Virus

[beaba]

Ik vrees dat mijn laptop nog steeds een virus heeft. Zouden jullie nog een keer willen kijken naar deze log?

Logfile of random's system information tool 1.09 (written by random/random)

Run by Bea at 2014-02-02 11:19:10

Microsoft Windows 7 Professional Service Pack 1

System drive C: has 14 GB (18%) free of 76 GB

Total RAM: 4095 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:19:18, on 2-2-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUSTek\ASUSDVD 8\PDVD8Serv.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Desktop\pc beveiliging\HijackThis (1) (1).exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Downloads\RSIT.exe

C:\Program Files (x86)\trend micro\Bea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [Google Update] "C:\Users\Bea\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: LastPass - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=lastpass

O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=fillforms

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13474 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\AutoKMS.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314706107-1989528577-1666421781-1001Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314706107-1989528577-1666421781-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]

LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]

FlashGetBHO - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Bea\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-22 116648]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-01-23 866584]

"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-12-06 20203904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-02 11:19:10 ----D---- C:\rsit

2014-02-02 11:19:10 ----D---- C:\Program Files (x86)\trend micro

2014-02-01 22:11:50 ----D---- C:\Program Files (x86)\Emsisoft Anti-Malware

2014-02-01 22:10:13 ----D---- C:\Program Files (x86)\HitmanPro.Alert

2014-02-01 22:10:13 ----A---- C:\Windows\SysWOW64\hmpalert.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\wksprtPS.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\tsgqec.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\rdpendp_winip.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\mstsc.exe

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\aaclient.dll

2014-02-01 21:23:26 ----A---- C:\Windows\SysWOW64\mstscax.dll

2014-02-01 20:30:25 ----D---- C:\Windows\SoftwareDistribution

2014-01-31 10:35:40 ----D---- C:\Program Files (x86)\Common Files\DESIGNER

2014-01-28 23:08:51 ----D---- C:\Windows\Migration

2014-01-28 23:05:13 ----A---- C:\Windows\SysWOW64\qdvd.dll

2014-01-16 11:25:29 ----D---- C:\ProgramData\Oracle

2014-01-16 11:23:13 ----A---- C:\Windows\SysWOW64\javaws.exe

2014-01-16 11:23:02 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-16 11:23:02 ----A---- C:\Windows\SysWOW64\javaw.exe

2014-01-16 11:23:02 ----A---- C:\Windows\SysWOW64\java.exe

2014-01-12 12:22:40 ----SHD---- C:\$RECYCLE.BIN

2014-01-12 12:18:27 ----A---- C:\Windows\zoek-delete.exe

2014-01-12 12:18:25 ----D---- C:\Windows\Temp

2014-01-12 09:36:07 ----HD---- C:\VTRoot

2014-01-11 23:50:52 ----D---- C:\Users\Bea\AppData\Roaming\Comodo

2014-01-11 21:49:51 ----SD---- C:\ProgramData\Shared Space

2014-01-11 21:49:33 ----D---- C:\ProgramData\Comodo

2014-01-11 21:49:28 ----D---- C:\ProgramData\Comodo Downloader

2014-01-10 23:18:23 ----D---- C:\Windows\pss

2014-01-10 09:53:48 ----A---- C:\DelFix.txt

2014-01-09 18:09:32 ----D---- C:\zoek_backup

======List of files/folders modified in the last 1 month======

2014-02-02 11:19:10 ----RD---- C:\Program Files (x86)

2014-02-02 11:08:30 ----D---- C:\Windows\Tasks

2014-02-02 01:15:36 ----HD---- C:\ProgramData

2014-02-02 01:14:06 ----SHD---- C:\Windows\Installer

2014-02-02 01:14:06 ----SHD---- C:\Config.Msi

2014-02-02 01:00:02 ----D---- C:\Windows\inf

2014-02-01 23:29:11 ----AD---- C:\Windows

2014-02-01 22:10:13 ----D---- C:\Windows\SysWOW64

2014-02-01 22:10:13 ----D---- C:\Windows\System32

2014-02-01 22:00:50 ----RD---- C:\Program Files

2014-02-01 21:43:11 ----D---- C:\Windows\winsxs

2014-02-01 21:39:46 ----D---- C:\Windows\SysWOW64\wbem

2014-02-01 21:39:46 ----D---- C:\Windows\SysWOW64\nl-NL

2014-02-01 21:39:45 ----D---- C:\Windows\PolicyDefinitions

2014-02-01 21:22:52 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-01 21:19:25 ----SHD---- C:\System Volume Information

2014-02-01 15:39:48 ----D---- C:\Users\Bea\AppData\Roaming\uTorrent

2014-02-01 15:38:28 ----D---- C:\Windows\Prefetch

2014-01-31 11:20:30 ----D---- C:\Windows\AutoKMS

2014-01-31 10:53:26 ----D---- C:\Windows\Microsoft.NET

2014-01-31 10:41:59 ----D---- C:\ProgramData\Microsoft Help

2014-01-31 10:39:06 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2014-01-31 10:38:10 ----RSD---- C:\Windows\Fonts

2014-01-31 10:37:35 ----D---- C:\Windows\ShellNew

2014-01-31 10:37:04 ----D---- C:\Program Files (x86)\MSBuild

2014-01-31 10:35:40 ----D---- C:\Program Files (x86)\Common Files

2014-01-31 10:27:13 ----A---- C:\Windows\win.ini

2014-01-28 23:09:44 ----D---- C:\Windows\SysWOW64\en-US

2014-01-28 23:08:51 ----SD---- C:\ProgramData\Microsoft

2014-01-28 22:31:32 ----D---- C:\Users\Bea\AppData\Roaming\Nitro PDF

2014-01-25 13:34:46 ----D---- C:\Users\Bea\AppData\Roaming\Mozilla

2014-01-23 01:23:03 ----D---- C:\Windows\debug

2014-01-21 17:50:59 ----RSD---- C:\Windows\assembly

2014-01-11 21:20:14 ----D---- C:\Program Files (x86)\Microsoft Security Client

2014-01-10 12:32:32 ----D---- C:\Program Files (x86)\Microsoft

2014-01-09 10:24:50 ----SD---- C:\Users\Bea\AppData\Roaming\Microsoft

2014-01-09 10:09:19 ----SHD---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\SysWOW64\drivers\AsDsm.sys []

