anoniem Geplaatst: 11 maart 2012 Delen Geplaatst: 11 maart 2012 Laptop van een bekende, elke keer bij opstarten komt er een melding dat er een poging wordt gedaan een .dll te installeren. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:25:43, on 11-3-2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\PixArt\Pac207\Monitor.exe C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe C:\Program Files\AVG\AVG2012\avgtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Logitech\Vid HD\Vid.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Brother\ControlCenter3\brccMCtl.exe C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Users\beheerder\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7I12O31\HijackThis.exe C:\Windows\system32\SearchProtocolHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {b80f591e-fe9a-46cf-a13e-180377240586} - (no file) R3 - URLSearchHook: (no name) - {46735dee-f862-49d1-876d-6382794dc625} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini" O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup O4 - HKLM\..\Run: [NokiaMusic FastStart] "C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe" /command:faststart O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: SCANKD~1.DLL O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/nl-nl/wlscctrl2.cab O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} (Navigram Control) - http://www.navigram.com/engine/v1026/Navigram.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation - C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Virtual Disk Service Manager (MSR Service) - Unknown owner - C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- End of file - 10412 bytes Quote Link naar reactie
0 anoniem Geplaatst: 11 maart 2012 Auteur Delen Geplaatst: 11 maart 2012 De Windows Firewall is inderdaad dus uitgeschakeld - dat vermoedde ik al. Download [url=http://www.softpedia.com/get/Tweak/System-Tweak/Tweaking-com-Windows-Repair.shtml]Windows Repair by Tweaking.com[/url]. Decomprimeer de inhoud naar een nieuw gecreëerde map op jouw bureaublad. [b:2fc2b282db]Repair_Windows.exe opstarten[/b:2fc2b282db]: [list:2fc2b282db][*:2fc2b282db] [b:2fc2b282db][color=#0000FF:2fc2b282db]Sluit nu eerst alle nog openstaande programmavensters![/color:2fc2b282db][/b:2fc2b282db] [list:2fc2b282db][*:2fc2b282db][b:2fc2b282db][color=#0000FF:2fc2b282db]Windows 2000[/color:2fc2b282db][/b:2fc2b282db] en [color=#0000FF:2fc2b282db][b:2fc2b282db]Windows XP[/b:2fc2b282db][/color:2fc2b282db]: start "Repair_Windows.exe" middels dubbelklik op de snelkoppeling. [*:2fc2b282db][color=#0000FF:2fc2b282db][b:2fc2b282db]Windows Vista[/b:2fc2b282db][/color:2fc2b282db] en [color=#0000FF:2fc2b282db][b:2fc2b282db]Windows 7[/b:2fc2b282db][/color:2fc2b282db]: start "Repair_Windows.exe" middels rechtsklik en kies voor "Als Administrator uitvoeren."[/list:u:2fc2b282db][/list:u:2fc2b282db] [list:2fc2b282db][*:2fc2b282db]Klik op de "Start Repairs tab". [*:2fc2b282db]Kies "Custom Mode" en klik dan op "Start". [*:2fc2b282db]maak ook een systeemherstelpunt, indien dat gevraagd wordt. [*:2fc2b282db]In het venster van "Custom Mode" selekter je de volgende reparatie-opties: [list:2fc2b282db][*:2fc2b282db]Repair WMI [*:2fc2b282db]Repair Windows Firewall [*:2fc2b282db]Repair MDAC/MS Jet [*:2fc2b282db]Remove Policies Set By Infections [*:2fc2b282db]Repair Proxy Settings [*:2fc2b282db]Repair Windows Updates[/list:u:2fc2b282db] [*:2fc2b282db]Klik dan op de Startknop. [*:2fc2b282db]Wees geduldig terwijl het tool de geselecteerde opties uitvoert. [*:2fc2b282db]Indien het tool aangeeft dat er opnieuw opgestart dient te worden, om de veranderingen door te voeren, doe je dat.[/list:u:2fc2b282db] Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Done. Vind echter geen log oid, dus neem aan dat alles gewerkt heeft. ik kan in elk geval via Teamviewer nog steeds op die machine, dus de vuurmuur laat me in elk geval er nog door. Vriend zit met grote verbazing al de acties te volgen, dat is wel grappig. Wat is de volgende stap, Abraham?? Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Lol: "Vriend zit met grote verbazing al de acties te volgen, dat is wel grappig". Herhaal nu de scan met de Farbar Service Scanner[b:293b2c414c]Farbar Service Scanner[/b:293b2c414c] Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Farbar Service Scanner Version: 01-03-2012 Ran by beheerder (administrator) on 12-03-2012 at 12:24:02 Running from "C:\Users\beheerder\Desktop" Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcsvc.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys [2011-11-09 19:05] - [2011-09-20 22:02] - 0913280 ____A (Microsoft Corporation) 16731B631F28F63CD9F4CB60940E7DDD C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll [2009-09-11 03:05] - [2008-01-21 03:34] - 0161792 ____A (Microsoft Corporation) 00B79A7C984678F24CF052E5BEB3A2F5 C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log **** Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Hmm, echt duidelijk is het mij nog niet! Ga nu eerst controleren of de Windows Firewall inderdaad aktief is. Daarvoor ga je naar Start\Uitvoeren en de opdracht luidt: [b:d067d8b1e5]services.msc[/b:d067d8b1e5]. Klik op de knop OK. N.B.: Uitvoeren kan ook gestart worden door gelijktijdig de "Windowstoets + R-toets" in te drukken. In het venster Services scroll je naar [b:d067d8b1e5][color=#0000FF:d067d8b1e5]Windows Firewall[/color:d067d8b1e5][/b:d067d8b1e5]. Dubbelklikk op die vermelding, bij "Opstarttype" moet de instelling op "Automatisch " staan. Indien niet, dan dit aanpassen, klik vervolgens op de knop [b:d067d8b1e5]Toepassen[/b:d067d8b1e5]; vervolgens klik je op de knop [b:d067d8b1e5]Starten[/b:d067d8b1e5], wacht even en klik uiteindelijk op [b:d067d8b1e5]OK[/b:d067d8b1e5]. Krijg je een foutmelding, laat dit weten! Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Windows firewall staat aan, via services even uitgezet en weer geactiveerd. In Configscherm staat hij aan en actief, Defender staat uit. Op dit moment staat AVG ook uit want anders kan ik alle tools niet gebruiken Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Post een nieuw OTL-log. Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 OTL logfile created on: 12-3-2012 13:06:36 - Run 2 OTL by OldTimer - Version 3.2.36.3 Folder = C:\Users\beheerder\Desktop Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy 2,93 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 47,48% Memory free 6,09 Gb Paging File | 3,74 Gb Available in Paging File | 61,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 142,09 Gb Total Space | 67,67 Gb Free Space | 47,63% Space Free | Partition Type: NTFS Drive D: | 143,00 Gb Total Space | 43,57 Gb Free Space | 30,47% Space Free | Partition Type: NTFS Computer Name: BEHEERDER1 | User Name: beheerder | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717:91c674ce8a]========== Processes (SafeList) ==========[/color:91c674ce8a] PRC - [2012-03-11 21:43:31 | 000,337,137 | ---- | M] () -- C:\Users\beheerder\Desktop\FSS.exe PRC - [2012-03-11 10:17:08 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\beheerder\Desktop\OTL.com PRC - [2012-02-23 11:40:42 | 002,394,496 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe PRC - [2012-02-23 11:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2012-02-23 11:40:40 | 007,983,488 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version7\TeamViewer.exe PRC - [2012-02-23 11:24:59 | 000,116,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\tv_w32.exe PRC - [2012-02-17 10:24:50 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil11f_ActiveX.exe PRC - [2012-01-24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012-01-23 05:43:08 | 000,247,728 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2012-01-23 05:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe PRC - [2012-01-15 14:54:07 | 000,909,152 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe PRC - [2012-01-15 14:54:06 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe PRC - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011-11-28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2011-11-11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011-11-11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2011-11-01 15:40:04 | 001,053,056 | ---- | M] (Nokia) -- C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe PRC - [2011-10-27 10:34:30 | 000,718,384 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe PRC - [2011-10-27 10:33:58 | 000,173,104 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe PRC - [2011-10-27 10:33:40 | 000,126,512 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe PRC - [2011-10-27 10:33:32 | 000,148,016 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe PRC - [2011-10-27 10:33:14 | 000,151,088 | ---- | M] (Nokia) -- C:\Program Files\PC Connectivity Solution\Transports\NclIVTBTSrv.exe PRC - [2011-09-08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2011-08-15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe PRC - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2011-06-14 16:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2010-12-14 15:49:23 | 001,169,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe PRC - [2010-10-29 21:06:08 | 005,915,480 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe PRC - [2009-11-03 10:11:48 | 000,114,688 | ---- | M] () -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe PRC - [2009-10-24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe PRC - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe PRC - [2009-05-28 07:06:56 | 000,548,864 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe PRC - [2009-05-15 07:47:58 | 000,692,224 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe PRC - [2009-04-11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2009-04-11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe PRC - [2009-01-13 13:36:02 | 000,837,120 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe PRC - [2009-01-13 13:36:00 | 000,279,552 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe PRC - [2009-01-07 18:53:22 | 000,098,407 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe PRC - [2008-12-10 08:07:52 | 000,352,256 | ---- | M] (SAMSUNG Electronics co., LTD.) -- C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe PRC - [2008-08-26 01:59:54 | 000,045,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe PRC - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe PRC - [2008-01-16 09:16:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2004-10-01 15:12:18 | 000,565,309 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Sitecom\Bluetooth Software\BTTray.exe PRC - [2004-10-01 15:06:34 | 000,163,840 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe [color=#E56717:91c674ce8a]========== Modules (No Company Name) ==========[/color:91c674ce8a] MOD - [2012-03-11 21:43:31 | 000,337,137 | ---- | M] () -- C:\Users\beheerder\Desktop\FSS.exe MOD - [2012-01-15 14:54:06 | 000,939,872 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe MOD - [2011-11-11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2011-11-11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2011-11-01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011-11-01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011-11-01 15:42:14 | 000,392,064 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\ssoengine.dll MOD - [2011-11-01 15:42:12 | 000,058,240 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\securestorage.dll MOD - [2011-11-01 15:42:08 | 000,095,104 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\qjson.dll MOD - [2011-11-01 15:42:06 | 000,272,768 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\phonon4.dll MOD - [2011-11-01 15:41:38 | 000,165,248 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtWeb.dll MOD - [2011-11-01 15:41:36 | 000,384,896 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QxtCore.dll MOD - [2011-11-01 15:41:34 | 002,557,312 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXmlPatterns4.dll MOD - [2011-11-01 15:41:32 | 000,346,496 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtXml4.dll MOD - [2011-11-01 15:41:30 | 010,843,520 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtWebKit4.dll MOD - [2011-11-01 15:41:24 | 000,196,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtSql4.dll MOD - [2011-11-01 15:41:22 | 001,294,208 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtScript4.dll MOD - [2011-11-01 15:41:20 | 000,682,880 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtOpenGL4.dll MOD - [2011-11-01 15:41:18 | 000,919,936 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtNetwork4.dll MOD - [2011-11-01 15:41:16 | 000,517,504 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtMultimediaKit1.dll MOD - [2011-11-01 15:41:14 | 008,172,928 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtGui4.dll MOD - [2011-11-01 15:41:12 | 002,252,672 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtDeclarative4.dll MOD - [2011-11-01 15:41:10 | 002,288,512 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\QtCore4.dll MOD - [2011-11-01 15:41:06 | 000,422,272 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll MOD - [2011-11-01 15:40:56 | 000,202,624 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qjpeg4.dll MOD - [2011-11-01 15:40:54 | 000,034,688 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qico4.dll MOD - [2011-11-01 15:40:52 | 000,032,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Imageformats\qgif4.dll MOD - [2011-11-01 15:40:08 | 000,388,480 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\OviShareLib.dll MOD - [2011-11-01 15:40:00 | 000,438,144 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\NService.dll MOD - [2011-11-01 15:39:36 | 001,041,792 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\Maps Service API.dll MOD - [2011-11-01 15:39:06 | 000,740,736 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\CommonUpdateChecker.dll MOD - [2011-11-01 14:57:42 | 000,112,640 | ---- | M] () -- C:\Program Files\Nokia\Nokia Suite\mediaservice\dsengine.dll MOD - [2011-08-12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe MOD - [2011-08-12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2011-08-12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2011-08-12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2011-08-12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2011-08-12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2010-10-29 21:02:38 | 000,751,616 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\vpxmd.dll MOD - [2010-10-29 21:01:30 | 000,027,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\SDL.dll MOD - [2009-04-22 22:53:56 | 000,969,040 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtNetwork4.dll MOD - [2009-04-10 00:04:56 | 002,141,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtCore4.dll MOD - [2009-03-03 23:18:08 | 000,138,064 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qjpeg4.dll MOD - [2009-03-03 23:18:06 | 000,035,152 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qico4.dll MOD - [2009-03-03 23:18:06 | 000,029,008 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\plugins\imageformats\qgif4.dll MOD - [2009-03-03 23:17:46 | 011,311,952 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtWebKit4.dll MOD - [2009-03-03 23:17:46 | 000,363,856 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtXml4.dll MOD - [2009-03-03 23:17:44 | 000,200,016 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtSql4.dll MOD - [2009-03-03 23:17:40 | 000,475,472 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtOpenGL4.dll MOD - [2009-03-03 23:17:38 | 007,704,400 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\QtGui4.dll MOD - [2009-03-03 23:17:32 | 000,291,664 | ---- | M] () -- C:\Program Files\Logitech\Vid HD\phonon4.dll MOD - [2009-01-13 13:36:00 | 000,279,552 | ---- | M] () -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe MOD - [2009-01-13 10:33:12 | 000,106,595 | ---- | M] () -- C:\Windows\System32\Bs2Res.dll MOD - [2009-01-07 18:55:00 | 000,622,693 | ---- | M] () -- C:\Windows\System32\BSShell.dll MOD - [2009-01-07 18:52:16 | 000,122,976 | ---- | M] () -- C:\Windows\System32\BsMobileSDK.dll MOD - [2008-03-07 12:54:22 | 017,907,824 | ---- | M] () -- C:\Windows\System32\BsLangInDepRes.dll MOD - [2006-08-12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Samsung Magic Doctor\HookDllPS2.dll MOD - [2006-08-12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\EasySpeedUpManager\HookDllPS2.dll MOD - [2006-08-12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll MOD - [2004-10-01 15:13:12 | 000,053,248 | ---- | M] () -- C:\Program Files\Sitecom\Bluetooth Software\BTKeyInd.dll [color=#E56717:91c674ce8a]========== Win32 Services (SafeList) ==========[/color:91c674ce8a] SRV - [2012-02-23 11:40:41 | 002,886,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2012-01-23 05:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2012-01-15 14:54:07 | 000,909,152 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe -- (vToolbarUpdater) SRV - [2012-01-03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011-10-27 10:34:30 | 000,718,384 | ---- | M] (Nokia) [On_Demand | Running] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2011-10-12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [On_Demand | Stopped] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011-08-02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2009-11-03 10:11:48 | 000,114,688 | ---- | M] () [Auto | Running] -- C:\Program Files\Clarus\Samsung SecretZone\MSSvc.exe -- (MSR Service) SRV - [2009-10-24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009-08-27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs) SRV - [2009-01-13 13:36:02 | 000,837,120 | ---- | M] () [Auto | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe -- (BlueSoleilCS) SRV - [2009-01-07 18:53:22 | 000,098,407 | ---- | M] () [On_Demand | Running] -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe -- (BsHelpCS) SRV - [2008-08-07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) SRV - [2008-01-21 03:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008-01-16 09:16:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2004-10-01 15:06:34 | 000,163,840 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Sitecom\Bluetooth Software\bin\btwdins.exe -- (btwdins) [color=#E56717:91c674ce8a]========== Driver Services (SafeList) ==========[/color:91c674ce8a] DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme) DRV - [2012-01-18 07:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam C210(UVC) DRV - [2012-01-18 07:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS) DRV - [2011-10-07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2011-10-04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011-09-13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011-08-17 12:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011-08-17 12:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011-08-17 12:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011-08-17 12:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011-08-08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011-07-11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011-07-11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011-07-11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011-07-11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2009-12-17 16:02:20 | 001,203,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr) DRV - [2009-06-22 19:38:24 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) DRV - [2009-06-22 19:26:06 | 000,100,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev) DRV - [2009-05-04 15:35:00 | 000,163,328 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2009-01-08 01:20:04 | 000,031,880 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr) DRV - [2009-01-07 22:39:36 | 000,020,744 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\BtHidBus.sys -- (BtHidBus) DRV - [2009-01-03 15:40:12 | 000,039,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb) DRV - [2008-12-07 11:44:54 | 000,030,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetBus.sys -- (btnetBUs) DRV - [2008-12-07 11:44:50 | 000,017,928 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT) DRV - [2008-08-26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2008-07-02 13:58:48 | 000,026,248 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IvtBtBus.sys -- (IvtBtBUs) DRV - [2008-03-20 03:35:56 | 000,023,040 | ---- | M] (Todos Data System AB) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aabed2.sys -- (e.dentifier2) DRV - [2008-01-21 18:27:50 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm) DRV - [2008-01-21 03:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R) DRV - [2006-12-05 10:34:42 | 000,507,136 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207) DRV - [2006-11-14 01:11:54 | 000,013,312 | ---- | M] (SAMSUNG ELECTRONICS CO., LTD.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\KMDFMEMIO.sys -- (KMDFMEMIO) DRV - [2006-11-02 08:41:50 | 000,983,552 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006-11-02 08:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp) DRV - [2005-01-31 10:20:04 | 000,211,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928) DRV - [2005-01-31 10:12:46 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta) DRV - [2004-10-01 14:50:26 | 000,023,271 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\btserial.sys -- (BTSERIAL) DRV - [2004-10-01 14:50:20 | 000,222,876 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\btslbcsp.sys -- (BTSLBCSP) DRV - [2004-10-01 14:48:30 | 001,241,482 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\btkrnl.sys -- (BTKRNL) DRV - [2004-10-01 14:43:44 | 000,054,488 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btwusb.sys -- (BTWUSB) [color=#E56717:91c674ce8a]========== Standard Registry (SafeList) ==========[/color:91c674ce8a] [color=#E56717:91c674ce8a]========== Internet Explorer ==========[/color:91c674ce8a] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/nl/index.php?rvs=google IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{882F15F8-2E2C-4390-97BA-CE3075702076}: "URL" = http://downloads.phpnuke.org/nl/index.php?rvs=google IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2102399 IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.nl/ IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233} IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_nl IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={9D36EC7C-0D34-4F6C-8EE1-36E91E6E8418}&mid=7ccbdc14738147d69f4dd159265498df-a5ffb712878c353380133c18cf3775fed8c8d307&lang=nl&ds=AVG&pr=fr&d=2011-11-29 20:14:12&v=10.0.0.7&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717:91c674ce8a]========== FireFox ==========[/color:91c674ce8a] FF - prefs.js..extensions.enabledItems: MapShare-status@tomtom.com:1.7.1 FF - prefs.js..extensions.enabledItems: baseTheme@tomtom.com:1.0.2 FF - HKLM\Software\MozillaPlugins\@ABNAMRO/BECON,version=1.00: C:\Program Files\ABN AMRO e.dentifier2\Mozilla\npBECON.dll (ABN AMRO) FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: C:\Program Files\innoplus\3D-Viewer-innoPlus\npIno3DViewer.dll (INNOVA-engineering GmbH Dresden) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012-02-01 10:42:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fe_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Bookmarks Connector\FirefoxExtension_7.0 [2011-11-26 13:35:58 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.0.0.7\ [2012-01-15 14:54:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_7.0@nokia.com: C:\Program Files\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_7.0 [2011-11-26 13:36:01 | 000,000,000 | ---D | M] [2010-11-27 13:40:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beheerder\AppData\Roaming\mozilla\Extensions [2010-11-27 13:40:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\beheerder\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012-03-02 16:30:50 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES\TOMTOM HOME 2\XUL\EXTENSIONS\MAPSHARE-STATUS@TOMTOM.COM O1 HOSTS File: ([2012-03-12 08:27:35 | 000,000,855 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.0.0.7\AVG Secure Search_toolbar.dll () O3 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.) O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe (Nokia) O4 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Verzenden naar &Bluetooth - C:\Program Files\Sitecom\Bluetooth Software\btsendto_ie_ctx.htm () O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/download/scanner/nl-nl/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} http://www.navigram.com/engine/v1026/Navigram.cab (Navigram Control) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7806D9FB-419E-49D2-8ABF-CD06414F48A2}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7BF0D505-87A7-4FD5-A19C-66813A50DA05}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\System32\skype4com.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.0.6\ViProtocol.dll () O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\Windows\System32\BTXPPanel.dll (Broadcom Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006-09-18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-3967947940-1414231668-3034202555-1000..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717:91c674ce8a]========== Files/Folders - Created Within 30 Days ==========[/color:91c674ce8a] [2012-03-12 10:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk [2012-03-12 10:27:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{51C80B69-FDE5-4279-AA54-6FC4C51A00E8} [2012-03-12 10:26:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0BBC4425-7CA1-4301-A5CC-BACE697588A5} [2012-03-12 08:36:47 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012-03-12 08:29:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-03-12 08:21:22 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe [2012-03-12 08:17:09 | 000,000,000 | ---D | C] -- C:\Reg_Backup [2012-03-12 08:17:07 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012-03-12 08:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2012-03-12 08:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com [2012-03-11 20:55:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-03-11 20:44:03 | 000,000,000 | ---D | C] -- C:\ComboFix [2012-03-11 16:32:02 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{260881AC-7AA2-4299-B5D0-CBDB3B448151} [2012-03-11 16:31:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6CC5053B-636D-4937-8DB0-18D2C508FD35} [2012-03-11 13:09:13 | 001,585,560 | ---- | C] (Emsi Software GmbH) -- C:\Users\beheerder\Desktop\start.exe [2012-03-11 13:09:12 | 000,000,000 | ---D | C] -- C:\Users\beheerder\Desktop\Languages [2012-03-11 13:08:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\Desktop\Run [2012-03-11 12:54:58 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Users\beheerder\Desktop\aswMBR.exe [2012-03-11 12:34:58 | 000,000,000 | ---D | C] -- C:\_OTL [2012-03-11 12:03:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Roaming\TeamViewer [2012-03-11 12:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2012-03-11 10:17:55 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\beheerder\Desktop\OTL.com [2012-03-11 10:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\backups [2012-03-11 09:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-03-11 09:35:53 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-03-11 09:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-03-11 09:18:50 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HijackThis.exe [2012-03-10 18:11:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{25272832-F3A5-42D9-8759-084D68EC7683} [2012-03-10 18:11:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0F7BD1B8-F436-4B97-9F01-31914D1B7A48} [2012-03-10 