Ga naar inhoud

HijackThis logje Kan er iemand helpen aub


Aanbevolen berichten

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:02:14, on 5/02/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ef9625b000000000000000000000000&tlver=1.4.19.19&affID=19404

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = Internet Explorer 9 - Microsoft Windows

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {95324e44-4b0a-47a9-8f77-9c6415e51c29} - (no file)

R3 - URLSearchHook: (no name) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - (no file)

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart

O4 - HKCU\..\Run: [Mobile Partner] C:\Program Files\MobileWiFi\MobileWiFi

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

--

End of file - 8175 bytes

Link naar reactie
Delen op andere sites

Hallo, we gaan de volgende tool inzetten. zoek.exe ®by smeenk

gentleman-smiley-emoticon.gif

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
    startupall;
    filesrcm;
    shortcutfix;
    emptyclsid;
    


  • Vink nu de onderstaande opties aan.


    • Standaard Search
    • Auto Clean
    • Empty All Temp
    • IE Defaults

    [*] Klik nu op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.1 Updated 18-02-2013

Tool run by Lutty on vr 22/02/2013 at 18:20:00,14.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{20E5801D-F52A-4789-8F46-91DD1D802CE1} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7524E5ED-0BFB-4215-A306-EE31FDB25498} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{95324E44-4B0A-47A9-8F77-9C6415E51C29} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{95324E44-4B0A-47A9-8F77-9C6415E51C29} deleted successfully

HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\nvvsvc.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\ProgramData\DatacardService\HWDeviceService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe

C:\Windows\system32\PSIService.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Intel\WiFi\bin\EvtEng.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\WUDFHost.exe

C:\ProgramData\DatacardService\DCSHelper.exe

C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Google\Google Talk\googletalk.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Opera\opera.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Users\Lutty\Documents\zoek.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== FireFox Fix ======================

ProfilePath: C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default

user.js not found

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\",\"mtime\":1306615926533}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1351630312598},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1346568332356}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Users\\\\Lutty\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\j18vnnod.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1345795721295}}}]");

---- FireFox user.js and prefs.js backups ----

prefs_20132202_1824_.backup

==== Deleting Files \ Folders ======================

"C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Windows\system32\roboot.exe" deleted

"C:\Windows\system32\sasnative32.exe" deleted

"C:\Program Files\RegClean Pro" deleted

"C:\Program Files\Advanced System Protector" deleted

"C:\Users\Lutty\AppData\Roaming\Systweak" deleted

"C:\Users\Lutty\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\Systweak" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Trymedia" deleted

"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector" deleted

"C:\Users\Lutty\AppData\Local\Ilivid Player" deleted

"C:\Users\Lutty\AppData\Local\Conduit" deleted

"C:\Users\Lutty\AppData\LocalLow\BabylonToolbar" deleted

"C:\Users\Lutty\AppData\LocalLow\PriceGong" deleted

"C:\Users\Lutty\AppData\LocalLow\Conduit" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\extensions\ffxtlbr@babylon.com" deleted

"C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default\extensions\ffxtlbr@babylon.com" deleted

==== System Specs ======================

Windows: Windows XP Home Edition Service Pack 2 (Build 2600)

Internet Explorer: 9.0.8112.16421

Memory (RAM): 3066 MB

CPU Info: Intel® Core2 Duo CPU T5800 @ 2.00GHz

CPU Speed: 765,3 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

Display Adapters: NVIDIA GeForce 9600M GS | NVIDIA GeForce 9600M GS | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Intel® WiFi Link 5100 AGN | Realtek PCIe GBE Family Controller | Bluetooth-apparaat (Personal Area Network)

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-S083A

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 8 Button Wheel Mouse Present

Hard Disks: C: 263,9GB | D: 34,2GB

Hard Disks - Free: C: 231,7GB | D: 22,4GB

Manufacturer *: Phoenix Technologies LTD

BIOS Info: AT/AT COMPATIBLE | 09/11/08 | MEDION - 6040000

Time Zone: Romance (standaardtijd)