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys []

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []

R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-03-28 26176]

R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys []

R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys []

R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys []

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []

R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys []

R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys []

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []

S3 a2acc;a2acc; \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2013-08-24 70960]

S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-12-04 57024]

S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-12-04 4161512]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 6254152]

R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2014-02-01 1830768]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]

R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-03-25 230408]

R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-27 239176]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]

R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-15 271760]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]

S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]

S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 11:14:32, on 2-2-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUSTek\ASUSDVD 8\PDVD8Serv.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Desktop\pc beveiliging\HijackThis (1) (1).exe

C:\Windows\SysWOW64\DllHost.exe

[kape]

Je hebt Emsisoft, MSE en HitmanPro op je PC. Heb je die allemaal al laten scannen ? En wat waren de resultaten daarvan ? Heb je die logjes nog of de scanresultaten ?

2 februari 2014 aangepast door kape

[beaba]

Emsisoft heb ik gisteren 2x laten scannen en nu scant deze nog een keer. Gisteren heeft deze 2 virussen gevonden.

In ieder geval is na het opstarten in de veilige modus het één en ander veranderd op mijn bureaublad. De meldingen na de scan waren iets over win32:... en avira antivir. Die heb ik hiermee hoop ik verwijderd. MSE staat uit en hiervoor in de plaats gebruik ik Comodo antivirus en de firewall.

Van Emsisoft heb ik deze nog gevonden:

SQLite format 3 @ h I h -â%

Î ûöñìçâÝØÓÎ ktableRMACListRMACListCREATE TABLE RMACList(

ID INTEGER PRIMARY KEY,

Date INTEGER,

StrDate TEXT,

Request INTEGER,

MAC TEXT)=##‚AtableDBIntegrityDBIntegrityCREATE TABLE DBIntegrity(

ID INTEGER PRIMARY KEY,

TableName TEXT,

Revision INTEGER NOT NULL DEFAUL

ëÚÌ»©›zbI1

QLogs¸ QObjects¸ + USessionDetails¸

+USessionUpdates¸ + USessionModules¸ URequests¸ ULogs¸ ILogs¸ ScanLogs¸ IDSLogs¸ RLogs¸ RMACList¸ #DBIntegrity¸

U U¤ Q =##‚AtableDBIntegrityDBIntegrityCREATE TABLE DBIntegrity(

ID INTEGER PRIMARY KEY,

TableName TEXT,

Revision INTEGER NOT NULL DEFAULT 1,

RecordsLimit INTEGER NOT NULL DEFAULT 3000)ktableRMACListRMACListCREATE TABLE RMACList(

ID INTEGER PRIMARY KEY,

Date INTEGER,

StrDate TEXT,

Request INTEGER,

MAC TEXT)„Y5ˆktriggerRMACList_AfterInsertRMACListCREATE TRIGGER RMACList_AfterInsert AFTER INSERT ON RMACList

BEGIN

UPDATE RMACList SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END,

StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')

WHERE ROWID = New.ROWID;

DELETE FROM RMACList WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'RMACList') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='RMACList') END;

END

È ˜0È f

3]! #Rî02014-02-02 11:46:28D830C033685FAEABA9CE786133DB22825892B6C1BEA-LAPTOP –;"Rì-1856061968f

3]! #Rí¥è2014-02-02 01:56:56D830C033685FAEABA9CE786133DB22825892B6C1BEA-LAPTOP –;"Rì-1856061968f

3]! #RíƒÆ2014-02-01 23:31:18D830C033685FAEABA9CE786133DB22825892B6C1BEA-LAPTOP –;"Rì-1856061968

. . ï3 >‚[tableRLogsRLogsCREATE TABLE RLogs(

ID INTEGER PRIMARY KEY,

Date INTEGER,

StrDate TEXT,

MKey TEXT,

MName TEXT,

LID INTEGER,

Model INTEGER,

Starts INTEGER,

Ends TEXT)„A/ˆGtriggerRLogs_AfterInsertRLogsCREATE TRIGGER RLogs_AfterInsert AFTER INSERT ON RLogs

BEGIN

UPDATE RLogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END,

StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')

WHERE ROWID = New.ROWID;

DELETE FROM RLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'RLogs') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='RLogs') END;

ENDJ‚ktableIDSLogsIDSLogsCREATE TABLE IDSLogs(

ID INTEGER PRIMARY KEY,

Date INTEGER,

StrDate TEXT,

Event INTEGER,

FileName TEXT,

PID INTEGER,

Infection INTEGER,

Info TEXT,

Unic TEXT)

Ä Ä „Q3ˆ_triggerIDSLogs_AfterInsertIDSLogsCREATE TRIGGER IDSLogs_AfterInsert AFTER INSERT ON IDSLogs

BEGIN

UPDATE IDSLogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END,

StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')

WHERE ROWID = New.ROWID;

DELETE FROM IDSLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'IDSLogs') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='IDSLogs') END;

ENDeƒtableScanLogsScanLogs CREATE TABLE ScanLogs(

ID INTEGER PRIMARY KEY,

ScanDate INTEGER,

StrScanDate TEXT,

Method INTEGER,

CountObj INTEGER,

FoundObj INTEGER,

Duration TEXT,

FileName TEXT,

ScanType INTEGER)

o / R턬1-2-2014 23:35:08Š1:28:06C:\Users\Bea\Documents\Anti-Malware\Reports\a2scan_140201-233508.txt