14:14:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C495001E-460E-4E02-9AF3-ED549646C91A} [2012-03-10 14:14:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{949A580D-25D5-46EA-B026-C02114F1D5CD} [2012-03-10 13:22:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{616F7C79-C3EA-4A6F-A0AC-BB97F2434D09} [2012-03-10 12:20:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F1103772-79C7-4F53-A4E4-421272CD8892} [2012-03-10 12:20:26 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{067BD554-2DFE-4CA2-AF9B-D77B69372256} [2012-03-10 12:17:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7A9B51B7-25D9-4EF4-8321-2965EAA9F601} [2012-03-10 12:17:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A77891E2-9A09-445A-9816-7A8ADD8FD9A0} [2012-03-09 22:17:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FCF2A1DD-9F46-4122-A6F5-8D8C5677FC35} [2012-03-09 22:17:11 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{674EA8A9-B7D8-42E1-8D24-FB426F3CC1E5} [2012-03-09 20:55:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AFA1E704-4100-4AC1-AC9D-D5BC53EA0A39} [2012-03-09 20:55:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E9C6F9EE-9EEA-463A-92EC-A76EE14064BA} [2012-03-09 19:19:31 | 000,213,640 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys [2012-03-09 19:19:31 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys [2012-03-09 19:19:31 | 000,079,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2012-03-09 19:19:31 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys [2012-03-09 19:19:31 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2012-03-09 19:19:31 | 000,034,216 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys [2012-03-09 19:19:30 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe [2012-03-09 19:19:29 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll [2012-03-09 19:19:29 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll [2012-03-09 19:19:27 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012-03-09 19:19:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2012-03-09 19:19:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2012-03-09 13:53:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CDD0A1D2-B55C-48AD-A04A-0936696B177F} [2012-03-09 13:52:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{835C2E95-0138-4D13-8264-F9AF574272CC} [2012-03-09 13:47:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8DCBEB48-B2F8-45DB-A4BA-D08528B1AC37} [2012-03-09 13:46:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5B9E8D5C-5FD6-40E6-AC66-048DAA32D1A8} [2012-03-09 12:58:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{67E3A528-B2FB-410A-92C1-A2946007D725} [2012-03-09 12:57:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{92D885BC-6DF0-450A-A48D-80140A650CAC} [2012-03-09 12:48:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7D777AA5-0B90-4594-BF60-A2E0AAFA200B} [2012-03-09 12:48:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE2651D1-735C-4E49-AAF9-CB87BCD55636} [2012-03-09 11:28:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D362E7E7-C601-44A5-AF50-2E3ACE6814A8} [2012-03-09 11:28:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E91EB1A5-BDEF-4C81-8BE2-84B3B770952E} [2012-03-09 10:38:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9CB9825A-CCD1-4A10-9FBB-1B1B7DA6FAEA} [2012-03-09 10:37:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0CC54677-8C63-4AE8-B4C1-EF050C2CABCC} [2012-03-08 23:29:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F1DAE921-F81F-4CE1-B581-44A196598A31} [2012-03-08 23:29:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{59401D54-7C13-4420-9A31-334E5BF7E01A} [2012-03-08 20:30:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{927E6BAE-371C-4F76-BE34-3A5DEE65F46F} [2012-03-08 20:30:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{305B497A-F720-440A-8B35-9BDDD0F9C66B} [2012-03-08 19:51:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1E5B4A3C-8E38-4369-90DD-AB0F3FE3A569} [2012-03-08 19:51:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B42CFFE7-81B4-4177-A488-D6F8747D84D1} [2012-03-08 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F6BE485D-5DF5-47BD-AE4D-4613C7075516} [2012-03-08 19:21:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{88A6E4AD-EA87-49C4-95DE-A7AEB8D04F0E} [2012-03-08 18:41:26 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{BD202943-6487-4A1D-BEC7-4F7284650E29} [2012-03-08 18:40:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2F81ED96-A8A2-42EE-A3EB-A62584768A94} [2012-03-08 13:55:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0DA0A806-7C08-442A-81CF-0EA765B0AE7F} [2012-03-08 13:55:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE964D24-201D-4911-BDA2-03C80A8EC1E4} [2012-03-08 13:16:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{09835AF4-EDDB-429D-9AFB-BEE0555E7A32} [2012-03-08 13:16:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C855205A-2FA1-4036-A677-88C4865E746F} [2012-03-08 13:09:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9AF71FC1-0B9D-4AEE-A329-35202F5CDC62} [2012-03-08 13:08:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D81C2DEA-EC3D-463C-8B73-60AB6566B32D} [2012-03-08 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7669A81A-E158-4D97-B145-2FF01F332BA1} [2012-03-08 12:29:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8B070D49-89B0-4CDD-AFB8-C29202246F49} [2012-03-08 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A3BC74F0-AA86-4820-B535-655206AA9CD2} [2012-03-08 10:39:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2CF25D37-03C4-41BD-ADDA-CD9F5B752D85} [2012-03-07 23:15:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C6C9B701-426C-4033-8DE0-4B214DEFCA3F} [2012-03-07 23:15:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{16A9D638-C7FC-4897-8A6C-08D1D09FFC94} [2012-03-07 23:15:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{43048A9F-E9BD-49AB-A278-D7439D264CE0} [2012-03-07 23:15:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{82399C23-7267-4C57-B5B1-A9C9F8BB0692} [2012-03-07 22:17:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{834DD644-55D3-4503-BB84-A2E6BF93C5B6} [2012-03-07 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D9D17EA5-646D-42A9-AACC-F63AA92B7610} [2012-03-07 21:55:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0F008228-3499-4E4B-A64F-28ACC99DCFCF} [2012-03-07 18:16:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{96BB5626-EA94-40EB-8A71-CB56B92E5095} [2012-03-07 18:16:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7D2A06A2-C59C-4639-B300-7BC39B94BE2E} [2012-03-07 17:10:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{977A9CC4-1D88-4D32-A134-D2F88A7E9CD3} [2012-03-07 17:10:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2AA080EF-1E08-47D6-8512-C4BA15A75AF6} [2012-03-07 17:04:17 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CF863570-6F1F-465B-B426-1CD2F99F2025} [2012-03-07 17:03:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CB5AF8E2-F97B-4210-8D49-6019BAAF0308} [2012-03-07 17:03:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C38DF318-FFE5-4D74-AECF-76FBC18DC101} [2012-03-07 16:40:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{61EC2407-1DFB-4880-9085-E5D98AC81254} [2012-03-07 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{09FB019B-11F7-47DB-8870-9B1294C83DF0} [2012-03-07 10:55:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0BBBAB99-86EE-4A00-814F-76764952EEBE} [2012-03-07 10:55:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3FD8EF89-BDC4-4D29-9340-96CDD6F4D0C7} [2012-03-07 00:06:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B2CDD9AE-123D-4925-AB34-525F46407512} [2012-03-07 00:05:43 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FAA7A997-01A3-4BAF-B8D2-BB0FF3C82D3A} [2012-03-06 21:10:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3CB81A2E-0F73-4EB2-9471-48B9A1C7719C} [2012-03-06 21:10:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9BC60530-471C-466B-8041-DE5AAE7014CC} [2012-03-06 20:01:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{63A1191A-CD25-4FE6-906B-9DF9F8736ACB} [2012-03-06 20:00:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{89BB88DC-EBBD-4C28-BF89-353B2A3327B1} [2012-03-06 14:11:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EA6F9147-EBF7-4139-BFF0-7AFD2BC469B2} [2012-03-06 14:11:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{DBB11865-6801-49A3-98CE-8E6A5F6ED26E} [2012-03-06 12:08:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B3E89E10-B845-4B85-92BA-6EAA9B206D23} [2012-03-06 12:08:22 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CFB7FE3D-EE48-4D6A-AC49-7612099F6128} [2012-03-06 12:07:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{00AA128F-78B9-4E41-AE16-49E8EF68E322} [2012-03-06 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{216D0E91-8391-4C37-92AE-AF7BC4725C17} [2012-03-06 10:01:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{26003F88-F3F6-424B-AD7B-8E7C2D0A854E} [2012-03-06 10:00:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{51594273-EDF3-4C87-BA1F-848C4B28BFDB} [2012-03-06 09:01:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AC61B50A-C5D2-4951-9EF9-B88C6B2C500A} [2012-03-06 09:01:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AE50E7CE-F30D-4C21-B96D-062FF2B49670} [2012-03-05 23:37:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CD1408E5-EDA3-4AC1-A301-DF8BCB661372} [2012-03-05 23:37:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8FFFABF5-EDA4-48D1-A571-F2887B058B06} [2012-03-05 23:28:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C583644D-1E57-4815-B5A9-A8955AD0061B} [2012-03-05 23:27:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5C23E93E-2781-44C0-A424-03286BF2473C} [2012-03-05 20:52:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{ACB6ACF1-D969-408E-8E3E-0721A995CE94} [2012-03-05 20:52:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{05DD12B4-B982-49F8-8A1A-1EC08C7A2FFA} [2012-03-05 17:19:22 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B983B63E-BD29-42F4-9EF2-D4AEAD7F9E13} [2012-03-05 17:19:13 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{97FF9C8E-5904-47BE-B603-74DADBFE35A6} [2012-03-05 13:06:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E69E7682-22B3-488C-BC41-67CAD45667A4} [2012-03-05 13:06:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B5792C82-7075-4F5A-B33E-816CFBA7878F} [2012-03-05 12:55:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C1CBF9C8-B0EF-4B20-900F-56445892F26D} [2012-03-05 12:55:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{910CE8EF-5E18-4F95-A185-8A041D20ECEC} [2012-03-05 12:44:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1EBBD953-BE0F-4387-B823-C1046A7C67C1} [2012-03-05 12:44:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FE39F697-8843-4A73-91AA-E97C72438466} [2012-03-05 11:57:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C8F30DED-5D5D-4A0F-AC26-D0400BDE7342} [2012-03-05 11:57:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{37B4DE7C-6D79-4A7B-8C18-704ADF30FDD6} [2012-03-05 11:28:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{64EF48ED-6671-4EA1-8409-1012A384D1B1} [2012-03-05 11:28:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2971A6D8-82EF-43C8-A26C-C319D5843B3A} [2012-03-05 08:56:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{60EA503D-992A-4F4A-AB3C-0794CA573BB0} [2012-03-05 08:56:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{488ED906-A05C-434C-A780-9157205FD286} [2012-03-04 19:32:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{45FB87F4-61BB-4D5B-BC9A-821D5D8D383C} [2012-03-04 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CC07CB92-D0ED-49D5-9F32-DEF1DD6D2ECC} [2012-03-04 17:10:02 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{34C02B65-D8EE-4D7E-A3EE-1D9B3AE92F28} [2012-03-04 16:30:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AC45AEF2-EF6B-4D98-A939-8338B3EE1F84} [2012-03-04 16:30:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E7B45F18-F9C8-4CEE-AE16-A2FBE9C60308} [2012-03-04 09:45:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EAB19944-A9C9-42DC-89EC-6B02B00FE0F6} [2012-03-04 09:44:53 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{49C56FB3-300C-4D2D-B545-1B190ED5C654} [2012-03-04 09:37:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{47265DD9-C65A-4027-885C-E4A14E4A31CC} [2012-03-04 09:37:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A2740F8C-52DB-46B9-ADA3-437D6DD0B22B} [2012-03-04 09:36:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C0B7C08A-BB1F-43DA-90CF-C13BCD3089E4} [2012-03-04 09:36:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D85057BD-02A0-45BB-95DA-D9D6E48913DC} [2012-03-04 09:33:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6C682C7B-3BB0-4BB4-8B77-4B69AABFB07B} [2012-03-04 09:33:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{34D8269A-2FF3-43A1-BF82-AE6CEA0D92E1} [2012-03-04 00:06:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EC68489B-8261-456D-A9FB-090867F31B47} [2012-03-04 00:06:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{10C9D44C-07A6-448E-B5C6-5B6D36219CDE} [2012-03-03 15:02:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{285B4CC2-CCA1-41CE-8DBE-A8E654879839} [2012-03-03 15:02:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A86AB0A1-2789-49BC-B2A1-9A0362201020} [2012-03-03 13:57:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{357ED63F-AB5D-4053-96B7-DA89001BA57F} [2012-03-03 13:57:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{27CF30A4-7509-4E9B-B0A9-7041AC6458E5} [2012-03-03 13:11:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{59720F6D-AE5A-4512-9052-73234F5895EB} [2012-03-03 13:11:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F8FEFA25-E092-4C18-9FAB-9E6CCB398036} [2012-03-03 00:17:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6D076397-C2A0-49A8-8065-BE41D4971E84} [2012-03-03 00:17:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{03CA70CB-BF76-4543-934A-55A36CE155CE} [2012-03-02 