Motherboard *: MEDION P6612

Sun Java version: 1.6.0_39

Country: Belgi‰

Language: NLB

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Lutty\AppData\Local\Temp ====

2013-02-21 17:55:39 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{97071BF1-B939-42FC-9D29-7F8E2344EB67}-GoogleUpdateSetup.exe

====== C:\Windows\system32 =====

2013-02-16 16:17:39 EED68558AAA106535E7290C9A8E0D5A3 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-16 16:17:39 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-02-16 16:17:38 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-16 16:17:37 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-02-16 16:17:37 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-02-16 16:17:36 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-02-16 16:17:36 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-16 16:17:35 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-16 16:17:35 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-02-16 16:17:35 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll

2013-02-16 16:17:35 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-02-16 16:17:34 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-02-16 16:17:33 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll

2013-02-16 16:17:32 470D8189D7FE9928FFFECBF55AAA3233 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl

2013-02-16 16:17:31 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll

2013-02-16 16:17:30 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll

2013-02-16 16:13:52 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys

2013-02-16 16:13:45 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

2013-02-16 16:12:53 691F1612558BF6B27F952C4B1073B0D1 3550072 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-02-16 16:12:52 E185428925DBC53CE59B2A5CBA64B837 3602808 ----a-w- C:\Windows\System32\ntkrnlpa.exe

====== C:\Windows\system32\drivers =====

2013-02-21 16:54:33 FB54F67974D13D73BE3E2F1DF042D295 235392 ----a-w- C:\Windows\System32\drivers\ewusbnet.sys

2013-02-21 16:54:33 FA9A7AD68E4FF3E4EBDEF824CE2F3311 12997 ----a-w- C:\Windows\System32\drivers\mod7700.inf

2013-02-21 16:54:33 F44461E66F1B7DD267957FE9BAA63ED0 73216 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys

2013-02-21 16:54:33 B50E1D8627354BA8E4DF83470F1272C8 194816 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys

2013-02-21 16:54:33 ABD9692AC0C6891DC02BC7DE559F967E 19200 ----a-w- C:\Windows\System32\drivers\ew_hwupgrade.sys

2013-02-21 16:54:33 69A103138B77AC0950EC3846E2E6F655 26624 ----a-w- C:\Windows\System32\drivers\ew_juextctrl.sys

2013-02-21 16:54:33 61A973F60E94A551BA7B15F3460444FB 11136 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys

2013-02-21 16:54:33 57C171EA22F0A7F068FCB0CAEDD1E8E7 102784 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys

2013-02-21 16:54:33 3170044AA8090F80839D3D4330BF733A 90368 ----a-w- C:\Windows\System32\drivers\ew_jucdcacm.sys

2013-02-21 16:54:33 21B9BACDD4418B59B546C42B4C5A084A 25856 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys

2013-02-21 16:54:33 1EF9E48AB82EA785C7348B22E9B02DC4 64384 ----a-w- C:\Windows\System32\drivers\ew_jucdcecm.sys

2013-02-16 16:14:05 CD21572F83F7EC6E2C20C465967BEDD9 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2013-02-16 16:14:05 3535CD93F944C00F098E73E12EE7FEB6 914792 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-02-01 13:19:20 629CABB0421668C9D3D402A3C3D77E14 21104 ----a-w- C:\Windows\System32\drivers\mbam.sys

2013-01-30 15:36:41 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_ew_juextctrl_01007.Wdf

2013-01-30 15:36:36 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcecm_01007.Wdf

2013-01-30 15:36:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf

2013-01-30 15:35:00 81D9BCCEB78795CD0315B24960F2D130 1112288 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01007.dll

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-02-05 08:53:43 -------- d-----w- C:\Program Files\Trend Micro