Â Â Ú r

ƒCtableILogsILogsCREATE TABLE ILogs(

ID INTEGER PRIMARY KEY,

Name TEXT,

Location TEXT,

FileSize INTEGER,

Date INTEGER,

StrDate TEXT,

InfectionType INTEGER,

RiskLevel INTEGER,

Action INTEGER,

Source TEXT,‚F 5„EtriggerScanLogs_AfterInsertScanLogsCREATE TRIGGER ScanLogs_AfterInsert AFTER INSERT ON ScanLogs

BEGIN

DELETE FROM ScanLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'ScanLogs') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='ScanLogs') END;

ENDr

ƒCtableILogsILogsCREATE TABLE ILogs(

ID INTEGER PRIMARY KEY,

Name TEXT,

Location TEXT,

FileSize INTEGER,

Date INTEGER,

StrDate TEXT,

InfectionType INTEGER,

RiskLevel INTEGER,

Action INTEGER,

Source TEXT,

Unic TEXT)

Ï ƒÏ 1

C%3

YGen:Variant.Symmi.23019 (B)C:\ProgramData\Avira\AntiVir Desktop\INFECTED\587a4b63.qua -> (Quarantine-8)RíŠ32014-02-01 23:58:43{F5643B4D-6B82-4515-9EAA-8D7460F3D8C6}{ M13

YApplication.Win32.WebToolbar (A)C:\ProgramData\apnRírÄ2014-02-01 22:18:44{EED36024-6AE6-4CB7-8E72-6933780D715C}

û û? „A/ˆGtriggerILogs_AfterInsertILogsCREATE TRIGGER ILogs_AfterInsert AFTER INSERT ON ILogs

BEGIN

UPDATE ILogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END,

StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')

WHERE ROWID = New.ROWID;

DELETE FROM ILogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'ILogs') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='ILogs') END;

END>‚[tableULogsULogs

CREATE TABLE ULogs(

ID INTEGER PRIMARY KEY,

AutoUpdate INTEGER,

Started INTEGER,

Finished INTEGER,

FilesCount INTEGER,

TotalSize INTEGER,

Result INTEGER)

Õ ëÕ Rî0"Rî0J

Ì: RíƒÛRí„s«

Í Í? É ‚;

1„9triggerULogs_BeforeDeleteULogsCREATE TRIGGER ULogs_BeforeDelete BEFORE DELETE ON ULogs

BEGIN

DELETE FROM URequests WHERE SessionID=old.ID;

DELETE FROM USessionDetails WHERE SessionID=old.ID;

DELETE FROM USessionModules WHERE SessionID=old.ID;

DELETE FROM USessionUpdates WHERE SessionID=old.ID;

END‚1/„'triggerULogs_AfterInsertULogsCREATE TRIGGER ULogs_AfterInsert AFTER INSERT ON ULogs

BEGIN

DELETE FROM ULogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'ULogs') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='ULogs') END;

END>‚KtableURequestsURequestsCREATE TABLE URequests(

ID INTEGER PRIMARY KEY,

Date INTEGER,

StrDate TEXT,

SessionID INTEGER,

URL TEXT,

ResponseCode INTEGER,

ResponseText TEXT) û 2û ‚. 3 „+Rí¥æ2014-02-02 01:56:54http://update.emsisoft.com/createkeyv3/?product=A2FR&mkey=2sdjImKsp11gpzaqwcysp3cYDiR6URnQlAhMBWdKykrNcErsKqizQTD7wcB3xXgYDC%2FyJ65UE70CIaixaQpEsY2QfqL5Ucs4RCscN3UZV1zPTlj1DeWQ1HVHLcFoC1KV5MXyZS9TCnT2KXTdNFdgWkEdPf%2FwMxh0jWWUyQLMbUY%3D&mname=BEA-LAPTOP ÈHTTP/1.1 200 OKF 3 ‚7+RíƒÜ2014-02-01 23:31:40http://update.emsisoft.com/checkupdatev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1&version=8.1β=0&lng=nl-nl ÈHTTP/1.1 200 OK) 3 }+RíƒÅ2014-02-01 23:31:17http://update.emsisoft.com/viewlicensev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1 ÈHTTP/1.1 200 OK‚: 3 „+RíƒÄ2014-02-01 23:31:16http://update.emsisoft.com/createkeyv3/?product=A2FR&mkey=GdFjV4qORSQkQHy0o30adHLOKP2XRHhFhrfvhe1DNFhtZYrMdlMcxIar%2F0ivgt1M3qiuByr9uNaA9FxxDZqhOJR46y0c6XGo3OuqOP5crcF5tWO6NE708T%2FnDW%2BK60M%2F%2B7ea9y2u%2FJWqGeUD%2B6zdZQIGXbM%2F6A2XLLjGj4doPHU%3D&mname=BEA-LAPTOP ÈHTTP/1.1 2 1

0 0”7 „a7ˆwtriggerURequests_AfterInsertURequestsCREATE TRIGGER URequests_AfterInsert AFTER INSERT ON URequests

BEGIN

UPDATE URequests SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END,

StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')

WHERE ROWID = New.ROWID;

DELETE FROM URequests WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'URequests') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='URequests') END;

END ++wtableUSessionModulesUSessionModulesCREATE TABLE USessionModules(

ID INTEGER PRIMARY KEY,

SessionID INTEGER,

Name TEXT,

Version TEXT,

MD5 TEXT)F++‚CtableUSessionUpdatesUSessionUpdatesCREATE TABLE USessionUpdates(

ID INTEGER PRIMARY KEY,

SessionID INTEGER,

URL TEXT,

Path TEXT,

Name TEXT,

Size INTEGER,

MD5 TEXT,

Desc TEXT) ì Iûöñì9ü½}B Ä † N 6 Ma2mor.dll6.5.0.111686738dd11317dc31fa064ce6fb476< 'Ma2hooks64.dll7.0.0.109138c1d281999712a68fcb96d6c75c618<