21:52:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D90D6520-D13F-4D73-924D-C88BB6E58E64} [2012-03-02 21:52:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4D5A74B2-6570-46EC-A5B4-59D0C4B5E66F} [2012-03-02 16:30:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FA36239D-9352-42D6-BA9B-56765E6C7FDF} [2012-03-02 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B0D37998-ACB2-4E8A-A22A-C3BD0D0EF618} [2012-03-02 14:52:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{054891E9-80CF-4416-9B2F-AFF1938594D7} [2012-03-02 13:46:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A4D98DCB-0EFA-4410-923E-BD4C21C7B8D5} [2012-03-02 13:46:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D4CFFA3D-BFED-4059-B45B-7386DF3E41CB} [2012-03-02 12:59:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C83B74F7-E3D0-44BD-BB8C-CEA69727A521} [2012-03-02 12:59:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{57B9EEEC-86BF-42ED-A106-05023C15D155} [2012-03-01 23:59:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{213899AA-4DCB-4B84-91EB-19193346BC94} [2012-03-01 23:59:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{31D3ED46-A0C0-46D5-A6B7-BEFA95CB18B1} [2012-03-01 20:59:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D4AFF116-8CC1-4025-9686-40B13E5E4CE5} [2012-03-01 20:58:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F7C83BD8-1CFE-4B87-A259-25F2198E31C2} [2012-03-01 20:58:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E0FC6AF7-B997-4E9A-B0BE-181F01CEA55D} [2012-03-01 20:57:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9873CBC1-B028-4879-8CCC-E597A6A0C4C8} [2012-03-01 20:57:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{552929E3-A16D-4DC0-8D21-06E7BE83A2D2} [2012-03-01 18:01:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6324A3B5-9B8C-418B-BDF8-6ADFCEBEB364} [2012-03-01 17:17:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4F1B64E7-F2D7-4323-B0D5-2907DEC96A6F} [2012-03-01 16:49:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8651BBE2-DE31-4CE1-AB79-A2E073235CEE} [2012-03-01 12:15:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{47254C15-82F3-471C-92D1-09A370ACFE59} [2012-03-01 12:15:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D93722B1-E270-4B8C-A6AB-46CD8748B3CA} [2012-02-29 22:20:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D4890735-74FF-4CDF-AA24-7D4FF8069065} [2012-02-29 22:20:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{93A3EDC8-6C07-47DD-AAE9-C13AD6DA613D} [2012-02-29 17:55:12 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5640543F-82DA-4C9D-AE8B-9B5F5ADD6B96} [2012-02-29 17:55:02 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2025E4A9-94B7-403C-9A63-873642145C96} [2012-02-29 12:43:17 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{76567C85-0037-420B-94D9-8FBD5529943A} [2012-02-29 11:29:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B0B42491-7549-4747-A883-F9D82334EEB6} [2012-02-29 11:29:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{16018457-F943-47EA-A84E-E1E8C198A66F} [2012-02-28 20:45:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{838C89BF-9825-466E-ABF2-593E05E1318B} [2012-02-28 20:45:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D8A53951-1C6F-4EEA-B996-000821044080} [2012-02-28 14:06:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{27EACED6-EC0D-4DDF-AAE2-9DF658CC341F} [2012-02-28 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1399D856-B0C0-4309-8ACC-4EFF63D0FB5C} [2012-02-28 13:00:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{37110F28-6191-48AF-B38E-4B01C5C5F6BA} [2012-02-28 12:19:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5CA81E01-7C6C-42A4-8265-B3CFE044A3B1} [2012-02-28 12:19:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B41B77C3-4EB3-48FC-8F3D-F63C68E32D26} [2012-02-28 00:29:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{86D3B414-A6D9-459D-85E7-635CC7BE3A19} [2012-02-28 00:29:25 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8A8A9C26-AEE8-49D0-90F2-E7343C9237B0} [2012-02-27 22:54:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{37C3BE8D-30B8-48FB-A3B4-5D45C6F50431} [2012-02-27 22:53:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{518295F5-02BF-45EA-B2C4-22EC9C42246A} [2012-02-27 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{533DD14A-75C0-4CFD-9BD6-2F8399F08FE7} [2012-02-27 20:18:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B08BCB1D-EBEC-47E7-8607-F79BDD7B6AD8} [2012-02-27 17:51:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{318EFD78-D218-4872-8871-24282874DC8A} [2012-02-27 17:51:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{50C10642-68C2-410B-A3D8-F9D55E384841} [2012-02-27 11:13:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F6CFCE34-8ADA-44C1-9955-40144FDAC091} [2012-02-27 11:13:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1314BC7C-2816-470C-AC42-0060A08A9579} [2012-02-27 11:07:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1C8D1CF4-5227-4EA8-8394-A985ACF95077} [2012-02-27 11:07:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6F4F0F78-5E02-4A32-84C4-BC1C0EE3BBA5} [2012-02-27 10:33:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{43BE6172-2069-4F6B-98CF-E1281682C446} [2012-02-27 10:33:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4B5727F2-AE91-430A-B1BE-BDF36A3C7EF0} [2012-02-26 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8344D692-6E9A-4697-A601-159955061AE7} [2012-02-26 20:27:25 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{84486FBD-0CEF-481C-BFE4-13EA24BAB9A4} [2012-02-26 20:27:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C057A6CF-6625-48E3-A7AC-85ACE206E00E} [2012-02-26 17:12:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{171EC639-177B-453B-B064-539D72EB3498} [2012-02-26 16:19:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3732E7A8-AF8E-4AA3-9135-79AD64404677} [2012-02-26 16:19:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FB33B338-B769-4A06-881C-6DF1E619E9A0} [2012-02-26 13:58:53 | 000,000,000 | ---D | C] -- C:\Users\beheerder\Documents\codes en wachtwoorden [2012-02-26 13:21:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EF0266C1-D053-4307-872C-6E6235B5907F} [2012-02-26 13:21:07 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8D044A20-E397-4E09-9587-01C7B8167DC0} [2012-02-26 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9DE504CE-7840-420C-B785-959AACD8142A} [2012-02-26 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{892FC4D9-4172-46F3-A5D8-4C875D37E36A} [2012-02-26 13:07:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6C87FB88-CA9E-46AA-86D4-6DE3FC56F7AC} [2012-02-26 13:07:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C60095C4-C2AA-4685-8D3C-F0751160EB0A} [2012-02-26 13:05:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FA037894-FC13-4C77-BE3D-7A1BD78DC6C8} [2012-02-26 13:05:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE2C6E0F-1553-42CA-B6F4-6A4BBA28D8CB} [2012-02-26 13:04:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5BA43E6D-84C7-47EE-BC58-972F9127959E} [2012-02-26 12:07:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{94F0D724-94DD-4392-AD37-C28718478F56} [2012-02-26 12:07:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{52369848-8104-4A10-AEA8-47D6C754C7EF} [2012-02-26 12:00:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{00FE4A30-7611-4D57-B8AC-25AB506DEA6A} [2012-02-26 12:00:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AB810350-A13C-4A20-A8AD-60665A9DD29B} [2012-02-26 00:49:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{92E76890-C56A-4112-9CF8-F45DB1FDBAF7} [2012-02-26 00:00:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D6CC543E-7AD8-47A3-95C1-98740A63A7B2} [2012-02-25 23:59:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D7B13702-930E-4A59-9902-58549ABEB2BA} [2012-02-25 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{906D99AF-B7E2-4349-8B2B-55650BB35EDD} [2012-02-25 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E576CB08-E9D2-46F1-88E0-E9160C77167D} [2012-02-25 17:13:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{208CDCCC-2D4F-4BC8-A566-12D12CA79E8A} [2012-02-25 17:13:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{368CFD6F-6CFC-4A28-A2C8-95A90D9D63AA} [2012-02-25 17:11:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{51BC7E2A-D855-4774-8A4E-68EE84FD2C42} [2012-02-25 17:11:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4BA05AC5-BAF3-4A22-8C27-24DBED19F5B2} [2012-02-25 13:33:13 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F250A87D-485C-4691-AB92-008D06C19895} [2012-02-25 13:33:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{070E5C4C-0F51-42E9-9745-6E2B24E52B41} [2012-02-25 13:05:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{30147645-6AE9-4A15-A1B9-72CB0FE7337C} [2012-02-25 13:05:13 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5761C24C-2CD5-4407-87ED-691E2E07D4 Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Het log is niet compleet. Het laatste gedeelte mist, kan je dat terugvinden - post dat dan. Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Sorry, stonk er weer in color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012-03-12 10:33:45 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk [2012-03-12 10:27:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{51C80B69-FDE5-4279-AA54-6FC4C51A00E8} [2012-03-12 10:26:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0BBC4425-7CA1-4301-A5CC-BACE697588A5} [2012-03-12 08:36:47 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012-03-12 08:29:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012-03-12 08:21:22 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe [2012-03-12 08:17:09 | 000,000,000 | ---D | C] -- C:\Reg_Backup [2012-03-12 08:17:07 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012-03-12 08:14:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com [2012-03-12 08:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Tweaking.com [2012-03-11 20:55:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012-03-11 20:44:03 | 000,000,000 | ---D | C] -- C:\ComboFix [2012-03-11 16:32:02 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{260881AC-7AA2-4299-B5D0-CBDB3B448151} [2012-03-11 16:31:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6CC5053B-636D-4937-8DB0-18D2C508FD35} [2012-03-11 13:09:13 | 001,585,560 | ---- | C] (Emsi Software GmbH) -- C:\Users\beheerder\Desktop\start.exe [2012-03-11 13:09:12 | 000,000,000 | ---D | C] -- C:\Users\beheerder\Desktop\Languages [2012-03-11 13:08:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\Desktop\Run [2012-03-11 12:54:58 | 004,730,880 | ---- | C] (AVAST Software) -- C:\Users\beheerder\Desktop\aswMBR.exe [2012-03-11 12:34:58 | 000,000,000 | ---D | C] -- C:\_OTL [2012-03-11 12:03:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Roaming\TeamViewer [2012-03-11 12:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2012-03-11 10:17:55 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\beheerder\Desktop\OTL.com [2012-03-11 10:10:27 | 000,000,000 | ---D | C] -- C:\Program Files\backups [2012-03-11 09:35:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012-03-11 09:35:53 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012-03-11 09:35:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012-03-11 09:18:50 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Program Files\HijackThis.exe [2012-03-10 18:11:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{25272832-F3A5-42D9-8759-084D68EC7683} [2012-03-10 18:11:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0F7BD1B8-F436-4B97-9F01-31914D1B7A48} [2012-03-10 14:14:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C495001E-460E-4E02-9AF3-ED549646C91A} [2012-03-10 14:14:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{949A580D-25D5-46EA-B026-C02114F1D5CD} [2012-03-10 13:22:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{616F7C79-C3EA-4A6F-A0AC-BB97F2434D09} [2012-03-10 12:20:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F1103772-79C7-4F53-A4E4-421272CD8892} [2012-03-10 12:20:26 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{067BD554-2DFE-4CA2-AF9B-D77B69372256} [2012-03-10 12:17:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7A9B51B7-25D9-4EF4-8321-2965EAA9F601} [2012-03-10 12:17:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A77891E2-9A09-445A-9816-7A8ADD8FD9A0} [2012-03-09 22:17:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FCF2A1DD-9F46-4122-A6F5-8D8C5677FC35} [2012-03-09 22:17:11 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{674EA8A9-B7D8-42E1-8D24-FB426F3CC1E5} [2012-03-09 20:55:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AFA1E704-4100-4AC1-AC9D-D5BC53EA0A39} [2012-03-09 20:55:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E9C6F9EE-9EEA-463A-92EC-A76EE14064BA} [2012-03-09 19:19:31 | 000,213,640 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfehidk.sys [2012-03-09 19:19:31 | 000,130,424 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\Mpfp.sys [2012-03-09 19:19:31 | 000,079,304 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfeavfk.sys [2012-03-09 19:19:31 | 000,040,552 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfesmfk.sys [2012-03-09 19:19:31 | 000,035,272 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mfebopk.sys [2012-03-09 19:19:31 | 000,034,216 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\drivers\mferkdk.sys [2012-03-09 19:19:30 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vsp1cln.exe [2012-03-09 19:19:29 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmProv.dll [2012-03-09 19:19:29 | 000,001,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WsmCl.dll [2012-03-09 19:19:27 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012-03-09 19:19:25 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2012-03-09 19:19:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\corpol.dll [2012-03-09 13:53:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CDD0A1D2-B55C-48AD-A04A-0936696B177F} [2012-03-09 