-16 00:24:21 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll

2013-02-16 00:24:21 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll

2013-02-16 00:24:21 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll

2013-02-16 00:24:21 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll

2013-02-16 00:24:21 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll

2013-02-16 00:24:21 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll

2013-02-16 00:24:21 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll

2013-02-16 00:24:21 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll

2013-02-16 00:24:21 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psuser.dll

2013-02-16 00:24:21 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll

2013-02-16 00:24:21 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll

2013-02-16 00:24:21 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll

2013-02-16 00:24:21 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll

2013-02-16 00:24:21 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll

2013-02-16 00:24:21 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll

2013-02-16 00:24:21 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll

2013-02-16 00:24:20 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll

2013-02-16 00:24:20 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll

2013-02-16 00:24:20 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll

2013-02-16 00:24:20 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll

2013-02-16 00:24:20 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll

2013-02-16 00:24:20 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll

2013-02-16 00:24:20 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll

2013-02-16 00:24:20 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll

2013-02-16 00:24:20 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll

2013-02-16 00:24:20 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll

2013-02-16 00:24:20 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll

2013-02-16 00:24:20 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll

2013-02-16 00:24:20 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll

2013-02-16 00:24:20 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll

2013-02-16 00:24:20 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll

2013-02-16 00:24:20 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll

2013-02-16 00:24:20 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll

2013-02-16 00:24:20 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll

2013-02-16 00:24:20 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll

2013-02-16 00:24:20 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll

2013-02-16 00:24:20 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll

2013-02-16 00:24:20 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll

2013-02-16 00:24:20 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll

2013-02-16 00:05:14 F14D308D1307C4D16725FA2FEB1BA31A 425512 ----a-w- C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDefrag.dll

2013-02-16 00:05:14 73E891E83A329169A609D8DD52093565 566208 ----a-w- C:\Program Files (x86)\Wise\Wise Disk Cleaner\sqlite3.dll

2013-02-15 23:48:14 0183A189CB159AD584E4F924A54C241A 190092 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla21.dll

2013-02-15 23:48:12 8BE4ED63F6E098F75F8996541791C231 190411 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla36.dll

2013-02-15 23:48:10 1DC2021A8D1506391926C58D918DFF83 176035 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla33.dll

2013-02-15 23:48:09 6256CD1A5ADE17263EB0AA0758E576A4 176545 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla32.dll

2013-02-15 23:48:07 6B110E925294547A7D288F26DA19D199 179687 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla.dll

2013-02-15 23:48:04 1DC2021A8D1506391926C58D918DFF83 176035 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla2.dll

2013-02-15 23:48:02 B02EEACA3A0950659793DD40E1CA44EC 66956 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCall.dll

2013-02-15 23:48:02 8761181CBB2E028D6CAD018011BAD55F 175992 ----a-w- C:\Windows\22B3AE667A374118BADB3680C15CA366.TMP\WiseCustomCalla34.dll

2013-02-15 19:50:22 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\autoexec.bat

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Garmin Lifetime Updater"="C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized"

"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"

"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe"

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Remote Software]

"command"="C:\\Program Files\\Hewlett-Packard\\HP Remote\\HP REMOTE V1.0.5.exe"

"hkey"="HKLM"

"item"="HP Remote Software"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

"hkey"="HKLM"

"item"="iTunesHelper"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Kaseya Agent Service Helper]

"command"="\"C:\\Program Files (x86)\\Kaseya\\Agent\\KaUsrTsk.exe\""

"hkey"="HKLM"

"item"="Kaseya Agent Service Helper"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"hkey"="HKLM"

"item"="QuickTime Task"

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]

"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\" -s"

"hkey"="HKCU"

"item"="TomTomHOME.exe"

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WerSvc]

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/02/2013 22:32]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2010 15:33]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/08/2010 15:33]

C:\WINDOWS\tasks\ROC_PAID_JAN2013_TB_rmv.job --a-------- C:=C:=C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\4bzdcsof.default

- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\4bzdcsof.default

F733C59712465B0BD2130BB7C1A6D6E3 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll - Shockwave Flash

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Eigenaar\AppData\Roaming\Delta\delta.crx[]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 11:45]

ndibdjnfmopecpmkdieinmbadjfpblof - No path found[]

pgafcinpmmpklohkojmllohd****efph - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Google"

"search page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"search page"="Bing"

"Start Page"="Google"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} Unknown Url="Not_Found"

{28647FC9-82E6-4EEB-AC6A-A8ADD5A1FD97} Yahoo//nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008"

{6413932C-9A84-4701-B3A2-F87D82E1A372} AOL Zoeken Url="{searchTerms} - AOL Search resultaten"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{73E73E2A-17D8-4ED0-BAB6-2B357DC7ABFA} Bing Url="{searchTerms} - Bing"

{80AC4369-1F54-478B-B4A1-AE6BB842299D} Google Url="{searchTerms - Google zoeken}"

{CCC7A320-B3CA-4199-B1A6-9F516DD69829} AVG Secure Search Url="{searchTerms} - Search"

{DF078B0D-9B02-4900-8643-808BEC088411} Kelkoo Url="http://nb.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913938"

{F48DA960-0FD9-4BB5-9826-C0C271C6C74D} Qword Url="{searchTerms} - Search Results"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1473728906-2079399457-2340751515-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (file missing)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kaseya Agent (KAERSYS909995750701040) - Kaseya International Limited - C:\Program Files (x86)\Kaseya\Agent\AgentMon.exe

O23 - Service: Kaseya Security Service (KaseyaAVService) - Unknown owner - C:\Program Files (x86)\Kaseya\Agent\KasAVSrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1A8RU7E will be deleted at reboot