'Ma2hooks32.dll7.0.0.109c9a9b7c0beacc25df284fc50f7d4306d> -Ma2hijackfree.exe4.5.0.1059900a239e2e57ea6635ed984b31fe6c9 #Ma2guard.exe8.1.0.318d8f409361718b641de6be8d58799549>

/Ma2framework64.dll8.1.0.2566b17621e35290482fd6df03dc086f5= +Ma2framework.dll8.1.0.31e1eaaca116eae3241872a5a67e3bb629; %Ma2engine.dll3.0.0.5964ceb7895b2a27e249e7557f4a72aef8aK #AMa2dix86.dll1.0.0.709 built by: WinDDKf83fb687fe3cb8908cd98b509dcb4ea6; %Ma2core64.dll7.0.0.11189b93237cb71628ba36b7dbb1215e318; %Ma2core32.dll7.0.0.1112a8dc74ccaef04bb2ac3e4a55050f450= -Ma2contmenu64.dll8.0.0.17b27fc1eb456620ce04935db672ec5c9; )Ma2contmenu.dll8.0.0.1cb0be635bfb53c812978d3b19cb7213a7 Ma2cmd.exe8.1.0.314d46c00fbbf2499a65334b70237b5402I AMa2acc.dll1.0.0.710 built by: WinDDKd9435da6b31a H< 0- / . !U EûöñìçâÝØÓÎÉÄ¿ºµ°«¦¡œ—’ˆƒ~ysmga[U !

3!M-http://dl.emsisoft.com/updates/A84BB2B0AD2FF878E7066B817747E0D3.zip.datLanguages\vi-vn.lngVietnamese ØÛA84BB2B0AD2FF878E7066B817747E0D3Language Support5

3IM-http://dl.emsisoft.com/updates/EFB01C4720A0AA803985419178F20C32.zip.datLanguages\pt-br.lngPortuguese Brazil (Português) è¹EFB01C4720A0AA803985419178F20C32Language Support/

+MShttp://dl.emsisoft.com/updates/11686738DD11317DC31FA064CE6FB476.zip.data2mor.dllCleaning moduleÓ11686738DD11317DC31FA064CE6FB476Cleaning engine component - 5.6.0.1

'-M

http://dl.emsisoft.com/updates/8E1B25B9E4A34E6F3B2A9F1900389460.zip.datvdbupdate.dllSignature update/8 D C B ?

> = <} ;x :t 9o 8j 7f 6a 5] 4Y 3T -O ,J +E *A )< (8 '4 &/ %* $& #! " !

÷ A÷íèãÞÙÔÏÊÅÀ»¶±¬§¢˜“Ž‰„zupkfa\WRMHC>94/*% ýøóîéäßÚÕÐËÆÁ¼·²*¨£ž™”Š…€{uoic]WQKE?93-'! ý÷ñëåßÙÓÍÇÁ»µ¯©£—‘‹…ysmga[UNG@92+$ ‡ † … „ ƒ ‚ €~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPO N M L K J I H G F E D C B A @ ? > = < ; : 9 8 7 6 5 4 3 2 1 0 / . - , + * ) ( ' & % $ # " !

@ J

‘pœ6 y?+indexUSessionUpdates_SessionIDUSessionUpdatesCREATE INDEX USessionUpdates_SessionID ON USessionUpdates(SessionID)\++‚otableUSessionDetailsUSessionDetailsCREATE TABLE USessionDetails(

ID INTEGER PRIMARY KEY,

SessionID INTEGER,

Path TEXT,

Size INTEGER,

MD5 TEXT,

Description TEXT,

Downloaded INTEGER,

Copyed INTEGER)‚)„%tableQObjectsQObjectsCREATE TABLE QObjects(

ID INTEGER PRIMARY KEY,

Name TEXT,

Location TEXT,

FileSize INTEGER,

InfectionType TEXT,

RiskLevel INTEGER,

Quarantined INTEGER,

Submitted INTEGER,

Restored INTEGER,

Removed INTEGER,

SHA1 TEXT,

Status INTEGER,

Unic TEXT)b'

indexQObjects_SHA1QObjectsCREATE UNIQUE INDEX QObjects_SHA1 ON QObjects(SHA1, Quarantined) û Gûh±P ç † h

AMO Signatures\BD\emalware.522²ä8B230C600F1722839A451F9FBE4E69E1Malware signatures (emalware.522)_ 9MG Signatures\BD\jpeg.cvd«4126CDF0C0B40BC2314476BEA28CD9E9Malware signatures (jpeg.cvd)g AMO Signatures\BD\emalware.i35ú3F98992DB974810D5DDF7FA24A126737Malware signatures (emalware.i35)_ 9MG Signatures\BD\cran.ivd¼BE86C2E2801832757FA216B77BA955CEMalware signatures (cran.ivd)g AMO Signatures\BD\emalware.000[344E16009837E3F71BEC9A2CDBB6A7F7Malware signatures (emalware.000)L #M9 a2hosts.datÍCA64216AA8EAEF4F9E93BCCB2521B22CHost blocker blacklistb =MK Signatures\BD\update.txt[997DEB0A63D73B64D513332DDDB89635Malware signatures (update.txt)f AMO Signatures\BD\emalware.000°5340980E252938B75E22D434A40ADF9CMalware signatures (emalware.000)b =MK Signatures\BD\e_spyw.i10B36AFD9AAA7704CFD6E883E737EC7B8CMalware signatures (e_spyw.i10)f AMO Signatures\BD\emalware.522OR683C8DE6FBAA02579D62425DED80D8F7Malware signatures (emalware F

E E 8 C ] YGen:Variant.Symmi.23019 (B)C:\ProgramData\Avira\AntiVir Desktop\INFECTED\587a4b63.qua1Rí™cFDD9B5D5-5377-4C99-BEFD-9F4CF8743B84.EQF{F5643B4D-6B82-4515-9EAA-8D7460F3D8C6}