13:52:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{835C2E95-0138-4D13-8264-F9AF574272CC} [2012-03-09 13:47:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8DCBEB48-B2F8-45DB-A4BA-D08528B1AC37} [2012-03-09 13:46:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5B9E8D5C-5FD6-40E6-AC66-048DAA32D1A8} [2012-03-09 12:58:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{67E3A528-B2FB-410A-92C1-A2946007D725} [2012-03-09 12:57:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{92D885BC-6DF0-450A-A48D-80140A650CAC} [2012-03-09 12:48:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7D777AA5-0B90-4594-BF60-A2E0AAFA200B} [2012-03-09 12:48:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE2651D1-735C-4E49-AAF9-CB87BCD55636} [2012-03-09 11:28:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D362E7E7-C601-44A5-AF50-2E3ACE6814A8} [2012-03-09 11:28:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E91EB1A5-BDEF-4C81-8BE2-84B3B770952E} [2012-03-09 10:38:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9CB9825A-CCD1-4A10-9FBB-1B1B7DA6FAEA} [2012-03-09 10:37:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0CC54677-8C63-4AE8-B4C1-EF050C2CABCC} [2012-03-08 23:29:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F1DAE921-F81F-4CE1-B581-44A196598A31} [2012-03-08 23:29:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{59401D54-7C13-4420-9A31-334E5BF7E01A} [2012-03-08 20:30:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{927E6BAE-371C-4F76-BE34-3A5DEE65F46F} [2012-03-08 20:30:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{305B497A-F720-440A-8B35-9BDDD0F9C66B} [2012-03-08 19:51:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1E5B4A3C-8E38-4369-90DD-AB0F3FE3A569} [2012-03-08 19:51:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B42CFFE7-81B4-4177-A488-D6F8747D84D1} [2012-03-08 19:21:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F6BE485D-5DF5-47BD-AE4D-4613C7075516} [2012-03-08 19:21:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{88A6E4AD-EA87-49C4-95DE-A7AEB8D04F0E} [2012-03-08 18:41:26 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{BD202943-6487-4A1D-BEC7-4F7284650E29} [2012-03-08 18:40:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2F81ED96-A8A2-42EE-A3EB-A62584768A94} [2012-03-08 13:55:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0DA0A806-7C08-442A-81CF-0EA765B0AE7F} [2012-03-08 13:55:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE964D24-201D-4911-BDA2-03C80A8EC1E4} [2012-03-08 13:16:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{09835AF4-EDDB-429D-9AFB-BEE0555E7A32} [2012-03-08 13:16:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C855205A-2FA1-4036-A677-88C4865E746F} [2012-03-08 13:09:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9AF71FC1-0B9D-4AEE-A329-35202F5CDC62} [2012-03-08 13:08:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D81C2DEA-EC3D-463C-8B73-60AB6566B32D} [2012-03-08 12:29:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7669A81A-E158-4D97-B145-2FF01F332BA1} [2012-03-08 12:29:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8B070D49-89B0-4CDD-AFB8-C29202246F49} [2012-03-08 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A3BC74F0-AA86-4820-B535-655206AA9CD2} [2012-03-08 10:39:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2CF25D37-03C4-41BD-ADDA-CD9F5B752D85} [2012-03-07 23:15:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C6C9B701-426C-4033-8DE0-4B214DEFCA3F} [2012-03-07 23:15:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{16A9D638-C7FC-4897-8A6C-08D1D09FFC94} [2012-03-07 23:15:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{43048A9F-E9BD-49AB-A278-D7439D264CE0} [2012-03-07 23:15:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{82399C23-7267-4C57-B5B1-A9C9F8BB0692} [2012-03-07 22:17:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{834DD644-55D3-4503-BB84-A2E6BF93C5B6} [2012-03-07 21:55:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D9D17EA5-646D-42A9-AACC-F63AA92B7610} [2012-03-07 21:55:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0F008228-3499-4E4B-A64F-28ACC99DCFCF} [2012-03-07 18:16:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{96BB5626-EA94-40EB-8A71-CB56B92E5095} [2012-03-07 18:16:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7D2A06A2-C59C-4639-B300-7BC39B94BE2E} [2012-03-07 17:10:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{977A9CC4-1D88-4D32-A134-D2F88A7E9CD3} [2012-03-07 17:10:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2AA080EF-1E08-47D6-8512-C4BA15A75AF6} [2012-03-07 17:04:17 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CF863570-6F1F-465B-B426-1CD2F99F2025} [2012-03-07 17:03:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CB5AF8E2-F97B-4210-8D49-6019BAAF0308} [2012-03-07 17:03:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C38DF318-FFE5-4D74-AECF-76FBC18DC101} [2012-03-07 16:40:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{61EC2407-1DFB-4880-9085-E5D98AC81254} [2012-03-07 16:39:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{09FB019B-11F7-47DB-8870-9B1294C83DF0} [2012-03-07 10:55:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0BBBAB99-86EE-4A00-814F-76764952EEBE} [2012-03-07 10:55:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3FD8EF89-BDC4-4D29-9340-96CDD6F4D0C7} [2012-03-07 00:06:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B2CDD9AE-123D-4925-AB34-525F46407512} [2012-03-07 00:05:43 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FAA7A997-01A3-4BAF-B8D2-BB0FF3C82D3A} [2012-03-06 21:10:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3CB81A2E-0F73-4EB2-9471-48B9A1C7719C} [2012-03-06 21:10:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9BC60530-471C-466B-8041-DE5AAE7014CC} [2012-03-06 20:01:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{63A1191A-CD25-4FE6-906B-9DF9F8736ACB} [2012-03-06 20:00:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{89BB88DC-EBBD-4C28-BF89-353B2A3327B1} [2012-03-06 14:11:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EA6F9147-EBF7-4139-BFF0-7AFD2BC469B2} [2012-03-06 14:11:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{DBB11865-6801-49A3-98CE-8E6A5F6ED26E} [2012-03-06 12:08:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B3E89E10-B845-4B85-92BA-6EAA9B206D23} [2012-03-06 12:08:22 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CFB7FE3D-EE48-4D6A-AC49-7612099F6128} [2012-03-06 12:07:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{00AA128F-78B9-4E41-AE16-49E8EF68E322} [2012-03-06 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{216D0E91-8391-4C37-92AE-AF7BC4725C17} [2012-03-06 10:01:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{26003F88-F3F6-424B-AD7B-8E7C2D0A854E} [2012-03-06 10:00:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{51594273-EDF3-4C87-BA1F-848C4B28BFDB} [2012-03-06 09:01:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AC61B50A-C5D2-4951-9EF9-B88C6B2C500A} [2012-03-06 09:01:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AE50E7CE-F30D-4C21-B96D-062FF2B49670} [2012-03-05 23:37:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CD1408E5-EDA3-4AC1-A301-DF8BCB661372} [2012-03-05 23:37:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8FFFABF5-EDA4-48D1-A571-F2887B058B06} [2012-03-05 23:28:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C583644D-1E57-4815-B5A9-A8955AD0061B} [2012-03-05 23:27:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5C23E93E-2781-44C0-A424-03286BF2473C} [2012-03-05 20:52:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{ACB6ACF1-D969-408E-8E3E-0721A995CE94} [2012-03-05 20:52:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{05DD12B4-B982-49F8-8A1A-1EC08C7A2FFA} [2012-03-05 17:19:22 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B983B63E-BD29-42F4-9EF2-D4AEAD7F9E13} [2012-03-05 17:19:13 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{97FF9C8E-5904-47BE-B603-74DADBFE35A6} [2012-03-05 13:06:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E69E7682-22B3-488C-BC41-67CAD45667A4} [2012-03-05 13:06:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B5792C82-7075-4F5A-B33E-816CFBA7878F} [2012-03-05 12:55:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C1CBF9C8-B0EF-4B20-900F-56445892F26D} [2012-03-05 12:55:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{910CE8EF-5E18-4F95-A185-8A041D20ECEC} [2012-03-05 12:44:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1EBBD953-BE0F-4387-B823-C1046A7C67C1} [2012-03-05 12:44:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FE39F697-8843-4A73-91AA-E97C72438466} [2012-03-05 11:57:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C8F30DED-5D5D-4A0F-AC26-D0400BDE7342} [2012-03-05 11:57:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{37B4DE7C-6D79-4A7B-8C18-704ADF30FDD6} [2012-03-05 11:28:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{64EF48ED-6671-4EA1-8409-1012A384D1B1} [2012-03-05 11:28:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2971A6D8-82EF-43C8-A26C-C319D5843B3A} [2012-03-05 08:56:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{60EA503D-992A-4F4A-AB3C-0794CA573BB0} [2012-03-05 08:56:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{488ED906-A05C-434C-A780-9157205FD286} [2012-03-04 19:32:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{45FB87F4-61BB-4D5B-BC9A-821D5D8D383C} [2012-03-04 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CC07CB92-D0ED-49D5-9F32-DEF1DD6D2ECC} [2012-03-04 17:10:02 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{34C02B65-D8EE-4D7E-A3EE-1D9B3AE92F28} [2012-03-04 16:30:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AC45AEF2-EF6B-4D98-A939-8338B3EE1F84} [2012-03-04 16:30:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E7B45F18-F9C8-4CEE-AE16-A2FBE9C60308} [2012-03-04 09:45:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EAB19944-A9C9-42DC-89EC-6B02B00FE0F6} [2012-03-04 09:44:53 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{49C56FB3-300C-4D2D-B545-1B190ED5C654} [2012-03-04 09:37:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{47265DD9-C65A-4027-885C-E4A14E4A31CC} [2012-03-04 09:37:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A2740F8C-52DB-46B9-ADA3-437D6DD0B22B} [2012-03-04 09:36:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C0B7C08A-BB1F-43DA-90CF-C13BCD3089E4} [2012-03-04 09:36:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D85057BD-02A0-45BB-95DA-D9D6E48913DC} [2012-03-04 09:33:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6C682C7B-3BB0-4BB4-8B77-4B69AABFB07B} [2012-03-04 09:33:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{34D8269A-2FF3-43A1-BF82-AE6CEA0D92E1} [2012-03-04 00:06:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EC68489B-8261-456D-A9FB-090867F31B47} [2012-03-04 00:06:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{10C9D44C-07A6-448E-B5C6-5B6D36219CDE} [2012-03-03 15:02:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{285B4CC2-CCA1-41CE-8DBE-A8E654879839} [2012-03-03 15:02:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A86AB0A1-2789-49BC-B2A1-9A0362201020} [2012-03-03 13:57:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{357ED63F-AB5D-4053-96B7-DA89001BA57F} [2012-03-03 13:57:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{27CF30A4-7509-4E9B-B0A9-7041AC6458E5} [2012-03-03 13:11:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{59720F6D-AE5A-4512-9052-73234F5895EB} [2012-03-03 13:11:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F8FEFA25-E092-4C18-9FAB-9E6CCB398036} [2012-03-03 00:17:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6D076397-C2A0-49A8-8065-BE41D4971E84} [2012-03-03 00:17:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{03CA70CB-BF76-4543-934A-55A36CE155CE} [2012-03-02 21:52:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D90D6520-D13F-4D73-924D-C88BB6E58E64} [2012-03-02 21:52:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4D5A74B2-6570-46EC-A5B4-59D0C4B5E66F} [2012-03-02 16:30:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FA36239D-9352-42D6-BA9B-56765E6C7FDF} [2012-03-02 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B0D37998-ACB2-4E8A-A22A-C3BD0D0EF618} [2012-03-02 14:52:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{054891E9-80CF-4416-9B2F-AFF1938594D7} [2012-03-02 13:46:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A4D98DCB-0EFA-4410-923E-BD4C21C7B8D5} [2012-03-02 13:46:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D4CFFA3D-BFED-4059-B45B-7386DF3E41CB} [2012-03-02 12:59:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C83B74F7-E3D0-44BD-BB8C-CEA69727A521} [2012-03-02 12:59:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{57B9EEEC-86BF-42ED-A106-05023C15D155} [2012-03-01 23:59:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{213899AA-4DCB-4B84-91EB-19193346BC94} [2012-03-01 23:59:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{31D3ED46-A0C0-46D5-A6B7-BEFA95CB18B1} [2012-03-01 20:59:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D4AFF116-8CC1-4025-9686-40B13E5E4CE5} [2012-03-01 20:58:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F7C83BD8-1CFE-4B87-A259-25F2198E31C2} [2012-03-01 20:58:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E0FC6AF7-B997-4E9A-B0BE-181F01CEA55D} [2012-03-01 20:57:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9873CBC1-B028-4879-8CCC-E597A6A0C4C8} [2012-03-01 20:57:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{552929E3-A16D-4DC0-8D21-06E7BE83A2D2} [2012-03-01 18:01:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6324A3B5-9B8C-418B-BDF8-6ADFCEBEB364} [2012-03-01 17:17:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4F1B64E7-F2D7-4323-B0D5-2907DEC96A6F} [2012-03-01 16:49:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8651BBE2-DE31-4CE1-AB79-A2E073235CEE} [2012-03-01 12:15:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{47254C15-82F3-471C-92D1-09A370ACFE59} [2012-03-01 