2013-01-30 15:34:28 -------- d-----w- C:\Program Files\MobileWiFi

======= C: =====

====== C:\Users\Lutty\AppData\Roaming ======

====== C:\Users\Lutty ======

2013-01-30 15:33:41 -------- d-----w- C:\ProgramData\DatacardService

====== C: exe-files ==

2013-02-22 16:36:01 27D4BCC325306B1415A89DE550528E04 94720 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\MsiZap.exe

2013-02-22 16:36:01 1EF788F187FEC8D4F38D7BF6681B01A8 36864 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\PostBuild.exe

2013-02-22 16:36:01 00AB2BCDC51266A347A2125D4A5A25F0 69632 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\CLSM.exe

2013-02-22 16:36:00 782804B2E3DF05F1DA38E29B337DB04E 311296 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\setup.exe

2013-02-22 16:28:25 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-02-22 16:28:25 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-02-22 16:28:23 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-02-22 16:28:18 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-02-22 16:28:17 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-02-22 16:28:17 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-02-22 16:28:14 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe

2013-02-22 16:10:35 FE5ADB75381BAA826A5DB2BE863B6A7C 3145768 ----a-w- C:\Users\Lutty\Desktop\Desktop\Desktop\ccsetup327_slim.exe

2013-02-21 17:55:39 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{97071BF1-B939-42FC-9D29-7F8E2344EB67}-GoogleUpdateSetup.exe

2013-02-16 16:17:36 6E14642F79C2510626BA399F9BCC4DE6 142848 ----a-w- C:\Windows\System32\ieUnatt.exe

2013-02-16 16:17:34 698EB1E5F8C66344D97C00B5699E871D 757280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2013-02-16 16:12:53 691F1612558BF6B27F952C4B1073B0D1 3550072 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-02-16 16:12:52 E185428925DBC53CE59B2A5CBA64B837 3602808 ----a-w- C:\Windows\System32\ntkrnlpa.exe

=== C: other files ==

2013-02-22 17:13:17 18E293B09114B3FD7D56B1AC0CB622F8 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-4200065788-2244337797-1109055521-1000\$I70HSC7.zip

2013-02-22 16:36:01 FB477A5C574CCDBB29AEE17940D1ECFC 28672 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\GetSTime.dll

2013-02-22 16:36:01 D07756AB3FB3D77932DECD8F00E010B2 110657 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\CLScan.dll

2013-02-22 16:36:01 BDBF4D3129A1F5068F1349FEC8A680B2 135168 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\HwCtrlMgr.dll

2013-02-22 16:36:01 B845E5BD63CD844E9565ADFDD7E59D18 36864 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\GetDXver.dll

2013-02-22 16:36:01 653A39B0D41DD59C667A5D2FF6DE40F9 28672 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\RegKey64Bit.dll

2013-02-22 16:36:01 429063846145BD83860B7D703783A6D3 28672 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\APIfor64Bit.dll

2013-02-22 16:36:00 EDDAD4BC2B7E8C423DEB9F2711FE653B 208304 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\ISRT.dll

2013-02-22 16:36:00 1567EE6F246A364BB407BC079C1B78D8 98816 ----a-w- C:\Users\Lutty\AppData\Local\Temp\{D517F068-19D3-4FD9-9F60-EC5B3B2FBEB2}\_isres.dll

2013-02-22 16:28:24 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

2013-02-22 16:28:23 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files\Google\Update\1.3.21.135\psmachine.dll

2013-02-22 16:28:22 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_th.dll

2013-02-22 16:28:22 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_uk.dll

2013-02-22 16:28:22 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_tr.dll

2013-02-22 16:28:22 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_zh-TW.dll

2013-02-22 16:28:22 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_zh-CN.dll

2013-02-22 16:28:22 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_te.dll

2013-02-22 16:28:22 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files\Google\Update\1.3.21.135\psuser.dll

2013-02-22 16:28:22 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ur.dll

2013-02-22 16:28:22 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ta.dll

2013-02-22 16:28:22 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_vi.dll

2013-02-22 16:28:21 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_mr.dll

2013-02-22 16:28:21 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sk.dll

2013-02-22 16:28:21 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_pt-BR.dll