Ï Ï 0] FDD9B5D5-5377-4C99-BEFD-9F4CF8743B84.EQFRí™c

: :¿9 ƒ;…7triggerQObjects_UpdateOfStatusQObjectsCREATE TRIGGER QObjects_UpdateOfStatus UPDATE OF Status ON QObjects WHEN New.Status IN (2, 3, 11)

BEGIN

INSERT INTO QLogs(ObjectID, Date, Event)

ƒ;…7triggerQObjects_UpdateOfStatusQObjectsCREATE TRIGGER QObjects_UpdateOfStatus UPDATE OF Status ON QObjects WHEN New.Status IN (2, 3, 11)

BEGIN

INSERT INTO QLogs(ObjectID, Date, Event)

VALUES(New.ID, CASE WHEN New.Restored IS NOT NULL THEN New.Restored ELSE New.Removed END,

CASE WHEN New.Status = 3 THEN 8 WHEN New.Status = 2 THEN 9 WHEN New.Status = 11 THEN 7 END);

END‚>1„9triggerQObjects_UpdateOfRQObjectsCREATE TRIGGER QObjects_UpdateOfR UPDATE OF Restored, Removed ON QObjects

BEGIN

INSERT INTO QLogs(ObjectID, Date, Event)

VALUES(New.ID, CASE WHEN New.Restored IS NOT NULL THEN New.Restored ELSE New.Removed END,

CASE WHEN New.Restored IS NOT NULL THEN 4 ELSE 5 END);

END

k k2t D1‚EtriggerQObjects_UpdateOfSQObjectsCREATE TRIGGER QObjects_UpdateOfS UPDATE OF Submitted ON QObjects

BEGIN

INSERT INTO QLogs(ObjectID, Date, Event)

VALUES(New.ID, New.Submitted, 6);

END‚?5„7triggerQObjects_AfterInsertQObjectsCREATE TRIGGER QObjects_AfterInsert AFTER INSERT ON QObjects

BEGIN

INSERT INTO QLogs(ObjectID, Date, Event)

VALUES(New.ID, New.Quarantined, CASE WHEN New.Status = 3 THEN 8 WHEN New.Status = 2 THEN 9 WHEN New.Status = 11 THEN 7 WHEN New.Status = 12 THEN 3 ELSE 2 END);

END qtableQLogsQLogsCREATE TABLE QLogs(

ID INTEGER PRIMARY KEY,

ObjectID INTEGER,

Date INTEGER,

StrDate TEXT,

Event INTEGER)

à à 3Rí™c2014-02-02 01:03:31

^ ¼^ \#indexQLogs_EventQLogsCREATE UNIQUE INDEX QLogs_Event ON QLogs(ObjectID, Date, Event)„A/ˆGtriggerQLogs_AfterInsertQLogsCREATE TRIGGER QLogs_AfterInsert AFTER INSERT ON QLogs

BEGIN

UPDATE QLogs SET Date = CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END,

StrDate = DateTime(CASE WHEN New.Date IS NOT NULL THEN New.Date ELSE StrFTime('%s', 'now', 'localtime') END, 'unixepoch')

WHERE ROWID = New.ROWID;

DELETE FROM QLogs WHERE ID <= CASE WHEN (SELECT RecordsLimit FROM DBIntegrity WHERE TableName = 'QLogs') = 0 THEN 0

ELSE New.ID - (SELECT RecordsLimit FROM DBIntegrity WHERE TableName='QLogs') END;

END

õ õ

Rí™c

Ó tá/w Ó !

3!M-http://dl.emsisoft.com/updates/A84BB2B0AD2FF878E7066B817747E0D3.zip.datLanguages\vi-vn.lngVietnamese ØÛA84BB2B0AD2FF878E7066B817747E0D3Language Support5

3IM-http://dl.emsisoft.com/updates/EFB01C4720A0AA803985419178F20C32.zip.datLanguages\pt-br.lngPortuguese Brazil (Português) è¹EFB01C4720A0AA803985419178F20C32Language Support/

+MShttp://dl.emsisoft.com/updates/11686738DD11317DC31FA064CE6FB476.zip.data2mor.dllCleaning moduleÓ11686738DD11317DC31FA064CE6FB476Cleaning engine component - 5.6.0.1

'-M

http://dl.emsisoft.com/updates/8E1B25B9E4A34E6F3B2A9F1900389460.zip.datvdbupdate.dllSignature update/8E1B25B9E4A34E6F3B2A9F1900389460

-M

http://dl.emsisoft.com/updates/8E1B25B9E4A34E6F3B2A9F1900389460.zip.datt3.dllSignature update/8E1B25B9E4A34E6F3B2A9F1900389460

-Ý.

3M-http://dl.emsisoft.com/updates/F68342529AA3FF13922534408F2B97D6.zip.datLanguages\gr-gr.lngGreekKF68342529AA3FF13922534408F2B97D6Language Support,

37M-http://dl.emsisoft.com/updates/5BFF4E992DE2EB0C1486BC637A6107E1.zip.datLanguages\sl-si.lngSlovenian (Slovenski) ä]5BFF4E992DE2EB0C1486BC637A6107E1Language Support!

%M=http://dl.emsisoft.com/updates/DF9D07240BA93E43EB824057C64ED8FB.zip.datru-ru.chmRussian Help õDF9D07240BA93E43EB824057C64ED8FBRussian online help file)

31M-http://dl.emsisoft.com/updates/0D586810C687E7D3FB682CD60EEEE469.zip.datLanguages\zh-cn.lngChinese Simplified ·³0D586810C687E7D3FB682CD60EEEE469Language SupportP -!Mhttp://dl.emsisoft.com/updates/59900A239E2E57EA6635ED984B31FE6C.zip.data2HiJackFree.exeHiJackFreeV‘59900A239E2E57EA6635ED984B31FE6CSystem analysis and management tool for advanced users - 4.5.0.10

C†· è G

/;Mchttp://dl.emsisoft.com/updates/566B17621E35290482FD6DF03DC086F5.zip.data2framework64.dllService Framework (x64)#£.566B17621E35290482FD6DF03DC086F5Service component for x64 systems - 8.1.0.2L