C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R37HP8WP will be deleted at reboot

C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZCBZEZAO will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\4bzdcsof.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\Eigenaar\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.settings" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\chrome.manifest" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\install.rdf" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-3.6.xpt" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js" not found

"C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\overlay.xul" not found

"C:\ProgramData\BrowserProtect" not found

"C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A1A8RU7E" not found

"C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R37HP8WP" not found

"C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZCBZEZAO" not foundBedankt en groetjes Srija Linna

aangepast door kape
dubbel log verwijderd
Link naar reactie
Delen op andere sites

Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

O2 - BHO: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll (file missing)

O3 - Toolbar: InternetDownloadToolBar - {376CA00C-3F95-46F7-8F04-E69906E52A1F} - C:\Program Files (x86)\E-Zsoft\YouTubeDownloader\IDTB.dll (file missing)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll (file missing)

Klik op 'Fix checked' om de items te verwijderen.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

Hang een nieuw logje in je volgende bericht. En laat dan eens weten hoe de toestand nu is ?

Link naar reactie
Delen op andere sites

Beste kape;

De vragenzijn =

Waarom heb je verschillende keren dezelfde items moeten verwijderen?

Hoe dikwijls moet ik MBAM uitvoeren?

Wat moet ik opletten voor citadel virus binnen te dringen?

Hoe dikwijls moet ik zo HijackThis proces doen?

Hitman -Pro is ook goed voor jou?

bedankt en groetjes, ( ik zal zeker dotatie storten voor de dank )

Srija Linna

Degeselecteerde 5 items zijn verwijderd, dit is weer een nieuw log vanHijackThis

Logfile ofTrend Micro HijackThis v2.0.4,

Scan saved at 21:22:01, on 22/02/2013

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16482)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe

C:\Program Files (x86)\CommonFiles\Adobe\CS6ServiceManager\CS6ServiceManager.exe

C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Photoshop.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Users\Eigenaar\Downloads\HijackThis.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

R1 -HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\InternetSettings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}- C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Messenger Companion Helper -{9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\WindowsLive\Companion\companioncore.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} -C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper -{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files(x86)\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [Garmin Lifetime Updater] C:\Program Files(x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized

O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\CommonFiles\Adobe\SwitchBoard\SwitchBoard.exe

O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\CommonFiles\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

O9 - Extra button: @C:\Program Files (x86)\WindowsLive\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F}- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\WindowsLive\Writer\WindowsLiveWriterShortcuts.dll,-1004 -{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\WindowsLive\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\WindowsLive\Writer\WindowsLiveWriterShortcuts.dll,-1003 -{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\WindowsLive\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote -{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MicrosoftOffice\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote -{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\MicrosoftOffice\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote -{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\MicrosoftOffice\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote -{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\MicrosoftOffice\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5}- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call -{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files(x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.3.0/GarminAxControl.CAB

O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class)- http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\ProgramFiles (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) -Adobe Systems Incorporated -C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner -C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\CommonFiles\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\ProgramFiles\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner -C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner -C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\ProgramFiles (x86)\Common Files\Macrovision Shared\FLEXnetPublisher\FNPLicensingService.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files(x86)\HP Games\HP Game Console\GameConsoleService.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. -C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. -C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\ProgramFiles\iPod\bin\iPodService.exe

O23 - Service: Kaseya Agent (KAERSYS909995750701040) - Kaseya InternationalLimited - C:\Program Files (x86)\Kaseya\Agent\AgentMon.exe

O23 - Service: Kaseya Security Service (KaseyaAVService) - Unknown owner -C:\Program Files (x86)\Kaseya\Agent\KasAVSrv.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner -C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. -C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service(LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\CommonFiles\LightScribe\LSSrvc.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files(x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files(x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - MozillaFoundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner -C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner -C:\WINDOWS\system32\mqsvc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknownowner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner -C:\WINDOWS\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIACorporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA UpdateCore\daemonu.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknownowner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner -C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\ProgramFiles (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknownowner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner- C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner- C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files(x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknownowner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknownowner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner -C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner -C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknownowner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) -Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (filemissing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) -Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101(WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows MediaPlayer\wmpnetwk.exe (file missing)

--

End of file - 11929 bytes

Link naar reactie
Delen op andere sites

Waarom heb je verschillende keren dezelfde items moeten verwijderen?
Omdat ze bij de eerste verwijdering niet allemaal verdwenen waren, moest het nog een volgende keer.
Hoe dikwijls moet ik MBAM uitvoeren?
In principe 1 keer, als je meteen voor de optie "verwijderen" hebt gekozen. Was dat niet het geval, dan moet je het nog eens herhalen met die optie ingeschakeld. Soms kan dit wel eens een keertje meer gevraagd worden, gewoon ter controle.
Wat moet ik opletten voor citadel virus binnen te dringen?
Er is geen handleiding om dit specifieke virus te vermijden. Maar voor alle virussen geldt dezelfde algemene regel: alle belangrijke programma's (Windows, antivirusprogramma, Java, e.d.) steeds up-to-date houden en kritisch gebruik van het internet (aanklikken linkjes, advertenties, mailberichten, enz.). Maar realiseer je wel dat geen enkel antivirusprogramma (gratis of betalend) 100 % veiligheid biedt.
Hoe dikwijls moet ik zo HijackThis proces doen?
Tot het logje helemaal clean is ... en dat is nu het geval !
Hitman -Pro is ook goed voor jou?
Zeker ... installeer het eerst als proefversie en dan kan je daarna nog bekijken of eventuele aankoop wenselijk is.

Hoe staat het trouwens nu met je Citadel-virus ? Krijg je er nog meldingen van ?

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen

×
×
  • Nieuwe aanmaken...