2013-02-22 16:28:21 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ml.dll

2013-02-22 16:28:21 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sr.dll

2013-02-22 16:28:21 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_pt-PT.dll

2013-02-22 16:28:21 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ms.dll

2013-02-22 16:28:21 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ro.dll

2013-02-22 16:28:21 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ru.dll

2013-02-22 16:28:21 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_no.dll

2013-02-22 16:28:21 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sl.dll

2013-02-22 16:28:21 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sw.dll

2013-02-22 16:28:21 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_nl.dll

2013-02-22 16:28:21 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_sv.dll

2013-02-22 16:28:21 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_pl.dll

2013-02-22 16:28:20 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_id.dll

2013-02-22 16:28:20 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ko.dll

2013-02-22 16:28:20 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_is.dll

2013-02-22 16:28:20 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_kn.dll

2013-02-22 16:28:20 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_hr.dll

2013-02-22 16:28:20 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_lv.dll

2013-02-22 16:28:20 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_it.dll

2013-02-22 16:28:20 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ja.dll

2013-02-22 16:28:20 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_iw.dll

2013-02-22 16:28:20 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_gu.dll

2013-02-22 16:28:20 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_hu.dll

2013-02-22 16:28:20 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_lt.dll

2013-02-22 16:28:20 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_hi.dll

2013-02-22 16:28:19 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_en-GB.dll

2013-02-22 16:28:19 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_es.dll

2013-02-22 16:28:19 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fil.dll

2013-02-22 16:28:19 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_da.dll

2013-02-22 16:28:19 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fi.dll

2013-02-22 16:28:19 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fa.dll

2013-02-22 16:28:19 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_de.dll

2013-02-22 16:28:19 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_el.dll

2013-02-22 16:28:19 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_et.dll

2013-02-22 16:28:19 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_en.dll

2013-02-22 16:28:19 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_fr.dll

2013-02-22 16:28:19 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_es-419.dll

2013-02-22 16:28:18 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ar.dll

2013-02-22 16:28:18 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_am.dll

2013-02-22 16:28:18 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_bg.dll

2013-02-22 16:28:18 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_cs.dll

2013-02-22 16:28:18 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_bn.dll

2013-02-22 16:28:18 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdateres_ca.dll

2013-02-22 16:28:17 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files\Google\Update\1.3.21.135\goopdate.dll

2013-02-21 16:54:33 FB54F67974D13D73BE3E2F1DF042D295 235392 ----a-w- C:\Windows\System32\drivers\ewusbnet.sys

2013-02-21 16:54:33 F44461E66F1B7DD267957FE9BAA63ED0 73216 ----a-w- C:\Windows\System32\drivers\ew_jubusenum.sys

2013-02-21 16:54:33 B50E1D8627354BA8E4DF83470F1272C8 194816 ----a-w- C:\Windows\System32\drivers\ewusbmdm.sys

2013-02-21 16:54:33 ABD9692AC0C6891DC02BC7DE559F967E 19200 ----a-w- C:\Windows\System32\drivers\ew_hwupgrade.sys

2013-02-21 16:54:33 69A103138B77AC0950EC3846E2E6F655 26624 ----a-w- C:\Windows\System32\drivers\ew_juextctrl.sys

2013-02-21 16:54:33 61A973F60E94A551BA7B15F3460444FB 11136 ----a-w- C:\Windows\System32\drivers\ew_usbenumfilter.sys

2013-02-21 16:54:33 57C171EA22F0A7F068FCB0CAEDD1E8E7 102784 ----a-w- C:\Windows\System32\drivers\ew_hwusbdev.sys

2013-02-21 16:54:33 3170044AA8090F80839D3D4330BF733A 90368 ----a-w- C:\Windows\System32\drivers\ew_jucdcacm.sys

2013-02-21 16:54:33 21B9BACDD4418B59B546C42B4C5A084A 25856 ----a-w- C:\Windows\System32\drivers\ewdcsc.sys