%=Mwhttp://dl.emsisoft.com/updates/D27A8B7BB0E15DFBFC6B4E774EE17AD9.zip.data2ddax64.sysScan engine module (x64)4¿D27A8B7BB0E15DFBFC6B4E774EE17AD9Direct disk access module for x64 systems - 1.0.0.659L

%=Mwhttp://dl.emsisoft.com/updates/B0CC0B50441372157F31C4C023D43A3E.zip.data2ddax86.sysScan engine module (x86)03B0CC0B50441372157F31C4C023D43A3EDirect disk access module for x86 systems - 1.0.0.659:

!+Mghttp://dl.emsisoft.com/updates/1755023407FDE00D9916505A557569D5.zip.datbdcore.dllScan Engine ( ÛÝ1755023407FDE00D9916505A557569D5Scan Engine Component (bdcore.dll) - 11.0.1.6:

#+Mghttp://dl.emsisoft.com/updates/ADF9F919E10832746ED516230420F749.zip.datavxdisk.dllScan Engine (B)d&ADF9F919E10832746ED516230420F749Scan Engine Component (avxdisk.dll) - 1.4.0.0

¹ 2Š ¹ N

%;M}http://dl.emsisoft.com/updates/ED7BC428D411F386C5CD7818C67E5AFB.zip.data2accx86.sysFile guard module (x86)rCED7BC428D411F386C5CD7818C67E5AFBFile guard protection module for x86 systems - 1.0.0.705%

#)M=http://dl.emsisoft.com/updates/9E28CAA559C533A531CCEE624DA8C64E.zip.datevcdiff.dllDiff component†™9E28CAA559C533A531CCEE624DA8C64EDiff component - 1.0.0.1` )3M!http://dl.emsisoft.com/updates/CB0BE635BFB53C812978D3B19CB7213A.zip.data2contmenu.dllContext menu module¯(CB0BE635BFB53C812978D3B19CB7213AExplorer context menu to scan files or folders with Anti-Malware - 8.0.0.1h -3M-http://dl.emsisoft.com/updates/7B27FC1EB456620CE04935DB672EC5C9.zip.data2contmenu64.dllContext menu module<7B27FC1EB456620CE04935DB672EC5C9Explorer context menu to scan files or folders with Anti-Malware (x64) - 8.0.0.1

‚ .…Ó/ ‚ *

33M-http://dl.emsisoft.com/updates/BA4422CE25DE1A93E2EC5447EB4FF71B.zip.datLanguages\zh-tw.lngChinese Traditional »BA4422CE25DE1A93E2EC5447EB4FF71BLanguage Support!

%M=http://dl.emsisoft.com/updates/17E7CCC37E341FB56FFBD358171F28C9.zip.daten-us.chmEnglish Help

c17E7CCC37E341FB56FFBD358171F28C9English online help file/

3=M-http://dl.emsisoft.com/updates/57D107BDB46B50C3675FDC230D9FD037.zip.datLanguages\hu-hu.lngHungarian (magyar nyelv) ôz57D107BDB46B50C3675FDC230D9FD037Language support&

3+M-http://dl.emsisoft.com/updates/65D05D5BCC856E05EE07D0732C34D0BD.zip.datLanguages\fi-fi.lngFinnish (Suomi) ñP65D05D5BCC856E05EE07D0732C34D0BDLanguage supportO

%;M}http://dl.emsisoft.com/updates/797E1068EE061C5DEE668F0DC6B3C601.zip.data2accx64.sysFile guard module (x64) ‰Û797E1068EE061C5DEE668F0DC6B3C601File guard protection module for x64 systems - 1.0.0.705

¸ &L ¸ F

)=Mghttp://dl.emsisoft.com/updates/429E208432A0D5342FA84D8C700423CE.zip.datlicense_de.rtfLicense Agreement German9l429E208432A0D5342FA84D8C700423CEEmsisoft License Agreement in German languageH

)?Mihttp://dl.emsisoft.com/updates/547CF66ABE97308CD3046A5057E46980.zip.datlicense_en.rtfLicense Agreement English6S547CF66ABE97308CD3046A5057E46980Emsisoft License Agreement in English languageW

'MMyhttp://dl.emsisoft.com/updates/138C1D281999712A68FCB96D6C75C618.zip.data2hooks64.dllBehavior blocker component (x64)…ú138C1D281999712A68FCB96D6C75C618Behavior blocker component for x64 systems - 7.0.0.109W

'MMyhttp://dl.emsisoft.com/updates/C9A9B7C0BEACC25DF284FC50F7D4306D.zip.data2hooks32.dllBehavior blocker component (x86)i«C9A9B7C0BEACC25DF284FC50F7D4306DBehavior blocker component for x86 systems - 7.0.0.109

£ 7–öE £ !

#M;http://dl.emsisoft.com/updates/FF8541E8860EFF595F4B514C2FE2AC4F.zip.datde-de.chmGerman HelpíFF8541E8860EFF595F4B514C2FE2AC4FGerman online help file.

3;M-http://dl.emsisoft.com/updates/D5E8A740E2C9D1445E0F4B67FDED25B7.zip.datLanguages\pt-pt.lngPortuguese (Português) ïÒD5E8A740E2C9D1445E0F4B67FDED25B7Language Support

3M-http://dl.emsisoft.com/updates/DF05B946C963F316CE4D3B8F461FB2FA.zip.datLanguages\ar-sa.lngArabic æWDF05B946C963F316CE4D3B8F461FB2FALanguage Support

3M-http://dl.emsisoft.com/updates/3A2E74BCEC6DF428CB6EDC8A3E250821.zip.datLanguages\ru-ru.lngRussian ߶3A2E74BCEC6DF428CB6EDC8A3E250821Language SupportF

)=Mghttp://dl.emsisoft.com/updates/16A574ABE4FB8D72CBC91C9F677C270F.zip.datlicense_fr.rtfLicense Agreement French=Ô16A574ABE4FB8D72CBC91C9F677C270FEmsisoft License Agreement in French language