12:15:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D93722B1-E270-4B8C-A6AB-46CD8748B3CA} [2012-02-29 22:20:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D4890735-74FF-4CDF-AA24-7D4FF8069065} [2012-02-29 22:20:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{93A3EDC8-6C07-47DD-AAE9-C13AD6DA613D} [2012-02-29 17:55:12 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5640543F-82DA-4C9D-AE8B-9B5F5ADD6B96} [2012-02-29 17:55:02 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2025E4A9-94B7-403C-9A63-873642145C96} [2012-02-29 12:43:17 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{76567C85-0037-420B-94D9-8FBD5529943A} [2012-02-29 11:29:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B0B42491-7549-4747-A883-F9D82334EEB6} [2012-02-29 11:29:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{16018457-F943-47EA-A84E-E1E8C198A66F} [2012-02-28 20:45:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{838C89BF-9825-466E-ABF2-593E05E1318B} [2012-02-28 20:45:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D8A53951-1C6F-4EEA-B996-000821044080} [2012-02-28 14:06:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{27EACED6-EC0D-4DDF-AAE2-9DF658CC341F} [2012-02-28 13:00:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1399D856-B0C0-4309-8ACC-4EFF63D0FB5C} [2012-02-28 13:00:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{37110F28-6191-48AF-B38E-4B01C5C5F6BA} [2012-02-28 12:19:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5CA81E01-7C6C-42A4-8265-B3CFE044A3B1} [2012-02-28 12:19:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B41B77C3-4EB3-48FC-8F3D-F63C68E32D26} [2012-02-28 00:29:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{86D3B414-A6D9-459D-85E7-635CC7BE3A19} [2012-02-28 00:29:25 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8A8A9C26-AEE8-49D0-90F2-E7343C9237B0} [2012-02-27 22:54:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{37C3BE8D-30B8-48FB-A3B4-5D45C6F50431} [2012-02-27 22:53:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{518295F5-02BF-45EA-B2C4-22EC9C42246A} [2012-02-27 20:19:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{533DD14A-75C0-4CFD-9BD6-2F8399F08FE7} [2012-02-27 20:18:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B08BCB1D-EBEC-47E7-8607-F79BDD7B6AD8} [2012-02-27 17:51:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{318EFD78-D218-4872-8871-24282874DC8A} [2012-02-27 17:51:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{50C10642-68C2-410B-A3D8-F9D55E384841} [2012-02-27 11:13:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F6CFCE34-8ADA-44C1-9955-40144FDAC091} [2012-02-27 11:13:14 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1314BC7C-2816-470C-AC42-0060A08A9579} [2012-02-27 11:07:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1C8D1CF4-5227-4EA8-8394-A985ACF95077} [2012-02-27 11:07:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6F4F0F78-5E02-4A32-84C4-BC1C0EE3BBA5} [2012-02-27 10:33:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{43BE6172-2069-4F6B-98CF-E1281682C446} [2012-02-27 10:33:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4B5727F2-AE91-430A-B1BE-BDF36A3C7EF0} [2012-02-26 22:31:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8344D692-6E9A-4697-A601-159955061AE7} [2012-02-26 20:27:25 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{84486FBD-0CEF-481C-BFE4-13EA24BAB9A4} [2012-02-26 20:27:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C057A6CF-6625-48E3-A7AC-85ACE206E00E} [2012-02-26 17:12:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{171EC639-177B-453B-B064-539D72EB3498} [2012-02-26 16:19:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3732E7A8-AF8E-4AA3-9135-79AD64404677} [2012-02-26 16:19:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FB33B338-B769-4A06-881C-6DF1E619E9A0} [2012-02-26 13:58:53 | 000,000,000 | ---D | C] -- C:\Users\beheerder\Documents\codes en wachtwoorden [2012-02-26 13:21:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EF0266C1-D053-4307-872C-6E6235B5907F} [2012-02-26 13:21:07 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8D044A20-E397-4E09-9587-01C7B8167DC0} [2012-02-26 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9DE504CE-7840-420C-B785-959AACD8142A} [2012-02-26 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{892FC4D9-4172-46F3-A5D8-4C875D37E36A} [2012-02-26 13:07:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6C87FB88-CA9E-46AA-86D4-6DE3FC56F7AC} [2012-02-26 13:07:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C60095C4-C2AA-4685-8D3C-F0751160EB0A} [2012-02-26 13:05:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FA037894-FC13-4C77-BE3D-7A1BD78DC6C8} [2012-02-26 13:05:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE2C6E0F-1553-42CA-B6F4-6A4BBA28D8CB} [2012-02-26 13:04:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5BA43E6D-84C7-47EE-BC58-972F9127959E} [2012-02-26 12:07:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{94F0D724-94DD-4392-AD37-C28718478F56} [2012-02-26 12:07:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{52369848-8104-4A10-AEA8-47D6C754C7EF} [2012-02-26 12:00:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{00FE4A30-7611-4D57-B8AC-25AB506DEA6A} [2012-02-26 12:00:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AB810350-A13C-4A20-A8AD-60665A9DD29B} [2012-02-26 00:49:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{92E76890-C56A-4112-9CF8-F45DB1FDBAF7} [2012-02-26 00:00:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D6CC543E-7AD8-47A3-95C1-98740A63A7B2} [2012-02-25 23:59:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D7B13702-930E-4A59-9902-58549ABEB2BA} [2012-02-25 23:26:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{906D99AF-B7E2-4349-8B2B-55650BB35EDD} [2012-02-25 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E576CB08-E9D2-46F1-88E0-E9160C77167D} [2012-02-25 17:13:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{208CDCCC-2D4F-4BC8-A566-12D12CA79E8A} [2012-02-25 17:13:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{368CFD6F-6CFC-4A28-A2C8-95A90D9D63AA} [2012-02-25 17:11:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{51BC7E2A-D855-4774-8A4E-68EE84FD2C42} [2012-02-25 17:11:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4BA05AC5-BAF3-4A22-8C27-24DBED19F5B2} [2012-02-25 13:33:13 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F250A87D-485C-4691-AB92-008D06C19895} [2012-02-25 13:33:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{070E5C4C-0F51-42E9-9745-6E2B24E52B41} [2012-02-25 13:05:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{30147645-6AE9-4A15-A1B9-72CB0FE7337C} [2012-02-25 13:05:13 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5761C24C-2CD5-4407-87ED-691E2E07D4BB} [2012-02-25 12:25:07 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1E6849AD-4567-4A50-8418-7B0C48305EEE} [2012-02-25 12:24:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F557DE4F-DC1D-4532-9DD6-E6A6D9FCBB37} [2012-02-24 23:47:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A38577E9-489B-426A-878A-FC3568096C7C} [2012-02-24 23:47:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{79A272E6-D57F-4561-A4E1-4583D31FEF78} [2012-02-24 17:44:43 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{59D44DED-5592-432E-AE47-084A42A3110F} [2012-02-24 17:44:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{73924AAE-4932-48BB-8BA5-51C9903E6ECA} [2012-02-24 14:04:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{35698623-C667-498F-9F13-F76F6FA26585} [2012-02-24 14:04:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D15F9CCE-6DB3-47B9-BA0B-62C30C3C6E23} [2012-02-24 13:31:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5DC01DF8-64FE-479D-ABD9-3B25A1076148} [2012-02-24 13:31:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1C1DF2BD-13B7-4A5A-A09E-B21837875865} [2012-02-24 12:54:43 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0CC01258-D330-4944-B195-F439D2CFDC3A} [2012-02-24 12:53:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{76258158-826E-4C72-B923-633B6AFCF975} [2012-02-24 11:43:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1CF97791-A70F-4C3E-8F9E-01B25B1ACECF} [2012-02-24 11:42:35 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{57B26E0D-BA66-4198-84B6-D281E8E96663} [2012-02-24 11:19:20 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{29A88673-3050-4782-B1B8-F2949F1F48AB} [2012-02-24 11:19:11 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EE386DD1-B751-4B55-9B0D-0CEE1C32754C} [2012-02-23 22:21:04 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7F14E751-F638-4005-9BE1-69F34A0D474C} [2012-02-23 22:20:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{30BCEC3C-18EB-4DF5-A568-92ABF1119D16} [2012-02-23 21:40:17 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{23F725DD-9C09-4D99-83D9-AF8C7884C981} [2012-02-23 21:40:07 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{872B2AC8-BD4C-45A2-82B0-7202A6817C7E} [2012-02-23 20:31:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FE4533E0-3442-4290-8E2C-B93CBA851CB0} [2012-02-23 20:30:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{547C12F7-9F37-4544-A0EE-5F52966DB3D7} [2012-02-23 18:04:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D6E5A812-1E92-43E0-BF0F-2D4B73052937} [2012-02-23 18:04:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{11C6AB28-6B00-45D9-A66F-D2981F658622} [2012-02-23 13:41:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{22E7B14E-90B6-4139-8EC9-07F822694C2F} [2012-02-23 13:41:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6C12FA68-B321-4939-9D6B-2E5A7252C7F0} [2012-02-23 10:00:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E35B5F2D-524D-448F-B3FE-34EE28222616} [2012-02-23 10:00:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1D3C6943-F98F-4CD4-B9B4-558D72DF4463} [2012-02-22 22:27:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5EEDCB8F-F426-4EDC-9746-6D4C9CF9EC5F} [2012-02-22 22:27:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F1E118BE-D695-44D5-A769-87831816ACDF} [2012-02-22 18:54:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B5425D43-FD9E-48A5-A168-472681E8DDEC} [2012-02-22 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{811A5F01-3D2B-4A03-BF37-6E8199F0515E} [2012-02-22 18:49:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{061BAA8B-8999-4F4C-BC10-C3260F1802EA} [2012-02-22 18:13:27 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6F719C5B-EEFB-44A3-87D7-70BE306D6966} [2012-02-22 18:13:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1B574872-BE56-4EE4-85E0-BC0415277FDB} [2012-02-22 11:22:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FC14CE92-C5BC-4901-984A-50062BA2D6E3} [2012-02-22 11:22:36 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D56C8CD2-FC83-4D4C-A83F-C73604458779} [2012-02-22 10:46:52 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3241E67C-6419-48C9-BEC2-0008EA2E73FD} [2012-02-22 10:46:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F378A921-883C-49EF-B401-D9A918C7CDD4} [2012-02-21 23:54:35 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{BCC9DFEC-C011-4BAE-8FEC-47A3082A6C15} [2012-02-21 23:54:25 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D9216ABB-CBAD-4669-89D8-65A79FBA4799} [2012-02-21 20:05:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1A5558CA-A3BC-4068-AF15-F314DD2CC456} [2012-02-21 20:05:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8A220F8B-5B31-4EC0-93A3-EA1F04202A4E} [2012-02-21 13:22:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A8D29B0E-535C-489A-9075-39D5DC91FC16} [2012-02-21 13:22:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{08750581-1D95-4500-9E50-B9C7BF7C5DF0} [2012-02-21 12:42:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B4A36E0F-126A-48AC-A2C6-9B18D2183EAB} [2012-02-21 12:42:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C8B624F1-284A-4AE2-8800-AE683431453A} [2012-02-21 12:13:20 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{BF33D322-B3CD-4288-95C5-67A46E8BA9EC} [2012-02-21 12:13:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{73934AA3-7763-4400-A3B9-A32E064575F9} [2012-02-21 09:29:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A979BEF4-0D1A-416D-A01B-FE3BB8D983B4} [2012-02-21 09:28:57 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8523DCE3-B712-4EC3-BFDD-C9FC87FA854A} [2012-02-21 09:06:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C22C77E7-E66C-465C-B4A0-695D2C2B1152} [2012-02-21 09:06:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{21C5FE87-96A4-4DE4-AB1A-C229BDA21519} [2012-02-20 22:36:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{02EC839B-68EC-4EC8-A915-13BC3DD5180C} [2012-02-20 22:35:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3DCBFBCD-FF1F-4604-8EC8-912D32BDE984} [2012-02-20 20:07:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2B215803-6C92-4632-8047-2F4EA4EB0D2D} [2012-02-20 20:07:17 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0F60A293-5589-46CD-A473-705A7D5970D8} [2012-02-20 17:24:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6982B55D-BF8B-418E-926E-C012365FDE31} [2012-02-20 17:23:53 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EA9AD0B9-079F-4234-A141-0F966A5D0769} [2012-02-20 13:57:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{00B5DF19-D943-42F1-B1B4-87690C283ABB} [2012-02-20 13:57:20 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{755E5AF5-77A0-43C6-A6FC-21AAF5B4DEBB} [2012-02-20 13:00:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CA9124DC-3D40-48E3-868D-1D4A0C91E181} [2012-02-20 13:00:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{73A86248-C285-4904-A006-72891FBCC3F2} [2012-02-20 11:04:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5EA21D9E-F4AE-48C7-97F0-9780C52818DB} [2012-02-20 11:04:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{23BAAE88-05A4-486F-98D2-140A8CBC48DA} [2012-02-20 10:29:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{494E6BC5-5312-408E-BC97-A930AF865177} [2012-02-20 