2013-02-21 16:54:33 1EF9E48AB82EA785C7348B22E9B02DC4 64384 ----a-w- C:\Windows\System32\drivers\ew_jucdcecm.sys

2013-02-16 16:17:39 A9919376933F7E43F93E5DA1FFBEFC9F 73216 ----a-w- C:\Windows\System32\mshtmled.dll

2013-02-16 16:17:38 F7BC1D90C3A976A5259BD1A5D7D43038 194048 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll

2013-02-16 16:17:38 CDBFCB9A88E130F1138F80B01C56B680 420864 ----a-w- C:\Windows\System32\vbscript.dll

2013-02-16 16:17:38 0F4871B3BF0E48664A24D2717F2117A0 149528 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll

2013-02-16 16:17:37 F8D269134EEC097B7E47C818AF4862A7 176640 ----a-w- C:\Windows\System32\ieui.dll

2013-02-16 16:17:37 39511E05F37F0BEF8FA3B85386800BB9 65024 ----a-w- C:\Windows\System32\jsproxy.dll

2013-02-16 16:17:36 CBC39CAD3421AB71966BDD98ABF847E0 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2013-02-16 16:17:36 7F73235D527DCF16C38578CD1CD9F7A8 194560 ----a-w- C:\Program Files\Internet Explorer\ieproxy.dll

2013-02-16 16:17:35 C079169E6A07FC4412475C02969EB9CE 1800704 ----a-w- C:\Windows\System32\jscript9.dll

2013-02-16 16:17:35 B49B56B64F57699A1A663D2CF7D0A56F 1129472 ----a-w- C:\Windows\System32\wininet.dll

2013-02-16 16:17:35 9352AF851D98380738161620C916A042 231936 ----a-w- C:\Windows\System32\url.dll

2013-02-16 16:17:35 8843B6A1B8E102841B2DFF02805C5CEC 717824 ----a-w- C:\Windows\System32\jscript.dll

2013-02-16 16:17:34 D171EAA745A2C0C583CDDA13D9088EE4 1796096 ----a-w- C:\Windows\System32\iertutil.dll

2013-02-16 16:17:34 2E22305A88AD0F37434C896F5A4746F8 387584 ----a-w- C:\Program Files\Internet Explorer\jsdbgui.dll

2013-02-16 16:17:34 23AA73F4024DE78ED5A2F5F0BEB5388F 66048 ----a-w- C:\Windows\System32\migration\WininetPlugin.dll

2013-02-16 16:17:33 C2AD78FF88FEC9663B0227A72E65F0C3 678912 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll

2013-02-16 16:17:33 BE157C3800DA3010EFC48280ECF81C16 1103872 ----a-w- C:\Windows\System32\urlmon.dll

2013-02-16 16:17:31 C97434C851C4821BD92D2831FDF1ECBE 12321280 ----a-w- C:\Windows\System32\mshtml.dll

2013-02-16 16:17:30 0E816EA3C5DCE94C95099E8B38E75E67 9738240 ----a-w- C:\Windows\System32\ieframe.dll

2013-02-16 16:17:19 E74C018279BB3FB2596AA4CEEA97EC0C 768000 ----a-w- C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll

2013-02-16 16:14:05 CD21572F83F7EC6E2C20C465967BEDD9 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys

2013-02-16 16:14:05 3535CD93F944C00F098E73E12EE7FEB6 914792 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-02-16 16:13:52 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys

2013-02-16 16:13:45 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-4200065788-2244337797-1109055521-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe /autostart"

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"googletalk"="C:\Program Files\Google\Google Talk\googletalk.exe /autostart"

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray.exe]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ehTray.exe"

"hkey"="HKCU"

"command"="C:\\Windows\\ehome\\ehTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Google Desktop Search"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ISUSPM"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -scheduler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LanguageShortcut]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LanguageShortcut"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HomeCinema\\PowerDVD\\Language\\Language.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileBroadband]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MobileBroadband"

"hkey"="HKLM"