È ^µi È &

3M-http://dl.emsisoft.com/updates/1E3A940E96F5F6B241A679947C51E306.zip.datLanguages\fa-ir.lngPersian ã51E3A940E96F5F6B241A679947C51E306Language Support)%

31M-http://dl.emsisoft.com/updates/3C7263E33FA6646EA5564B726E074AC2.zip.datLanguages\nl-nl.lngDutch (Nederlands) ék3C7263E33FA6646EA5564B726E074AC2Language Support$

3M-http://dl.emsisoft.com/updates/A4DCB0BE672B2D4A2A475AD56B987522.zip.datLanguages\ko-kr.lngKorean ʯA4DCB0BE672B2D4A2A475AD56B987522Language Support

3+M-http://dl.emsisoft.com/updates/002D1A219A1E255B96C2BD7AA07827F4.zip.datLanguages\pl-pl.lngPolish (Polski) ó 002D1A219A1E255B96C2BD7AA07827F4Language Support"

#M;http://dl.emsisoft.com/updates/44E591B51DA1445C0FB560F68B44CD6D.zip.datfr-fr.chmFrench Help344E591B51DA1445C0FB560F68B44CD6DFrench online help file

£ Ga‰ £ c* #[Mhttp://dl.emsisoft.com/updates/720AEB9F18D76BE49DE86C8B25A9FC38.zip.data2dix86.sysBackground guard driver component (x86)N2720AEB9F18D76BE49DE86C8B25A9FC38Background guard driver component for x86 systems - 1.0.0.709U)

#MMyhttp://dl.emsisoft.com/updates/F83FB687FE3CB8908CD98B509DCB4EA6.zip.data2dix86.dllBackground guard component (x86) ‘ûF83FB687FE3CB8908CD98B509DCB4EA6Background guard component for x86 systems - 1.0.0.709c( #[Mhttp://dl.emsisoft.com/updates/05936579605018BD2BC528FF2C1AD95F.zip.data2dix64.sysBackground guard driver component (x64)\œ05936579605018BD2BC528FF2C1AD95FBackground guard driver component for x64 systems - 1.0.0.6576'

/M]http://dl.emsisoft.com/updates/D9435DA6B31A7D552EA8B4CDAF2980C2.zip.data2acc.dllFile guard module ”¾D9435DA6B31A7D552EA8B4CDAF2980C2File guard protection module - 1.0.0.710

@ TªÐ ö @ 3/

%+MUhttp://dl.emsisoft.com/updates/8B619F3CE4DD663440E2EC744E883573.zip.datresource.dllResource Module+³8B619F3CE4DD663440E2EC744E883573Additional data resources - 8.1.0.31W. %CMhttp://dl.emsisoft.com/updates/89B93237CB71628BA36B7DBB1215E318.zip.data2core64.dllBehavior blocker core (x64) •L89B93237CB71628BA36B7DBB1215E318Behavior blocker core component for x64 systems - 7.0.0.111W- %CMhttp://dl.emsisoft.com/updates/2A8DC74CCAEF04BB2AC3E4A55050F450.zip.data2core32.dllBehavior blocker core (x86) ˆ_2A8DC74CCAEF04BB2AC3E4A55050F450Behavior blocker core component for x86 systems - 7.0.0.111',

3-M-http://dl.emsisoft.com/updates/7EEF6792D8AF293A9F60FF5FFA34E990.zip.datLanguages\de-de.lngGerman (Deutsch) ñò7EEF6792D8AF293A9F60FF5FFA34E990Language Support)+

31M-http://dl.emsisoft.com/updates/07E9D1CA0AAE489D2874B5319DF5834D.zip.datLanguages\fr-fr.lngFrench (Français) ý“07E9D1CA0AAE489D2874B5319DF5834DLanguage Support

j VÁ j )4

#+MChttp://dl.emsisoft.com/updates/1958483F6E5D831F92475E199BA2750C.zip.datclean32.dllCleaning engine´1958483F6E5D831F92475E199BA2750CCleaning engine - 1.0.0.163(3

1M?http://dl.emsisoft.com/updates/C61694310D85F74584C6CE29822FB85B.zip.datclean.datCleaning resources Ý

C61694310D85F74584C6CE29822FB85BCleaning engine componentY2 ;Mhttp://dl.emsisoft.com/updates/4D46C00FBBF2499A65334B70237B5402.zip.data2cmd.exeCommandline Scanner 8.1.‡4D46C00FBBF2499A65334B70237B5402Console application using command line parameters to scan - 8.1.0.3161

+;MEhttp://dl.emsisoft.com/updates/E1EAACA116EAE3241872A5A67E3BB629.zip.data2framework.dllService Framework (x86)WME1EAACA116EAE3241872A5A67E3BB629Service component - 8.1.0.31'0

%)M?http://dl.emsisoft.com/updates/11D313BFFD2BAB07257935EA475157FF.zip.data2update.dllUpdater moduleì«11D313BFFD2BAB07257935EA475157FFUpdater module - 8.1.0.31

à *Z‘ à K8

!?Muhttp://dl.emsisoft.com/updates/1E370D588367AE396EAFF9D34BD15149.zip.datfrme32.dllCleaning engine componentp1E370D588367AE396EAFF9D34BD15149Cleaning engine file and registry module - 1.0.0.478F7

)KMWhttp://dl.emsisoft.com/updates/725E5A19B34061BDD5A5F5720A4D9022.zip.datcleanhlp32.dllCleaning engine component (x86) –Ã725E5A19B34061BDD5A5F5720A4D9022Cleaning engine component - 1.0.0.149M6

)SM_http://dl.emsisoft.com/updates/DBC8CDAFC84E96E894C3BAAED9B30F47.zip.datcleanhlp32.sysCleaning engine helper driver (x86)b)DBC8CDAFC84E96E894C3BAAED9B30F47Cleaning engine helper driver - 1.0.0.149S5