10:28:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0509DDCB-0AAD-40FD-AE15-0F57CC5BFEC9} [2012-02-19 22:36:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{DA202AE1-BC4E-4A3B-B32C-B4A37D5B183B} [2012-02-19 22:36:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D7874254-7F10-437E-B00A-4BA5D4224443} [2012-02-19 20:16:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{FB39A077-3044-444F-BB1F-AD55D989BF2D} [2012-02-19 20:15:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E481B9AD-C80F-467A-9C31-B0EF229E9F99} [2012-02-19 09:39:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1C80B09F-40D8-41DF-8938-E71C33D6CE5D} [2012-02-19 09:38:59 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7B750BD6-EAF5-4B67-B151-A4DB16FB1E04} [2012-02-18 20:06:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{71AE88A7-34F4-49ED-A923-850610A78F83} [2012-02-18 20:05:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{50096037-4259-4918-8EAF-C072658E8309} [2012-02-18 11:25:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F08EAA04-0604-4A04-9604-E4238369A233} [2012-02-18 11:24:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{99E741B2-D909-45FF-86E0-E10D4A32F63C} [2012-02-17 20:13:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2826B43B-9192-4F72-BE9A-059B0FF76DA5} [2012-02-17 20:13:48 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{85A73854-4F65-4177-ABA7-88D2558FC7F0} [2012-02-17 13:21:51 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1BBA908F-830C-4B61-8354-A452B610968A} [2012-02-17 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EA0F73DD-9867-4D35-9948-8A30A6C8DFBB} [2012-02-17 12:17:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{58A68C2A-95CC-4BAC-97E7-ADA116162FDF} [2012-02-17 12:17:22 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{87DD4934-C17B-4AF8-B6CD-BD9D8588057D} [2012-02-17 10:39:55 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C67409B4-68FE-4220-8D47-37417B5DF9D4} [2012-02-17 10:39:46 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B88634FE-86DE-42AA-8858-E461C95C88BF} [2012-02-16 23:13:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0C1389B5-8519-4EC9-A75A-B8ADD9FE7361} [2012-02-16 23:13:00 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3CE9FE63-6DDF-4E33-B079-832DE8E1C1C7} [2012-02-16 21:11:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{377F8F1E-8A72-4E9D-AC99-E60445515D0B} [2012-02-16 21:11:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{0826D10B-8A9D-484C-970B-D0BA2E1B7125} [2012-02-16 20:05:59 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012-02-16 20:05:58 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2012-02-16 20:05:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012-02-16 20:05:58 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012-02-16 20:05:57 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012-02-16 20:05:55 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012-02-16 17:59:05 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5A27F5B5-2FDF-499C-9DFA-BAA01E36CADA} [2012-02-16 17:58:55 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{45E304C5-DE03-4240-947B-6C4BD1507446} [2012-02-16 10:56:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F069A1B3-491D-45F3-9606-B519D03683F2} [2012-02-16 10:56:29 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{32AA9F73-EB3F-43BE-9A90-5AF9A1F44A23} [2012-02-16 10:42:27 | 002,044,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012-02-16 10:40:35 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{438277F4-86A1-4EFD-91C0-79242F925486} [2012-02-16 10:40:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8E6C4FDC-11F9-45AD-A3D0-B4AAFCBDF2DE} [2012-02-15 22:51:53 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7EFC8C08-61A8-44A0-83AA-F5B91E4803D3} [2012-02-15 22:51:44 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{46AB578C-DBF5-46E2-9A4B-0C6B4B7D1F8A} [2012-02-15 17:51:33 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4082400F-B74C-46B5-A640-BAAB4A4D8A60} [2012-02-15 17:51:23 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4BFD30AF-81F9-4FC9-9E83-E40BC89888C9} [2012-02-15 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6A418514-DF1F-4572-9475-57443945B535} [2012-02-15 10:26:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E1B1F855-5631-4459-BFBC-C34AE54E452B} [2012-02-15 10:06:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2563F692-7CAB-4A38-B133-BCCCB2E1883A} [2012-02-15 10:06:22 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{BE9BD3CA-414B-4BCC-99A1-22E83CE430FA} [2012-02-14 20:39:58 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D34DE6C7-1B52-4F1E-B81F-9E4749F6CF8A} [2012-02-14 18:26:45 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4BA9C85C-4A24-489C-BF7F-D39E4C464AC8} [2012-02-14 18:26:35 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{8D09F877-06DF-43A5-A5C2-CF96AA4E8D7E} [2012-02-14 14:01:26 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{4ED3E56E-145A-4413-B8A3-8C4E654CD942} [2012-02-14 14:01:01 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{AFA81228-AA65-4DCB-B167-999D95BF0130} [2012-02-14 13:49:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{018C7F4D-F7C7-48B7-9923-221E9355E574} [2012-02-14 13:49:30 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{16E991AE-BCF6-4F10-90C0-7922B215D93A} [2012-02-14 12:51:12 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{590B0C1E-B2FE-4FD9-BE9A-90B8FA63D990} [2012-02-14 12:51:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{3587CD2B-187B-4B60-8318-5D449698BE9C} [2012-02-14 01:14:31 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F2FB0CE1-AE29-4637-AB13-950C3BAFA70B} [2012-02-14 01:14:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1C91016A-E7D4-4ED0-8A9D-B7994E1DBC84} [2012-02-14 01:07:38 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{46917D46-892C-4150-8C27-1C9BD9B0C123} [2012-02-14 01:07:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{9078FE83-D989-4E83-97E1-58C91FE29340} [2012-02-13 21:08:16 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6BD73584-F138-4076-9F8E-2194815B57BF} [2012-02-13 21:08:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{F41DACA0-B80E-4893-9E32-1D0F3458C930} [2012-02-13 19:41:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{61F32C1F-BE2D-4586-ABAC-E8B0F5B03BBD} [2012-02-13 19:41:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{C672B7AA-13FE-409C-BC2A-4730B351287C} [2012-02-13 18:51:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{45F89D54-3754-4CC8-82EF-040748ECB417} [2012-02-13 18:50:34 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1FB9B2D2-0D04-492B-98A6-6A0B4DAA96AE} [2012-02-13 17:11:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{250EB79F-4A82-40F5-9362-CEB79E25C265} [2012-02-13 17:10:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1F7847EC-DC53-430E-984B-E05EB6AAC1CD} [2012-02-13 13:28:28 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5467551E-82B8-4B12-B473-35DCCB6AE07D} [2012-02-13 13:28:18 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{028EA5DD-8E55-4A69-99C1-584508139A41} [2012-02-12 21:45:50 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{B08E6314-B268-4C20-8BA3-0B03A7F506F4} [2012-02-12 21:45:40 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{176D14CB-3F45-4173-9051-1DDEB9C8395C} [2012-02-12 16:50:19 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1FAD0ED3-E0B6-469B-83D0-96670918D9A8} [2012-02-12 16:50:09 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{276FC48C-DD1A-44BD-A078-7FBAA1E2A5FE} [2012-02-12 16:19:24 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6D412D90-D7C2-448C-AA5E-6F0182F4FB70} [2012-02-12 16:19:11 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{6F9D8226-DF2B-4A9F-BED7-90A0F864136C} [2012-02-12 15:13:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{52077C10-A474-40E4-875F-FB74E08C5ADE} [2012-02-12 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{936AAE17-B65F-4D13-9923-63EF45FCE894} [2012-02-12 13:24:42 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{2A1682C8-3034-4C9C-9949-A6AC059BFB0A} [2012-02-12 13:24:32 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{69EDA47B-78FD-43D8-BE05-67F7F71BBCF2} [2012-02-12 00:35:03 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1EDE9B90-C8D9-4506-AA0E-CE731FE459CD} [2012-02-12 00:34:54 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E191796A-AB43-446E-8E5C-1FADC340779C} [2012-02-11 20:17:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{EFD0A3A7-C941-401F-88A5-0D35756018B3} [2012-02-11 20:17:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{5E7A38D2-00AA-4630-9503-77F91BDE9552} [2012-02-11 20:15:56 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{CB545380-546E-4D8F-9828-81433034D734} [2012-02-11 20:15:47 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{BEB07302-A3DE-43D8-B1D2-627322143CF0} [2012-02-11 19:42:49 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{E705A01A-D81D-489B-B644-C500F2D6CE5A} [2012-02-11 19:42:39 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{D2EFBB71-C3FA-4F28-AD96-9B55965939F8} [2012-02-11 17:02:15 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{550A38EA-73CC-4A23-8923-1DE9D1A4FAB6} [2012-02-11 17:02:06 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{7B444FB9-0670-41E2-9967-C9F24F4285E3} [2012-02-11 14:18:20 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{A694812E-39CF-4365-95BD-335384A4BB49} [2012-02-11 14:18:11 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{41CF4443-2F18-454A-98D0-C17C4DEC11D5} [2012-02-11 13:45:21 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{1B84D5E9-3455-40F4-9138-621FFDFA665B} [2012-02-11 13:45:10 | 000,000,000 | ---D | C] -- C:\Users\beheerder\AppData\Local\{744EEB8D-F5E6-48C7-B412-11222297A382} [2 C:\Users\beheerder\*.tmp files -> C:\Users\beheerder\*.tmp -> ] [color=#E56717:682a1910a7]========== Files - Modified Within 30 Days ==========[/color:682a1910a7] [2012-03-12 12:37:03 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012-03-12 12:37:03 | 000,004,784 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012-03-12 10:23:53 | 000,092,160 | ---- | M] () -- C:\Users\beheerder\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012-03-12 10:21:13 | 000,744,410 | ---- | M] () -- C:\Windows\System32\perfh013.dat [2012-03-12 10:21:13 | 000,653,896 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012-03-12 10:21:13 | 000,159,308 | ---- | M] () -- C:\Windows\System32\perfc013.dat [2012-03-12 10:21:13 | 000,126,446 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012-03-12 08:50:14 | 091,479,503 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm [2012-03-12 08:37:34 | 000,004,535 | ---- | M] () -- C:\Windows\System32\LOCALSERVICE.INI [2012-03-12 08:37:16 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2012-03-12 08:37:14 | 000,001,143 | ---- | M] () -- C:\Windows\System32\bscs.ini [2012-03-12 08:37:07 | 000,386,688 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012-03-12 08:36:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012-03-12 08:36:40 | 3150,561,280 | -HS- | M] () -- C:\hiberfil.sys [2012-03-12 08:35:22 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE [2012-03-12 08:27:35 | 000,000,855 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012-03-12 08:14:15 | 000,002,048 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2012-03-12 08:12:44 | 004,104,666 | ---- | M] () -- C:\Users\beheerder\Desktop\tweaking.com_windows_repair_aio_setup.exe [2012-03-11 21:43:31 | 000,337,137 | ---- | M] () -- C:\Users\beheerder\Desktop\FSS.exe [2012-03-11 20:55:31 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts_bak_594 [2012-03-11 13:09:15 | 001,585,560 | ---- | M] (Emsi Software GmbH) -- C:\Users\beheerder\Desktop\start.exe [2012-03-11 13:09:15 | 000,000,060 | ---- | M] () -- C:\Users\beheerder\Desktop\CommandlineScanner.bat [2012-03-11 13:09:15 | 000,000,056 | ---- | M] () -- C:\Users\beheerder\Desktop\EmergencyKitScanner.bat [2012-03-11 13:09:13 | 000,000,112 | ---- | M] () -- C:\Users\beheerder\Desktop\autorun.inf [2012-03-11 12:56:07 | 000,000,512 | ---- | M] () -- C:\Users\beheerder\Desktop\MBR.dat [2012-03-11 12:54:02 | 004,730,880 | ---- | M] (AVAST Software) -- C:\Users\beheerder\Desktop\aswMBR.exe [2012-03-11 12:02:23 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012-03-11 10:17:08 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\beheerder\Desktop\OTL.com [2012-03-11 09:35:55 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-03-11 09:18:50 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HijackThis.exe [2012-03-10 18:01:36 | 000,470,630 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm [2012-03-07 23:24:30 | 000,260,707 | ---- | M] () -- C:\Users\beheerder\Documents\PIXresizer gebruiken.pdf [2012-03-07 15:29:08 | 000,002,611 | ---- | M] () -- C:\Users\beheerder\Desktop\Microsoft Word.lnk [2012-02-29 22:07:55 | 000,000,000 | ---- | M] () -- C:\Users\beheerder\Documents\Nuance Image Printer Writer Port [2012-02-29 01:25:56 | 000,000,680 | ---- | M] () -- C:\Users\beheerder\AppData\Local\d3d9caps.dat [2012-02-17 10:24:50 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012-02-14 18:29:13 | 000,000,186 | ---- | M] () -- C:\Users\beheerder\Desktop\SAMSUNG (F) - Snelkoppeling.lnk [2 C:\Users\beheerder\*.tmp files -> C:\Users\beheerder\*.tmp -> ] [color=#E56717:682a1910a7]========== Files Created - No Company Name ==========[/color:682a1910a7] [2012-03-12 08:25:15 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe [2012-03-12 08:14:15 | 000,002,048 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk [2012-03-12 08:13:44 | 004,104,666 | ---- | C] () -- C:\Users\beheerder\Desktop\tweaking.com_windows_repair_aio_setup.exe [2012-03-11 21:44:35 | 000,337,137 | ---- | C] () -- C:\Users\beheerder\Desktop\FSS.exe [2012-03-11 12:56:07 | 000,000,512 | ---- | C] () -- C:\Users\beheerder\Desktop\MBR.dat [2012-03-11 12:02:23 | 000,000,967 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk [2012-03-11 12:02:23 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [2012-03-11 10:52:28 | 000,000,060 | ---- | C] () -- C:\Users\beheerder\Desktop\CommandlineScanner.bat [2012-03-11 10:52:28 | 000,000,056 | ---- | C] () -- C:\Users\beheerder\Desktop\EmergencyKitScanner.bat [2012-03-11 10:52:14 | 000,000,112 | ---- | C] () -- C:\Users\beheerder\Desktop\autorun.inf [2012-03-11 09:35:55 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012-03-09 19:19:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf [2012-03-07 23:24:30 | 000,260,707 | ---- | C] () -- C:\Users\beheerder\Documents\PIXresizer gebruiken.pdf [2012-02-29 22:07:55 | 000,000,000 | ---- | C] () -- C:\Users\beheerder\Documents\Nuance Image Printer Writer Port [2012-02-14 18:29:13 | 000,000,186 | ---- | C] () -- C:\Users\beheerder\Desktop\SAMSUNG (F) - Snelkoppeling.lnk [2012-01-18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll [2012-01-18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll [2012-01-18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe [2011-11-12 15:48:38 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll [2011-08-12 12:20:14 | 000,015,896 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll [2011-07-26 07:48:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini [2011-04-22 22:50:44 | 000,011,836 | -HS- | C] () -- C:\Users\beheerder\AppData\Local\3b06d0njtxmf4624h5s7r2c47420ib478 [2011-04-22 22:50:44 | 000,011,836 | -HS- | C] () -- C:\ProgramData\3b06d0njtxmf4624h5s7r2c47420ib478 [2011-01-21 15:11:32 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011-01-21 15:11:32 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011-01-21 15:11:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011-01-21 15:11:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011-01-21 15:11:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011-01-08 14:14:38 | 000,000,434 | ---- | C] () -- C:\Windows\BRWMARK.INI [2011-01-08 14:14:38 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2011-01-08 14:11:04 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf08b.dat [2011-01-08 14:07:48 | 000,031,684 | ---- | C] () -- C:\Windows\maxlink.ini [2010-11-23 00:20:18 | 000,149,504 | ---- | C] () -- C:\Users\beheerder\AppData\Roaming\SharedSettings.ccs [2010-11-15 01:11:20 | 000,000,680 | ---- | C] () -- C:\Users\beheerder\AppData\Local\d3d9caps.dat [2010-08-25 19:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin [2010-08-25 19:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin [2010-08-25 19:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin [2010-08-25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2010-08-25 18:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2010-08-25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll [2010-08-25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll [2010-05-15 22:09:28 | 000,002,797 | ---- | C] () -- C:\Windows\System32\SHORTCUT.INI [2010-05-15 22:08:37 | 000,000,140 | ---- | C] () -- C:\Windows\System32\REMOTEDEVICE.INI < End of report > Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Doe nu eerst volgende: [b:844e3e7c14]Welk programma[/b:844e3e7c14]: Malwarebytes MBAM [b:844e3e7c14]Waarvoor/waarom[/b:844e3e7c14]: specialistische scanner om Windows snel te onderzoeken op- en te ontdoen van spy- & malware. [b:844e3e7c14]Moeilijkheidsgraad[/b:844e3e7c14]: geen. [b:844e3e7c14]Download Malwarebytes MBAM via één van deze locaties[/b:844e3e7c14]: [list:844e3e7c14][*:844e3e7c14][url=http://www.softpedia.com/result.php?sid=&pid=1-423&r=Z2V0L0FudGl2aXJ1cy9NYWx3YXJlYnl0ZXMtQW50aS1NYWx3YXJlLnNodG1s][b:844e3e7c14]Softpedia.com[/b:844e3e7c14][/url][*:844e3e7c14][url=http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html][b:844e3e7c14]Majorgeeks.com[/b:844e3e7c14][/url][/list:u:844e3e7c14] [b:844e3e7c14]Allereerst[/b:844e3e7c14]:[list:844e3e7c14][*:844e3e7c14] Al meteen na de installatie wil 'MBAM' zijn database opwaarderen – toestaan dus. [*:844e3e7c14] Ook bij herhaald gebruik: eerst 'MBAM' updaten via de tab 'Update'![/list:u:844e3e7c14] [b:844e3e7c14]Malwarebytes MBAM opstarten[/b:844e3e7c14]: [list:844e3e7c14][*:844e3e7c14] [b:844e3e7c14][color=#0000FF:844e3e7c14]Sluit nu eerst alle nog openstaande programmavensters![/color:844e3e7c14][/b:844e3e7c14] [list:844e3e7c14][*:844e3e7c14][b:844e3e7c14][color=#0000FF:844e3e7c14]Windows 2000[/color:844e3e7c14][/b:844e3e7c14] en [color=#0000FF:844e3e7c14][b:844e3e7c14]Windows XP[/b:844e3e7c14][/color:844e3e7c14]: start MBAM middels dubbelklik op de snelkoppeling. [*:844e3e7c14][color=#0000FF:844e3e7c14][b:844e3e7c14]Windows Vista[/b:844e3e7c14][/color:844e3e7c14] en [color=#0000FF:844e3e7c14][b:844e3e7c14]Windows 7[/b:844e3e7c14][/color:844e3e7c14]: start MBAM middels rechtsklik op de snelkoppeling en dan kiezen voor Als Administrator uitvoeren.[/list:u:844e3e7c14][/list:u:844e3e7c14] [list:844e3e7c14][*:844e3e7c14][b:844e3e7c14]Let op:[/b:844e3e7c14] [list:844e3e7c14][*:844e3e7c14]Malwarebytes verstrekt nu de volledige versie van MBAM. [*:844e3e7c14]Bij de eerstse start kijg je de mogelijkheid de volledige versie tijdelijk te gebruiken of de gratis versie. [*:844e3e7c14]Onafhankelijk van welke antivirusprogramma in jouw Windows adviseer ik dan de optie "Weigeren" te gebruiken. [*:844e3e7c14]Zodoende zal MBAM als gratis versie verder te gebruiken zijn[/list:u:844e3e7c14][/list:u:844e3e7c14] [img:844e3e7c14]http://img30.imageshack.us/img30/3928/mbam2.png[/img:844e3e7c14] [list:844e3e7c14][*:844e3e7c14][b:844e3e7c14]Doe ook nog het volgende:[/b:844e3e7c14] [list:844e3e7c14][*:844e3e7c14]Zodra het programma gestart is, ga dan naar het tabblad "[b:844e3e7c14]Instellingen[/b:844e3e7c14]". [*:844e3e7c14]Vink hier aan: "[b:844e3e7c14]Sluit Internet Explorer tijdens verwijdering van malware[/b:844e3e7c14]".[/list:u:844e3e7c14][/list:u:844e3e7c14] [b:844e3e7c14]Scannen[/b:844e3e7c14]: [list:844e3e7c14][*:844e3e7c14] Bij het starten van 'MBAM' kies je voor 'Snelle Scan'. [*:844e3e7c14]Het scannen kan een tijdje duren, dus wees geduldig. Indien de scan voltooid is, klik dan op de knop 'OK'. [*:844e3e7c14]Klik daarna op de knop 'Bekijk Resultaten' om de resultaten te zien.[/list:u:844e3e7c14] [b:844e3e7c14]Infecties gevonden[/b:844e3e7c14]: [list:844e3e7c14][*:844e3e7c14]Klik nu eerst op OK om de melding weg te klikken [*:844e3e7c14]Klik vervolgens rechtsonder op de knop Bekijk resultaten. [*:844e3e7c14]Zorg er nu voor dat alle gevonden infecties aangevinkt zijn, en klik linksonder op Verwijder geselecteerde. [*:844e3e7c14]Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. [*:844e3e7c14]Indien 'MBAM' moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven – dan telkens op 'OK' klikken! [*:844e3e7c14]Daarna zal 'MBAM' vragen om de Computer opnieuw op te starten - dus sta toe dat de computer opnieuw opgestart wordt.[/list:u:844e3e7c14] [b:844e3e7c14]MBAM-Log[/b:844e3e7c14]: [list:844e3e7c14][*:844e3e7c14] Het log wordt automatisch bewaard door 'MBAM en dat kan je terugvinden door in het hoofdmenu van MBAM op de tab 'Logbestanden' te klikken'.[/list:u:844e3e7c14] [b:844e3e7c14]Post aansluitend in je volgende bericht de inhoud van het MBAM-log.[/b:844e3e7c14] Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.03.11.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 beheerder :: BEHEERDER1 [administrator] 12-3-2012 14:24:29 mbam-log-2012-03-12 (14-24-29).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 192186 Verstreken tijd: 4 minuut/minuten, 59 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Mooi, ik denk dat we klaar zijn. Wat denk jij? Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Ik ga geheel af op jouw expertise. Zijn er nog speciale ingrepen nodig om al die scanners te verwijderen of kan dat gewoon via Software in configscherm?? Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Maar eerst dit: hou MBAM en de Eset Onlinescanner in jouw Windows erbij. Navigeer naar [b:bffb9bee47]C:\Program Files\ESET\ESET Online Scanner[/b:bffb9bee47] en klik met rechts op [color=#0000FF:bffb9bee47][b:bffb9bee47]OnlineScannerApp.exe[/b:bffb9bee47][/color:bffb9bee47] en kies dan voor Snelkoppeling op het bureaublad plaatsen. Gebruik MBAM 1x wekelijks - na upaten kies je voor snelle scan. Gebruik OnlineScannerApp.exe ix maandelijks. Eset zal nu als App opstarten, dan kan je de scan-instellingen aanvinken en vervolgens zal het updateproces beginnen en daarna de scan starten. En nog een tip: hier - [url]http://www.jawwi.nl/artikelen/cookies.html[/url] - vindt je info over cookies en hoe in je browser(s) AdAware cookies te weren. [color=#FF0000:bffb9bee47][b:bffb9bee47]Stap •1•[/b:bffb9bee47][/color:bffb9bee47] Start OTL en klik vervolgens op de CleanUp. Wat OTL daarbij opruimt zal na de herstart blijken. Zijn er dan nog bestanden over, mag je die handmatig verwijderen - op ComboFix na! [color=#FF0000:bffb9bee47][b:bffb9bee47]Stap •2•[/b:bffb9bee47][/color:bffb9bee47] ComboFix mag nu verwijderd worden: [list:bffb9bee47][*:bffb9bee47] ga daarvoor naar Start - Uitvoeren [*:bffb9bee47] kopieer en plak hierin het volgende: [b:bffb9bee47]Combofix /Uninstall[/b:bffb9bee47] [*:bffb9bee47] klik daarna op [b:bffb9bee47]OK[/b:bffb9bee47]. [*:bffb9bee47] ComboFix start op en het lijkt erop dat het tool zich installeert, maar dat is niet zo; [*:bffb9bee47] indien het goed is, krijg je vervolgens een melding, dat Combofix verwijderd werd.[/list:u:bffb9bee47] Voorbeeld: [img:bffb9bee47]http://www.emphyrio.be/images/SMUninstall_combofix.png[/img:bffb9bee47] Uitvoeren kan ook gestart worden door de toetsen "Windowstoets + R" gelijktijdig in te drukken. [i:bffb9bee47]Dit zal Combofix verwijderen inclusief gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en reset je Systeemherstel opnieuw.[/i:bffb9bee47] [color=#FF0000:bffb9bee47][b:bffb9bee47]Stap •3•[/b:bffb9bee47][/color:bffb9bee47] [b:bffb9bee47]Welk programma[/b:bffb9bee47]: TFC. [b:bffb9bee47]Waarvoor/waarom[/b:bffb9bee47]:grondige reiniging van Windows. [b:bffb9bee47]Moeilijkheidsgraad[/b:bffb9bee47]: geen. [b:bffb9bee47]Download: [url=http://oldtimer.geekstogo.com/TFC.exe][color=#0000FF:bffb9bee47]Download TFC naar je bureaublad (klick)[/color:bffb9bee47] [/b:bffb9bee47][/url] [b:bffb9bee47]TFC opstarten[/b:bffb9bee47]: Windows 2000 en Windows XP: dubbelklik op [b:bffb9bee47]TFC.exe[/b. Windows Vista en Windows 7: rechtsklik op [b]TFC.exe[/b en kies "Als Administrator uitvoeren". [list:bffb9bee47][*:bffb9bee47] Niet schrikken - het tool sluit alle lopende programma's - ergo: verzeker je dus ervan, dat je werk al is opgeslagen! [*:bffb9bee47] Vervolgens klik je op de knop [b]Start[/b:bffb9bee47] om de scan te starten. Deze scan kan kort of langer duren, wees geduldig en laat TFC zijn taak doen en wacht to TFC klaaar is. [*:bffb9bee47] Indien TFC klaar is, dan komt de melding dat de computer opnieuw opgestart wordt. [*:bffb9bee47] Gebeurt het afsluiten niet automatisch, start dan zelf de computer opnieuw op. [*:bffb9bee47] Noot: TFC vertoont geen log![/list:u:bffb9bee47] [color=#FF0000:bffb9bee47][b:bffb9bee47]Stap •4•[/b:bffb9bee47][/color:bffb9bee47] Doe ook nog een test, om te kijken hoe goed de huidige veiligheidssituatie in Windows is. Download naar je bureaublad [url=http://screen317.spywareinfoforum.org/SecurityCheck.exe][b:bffb9bee47][color=#0000FF:bffb9bee47]Security Check[/color:bffb9bee47][/b:bffb9bee47][/url]. [list:bffb9bee47][*:bffb9bee47] Klik/dubbelklik op [b:bffb9bee47]SecurityCheck.exe[/b:bffb9bee47] en let op de instrukties in het zwarte venster. [*:bffb9bee47] Een Kladblok document genaamd [b:bffb9bee47]checkup.txt[/b:bffb9bee47] dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad. [*:bffb9bee47] Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.[/list:u:bffb9bee47] Post de inhoud van [b:bffb9bee47]checkup.txt [/b:bffb9bee47]in je volgende post. Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Ik geef t door, alleen ComboFix en Eset hebben we t hier niet over gehad, dus die heb ik niet gebruikt. Heb ik iets gemist?? Ken ze wel uit vorige sessies met andere machines.... Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 ComboFix is gebruikt geworden hoor. http://forum.computertotaal.nl/phpBB2/viewtopic.php?p=1476745#1476745 Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 :oops: :oops: :oops: Ik wordt oud, LOL (zelfde bouwjaar) Ik ga eea uitvoeren en laatste scan vanavond posten..... Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Oud is hoe je je voelt. Quote Link naar reactie
0 anoniem Geplaatst: 12 maart 2012 Auteur Delen Geplaatst: 12 maart 2012 Results of screen317's Security Check version 0.99.31 Windows Vista Service Pack 2 x86 (UAC is enabled) Internet Explorer 9 [b:3ed1fb1191]`````````````````````````````` [u:3ed1fb1191]Antivirus/Firewall Check:[/u:3ed1fb1191][/b:3ed1fb1191] AVG 2012 ESET Online Scanner v3 [size=1:3ed1fb1191]WMI entry may not exist for antivirus; attempting automatic update.[/size:3ed1fb1191] [b:3ed1fb1191]``````````````````````````````` [u:3ed1fb1191]Anti-malware/Other Utilities Check:[/u:3ed1fb1191][/b:3ed1fb1191] CCleaner Java(TM) 6 Update 29 [color=red:3ed1fb1191][b:3ed1fb1191]Java version out of date![/b:3ed1fb1191][/color:3ed1fb1191] Adobe Reader 9 [color=red:3ed1fb1191][b:3ed1fb1191]Adobe Reader out of date![/b:3ed1fb1191][/color:3ed1fb1191] [b:3ed1fb1191]```````````````````````````````` Process Check: [u:3ed1fb1191]objlist.exe by Laurent[/u:3ed1fb1191][/b:3ed1fb1191] AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe [b:3ed1fb1191]``````````End of Log````````````[/b:3ed1fb1191] NB dit terwijl ik via Teamviewer bestanden over aan t zetten was van zijn naar mijn PC Quote Link naar reactie
Vraag
anoniem
Link naar reactie
Beste reacties voor deze vraag
51
Populaire dagen
12 ma
24
11 ma
22
13 ma
4
14 ma
1
Beste reacties voor deze vraag
anoniem 51 berichten
Populaire dagen
12 ma 2012
24 berichten
11 ma 2012
22 berichten
13 ma 2012
4 berichten
14 ma 2012
1 bericht
50 antwoorden op deze vraag
Aanbevolen berichten
Om een reactie te plaatsen, moet je eerst inloggen