"command"="C:\\Program Files\\Vodafone\\Vodafone Mobile Broadband\\Bin\\MobileBroadband.exe /silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MSC]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="MSC"

"hkey"="HKLM"

"command"="\"c:\\Program Files\\Microsoft Security Client\\msseces.exe\" -hide -runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="msnmsgr"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mwlDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="mwlDaemon"

"hkey"="HKLM"

"command"="C:\\Program Files\\EgisTec\\MyWinLocker 3\\x86\\mwlDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvCplDaemon"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NvMediaCenter"

"hkey"="HKLM"

"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RemoteControl"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HomeCinema\\PowerDVD\\PDVDServ.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="RtHDVCpl"

"hkey"="HKLM"

"command"="RtHDVCpl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skytel]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skytel"

"hkey"="HKLM"

"command"="Skytel.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spyware Doctor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Spyware Doctor"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SunJavaUpdateSched"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="SynTPEnh"

"hkey"="HKLM"

"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\toolbar_eula_launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="toolbar_eula_launcher"

"hkey"="HKLM"

"command"="C:\\Program Files\\GoogleEULA\\EULALauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\tsnp2uvc]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="tsnp2uvc"

"hkey"="HKLM"

"command"="C:\\Windows\\tsnp2uvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UCam_Menu]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UCam_Menu"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HomeCinema\\YouCam\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\HomeCinema\\YouCam\" update \"Software\\CyberLink\\YouCam\\2.0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Defender]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Windows Defender"

"hkey"="HKLM"

"command"="%ProgramFiles%\\Windows Defender\\MSASCui.exe -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WMPNSCFG]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="WMPNSCFG"

"hkey"="HKCU"

"command"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\30982A~1.207\\SSSCHE~1.EXE "

"item"="McAfee Security Scan Plus"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"ICSDCLT"="C:\\Windows\\rundll32.exe C:\\Windows\\system32\\icsdclt.dll,ICSClient"

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2013-02-21 17:52:36 1915 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/02/2013 16:53]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/05/2011 21:44]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/05/2011 21:44]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default

- Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Lutty\AppData\Roaming\Mozilla\Firefox\Profiles\j18vnnod.default

834FCF71D7651C5778BDFFAE5CE1D567 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U39

DE8275CAB4D3F80E4E266E14955B16EC - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 6.0.390.4

667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

588219A982E2B8CE02BBAA0D4DC1382F - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.1.0.30716.0.dll - Silverlight Plug-In

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

ACEF2CBC1032BC14D112EB4494537DA5 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

667CB7D2CAF917608421E5250462C0AA - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In

DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbar.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/?ocid=EIE9HP&PC=UP50"

"Search Page"="http://www.google.com"

"Default_Search_URL"="http://www.google.com/ie"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.aldi.com/"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=3ef9625b000000000000000000000000&tlver=1.4.19.19&affID=19404"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://www.msn.com/?ocid=EIE9HP&PC=UP50"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.be/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA_nl"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{70D46D94-BF1E-45ED-B567-48701376298E} Google Desktop Url="http://127.0.0.1:4664/search&s=X6nocJFdiShyxjPIp4Ff-ZnV10Q?q={searchTerms}"

{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} Bing Url="http://www.bing.com/search?FORM=UP50DF&PC=UP50&q={searchTerms}&src=IE-SearchBox"

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\mcuicnt.exe SecurityScanner.dll

C:\Users\Public\Desktop\MobileWiFi.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Lutty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Lutty\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\mcuicnt.exe SecurityScanner.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Verwijderen.lnk - C:\Program Files\McAfee Security Scan\uninstall.exe C:\Program Files\McAfee Security Scan\3.0.318\McAfee.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully

==== HijackThis Entries ======================

O1 - Hosts: ::1 localhost

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game.zylom.com/activex/zylomgamesplayer.cab

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: MyWinLocker Service (MWLService) - EgisTec Inc. - C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Vodafone Mobile Broadband-service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Lutty\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Pluchke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Lutty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\Pluchke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Lutty\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lutty\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.