)SMkhttp://dl.emsisoft.com/updates/B794DCF38C965FA2F93C45A7C3D582C5.zip.datcleanhlp64.sysCleaning engine helper driver (x64)kÝB794DCF38C965FA2F93C45A7C3D582C5Cleaning engine helper driver (x64) - 1.0.0.149

å J¤ å <<

'Muhttp://dl.emsisoft.com/updates/6FD8F474D031AE49BBD4CF1098F36C47.zip.data2service.exeServiceÿ^6FD8F474D031AE49BBD4CF1098F36C47Service application for non admin support - 8.1.0.33X; #?Mhttp://dl.emsisoft.com/updates/E529485E177539A5000C85692F840A13.zip.data2start.exeEmsisoft Anti-Malware 8.1&ÞOE529485E177539A5000C85692F840A13Main application including scanner and configuration - 8.1.0.33H:

%7Mshttp://dl.emsisoft.com/updates/7C83894193504D4AC6B3D999FB24144A.zip.data2wizard.exeSecurity Setup Wizard"iJ7C83894193504D4AC6B3D999FB24144ATool to setup the security configuration - 8.1.0.3139

#)MYhttp://dl.emsisoft.com/updates/180947F97163C012576419D9C28ABEA0.zip.datlogging.dllLogging module ÷>180947F97163C012576419D9C28ABEA0Debug logging helper module - 8.1.0.31

N rÀ N GA

))M{http://dl.emsisoft.com/updates/3D7E47A121A58F7E1E639419E7CB28C0.zip.datBlitzBlank.exeBlitzBlank 1.0 õ3D7E47A121A58F7E1E639419E7CB28C0Removes infections that nothing else removes - 1.0.0.32%@

)MAhttp://dl.emsisoft.com/updates/139D664E42F8F5A849F4F5069769595D.zip.dathu-hu.chmHungarian helpca139D664E42F8F5A849F4F5069769595DHungarian online help file/?

!M]http://dl.emsisoft.com/updates/F432EB8D1D84A565167107E2EF001473.zip.data2wsc.dllWSC moduleª®F432EB8D1D84A565167107E2EF001473Windows Security Center module - 6.5.0.2'>

3-M-http://dl.emsisoft.com/updates/49430175DECDF78AA27506D09C2EEF9E.zip.datLanguages\cz-cz.lngCzech (CeÅ¡tina) ºd49430175DECDF78AA27506D09C2EEF9ELanguage supporta= #-M/http://dl.emsisoft.com/updates/8D8F409361718B641DE6BE8D58799549.zip.data2guard.exeProtection GuardÁ*8D8F409361718B641DE6BE8D58799549Background guard with file guard, behavior blocker and surf protection - 8.1.0.31

› 09B › $E

#+M9http://dl.emsisoft.com/updates/CA64216AA8EAEF4F9E93BCCB2521B22C.zip.data2hosts.datHosts blacklist0CA64216AA8EAEF4F9E93BCCB2521B22CHost blocker blacklisttD %kMhttp://dl.emsisoft.com/updates/8DEA3FE12A6686573F16A06AD95D7AB9.zip.data2util32.sysBackground guard utility driver component (x86)ï8DEA3FE12A6686573F16A06AD95D7AB9Background guard utility driver component for x86 systems - 1.0.0.661tC %kMhttp://dl.emsisoft.com/updates/0932B29AA1B9372FFE6D3AF8BA2ABA3A.zip.data2util64.sysBackground guard utility driver component (x64)#œ0932B29AA1B9372FFE6D3AF8BA2ABA3ABackground guard utility driver component for x64 systems - 1.0.0.661MB

-AMmhttp://dl.emsisoft.com/updates/CDECBEC73B9681E13AB06ECA3AB8606A.zip.data2cmd_readme.txtCommandline Scanner Readme¸CDECBEC73B9681E13AB06ECA3AB8606AReadme and help file for the commandline scanner

© M¬U © )J

31M-http://dl.emsisoft.com/updates/7BF17EFD40FF6878E54D6EC64D3C3F9A.zip.datLanguages\it-it.lngItalian (Italiano) éó7BF17EFD40FF6878E54D6EC64D3C3F9ALanguage Support)I

31M-http://dl.emsisoft.com/updates/F4EF042CB0F0FA3EAAF3D002914AF5C0.zip.datLanguages\tr-tr.lngTurkish (Türkçe) îÿF4EF042CB0F0FA3EAAF3D002914AF5C0Language Support(H

3/M-http://dl.emsisoft.com/updates/142B0DD7D276FB9DA679E0F24F04B920.zip.datLanguages\sv-se.lngSwedish (Svenska) è142B0DD7D276FB9DA679E0F24F04B920Language SupportG

3M-http://dl.emsisoft.com/updates/8F7EA25FCE90A392080BA92A653A273B.zip.datLanguages\en-us.lngEnglish Ö²8F7EA25FCE90A392080BA92A653A273BLanguage Support0F

%+MOhttp://dl.emsisoft.com/updates/4CEB7895B2A27E249E7557F4A72AEF8A.zip.data2engine.dllScan Engine (A)Uë4CEB7895B2A27E249E7557F4A72AEF8AScan Engine Component - 3.0.0.596

U©ð-

O

-M

http://dl.emsisoft.com/updates/8E1B25B9E4A34E6F3B2A9F1900389460.zip.datt3.dllSignature update/8E1B25B9E4A34E6F3B2A9F1900389460@N

#9Mchttp://dl.emsisoft.com/updates/CA647DFCB936CABCE4737B85BDBBA86B.zip.data2trust.datTrust check signatures ¦HCA647DFCB936CABCE4737B85BDBBA86BSignatures to verify digitally signed files6M

5MYhttp://dl.emsisoft.com/updates/9A6DB2ABAF92FE86CB629282C3D0AEB8.zip.data2wl.datWhitelist signatures %`9A6DB2ABAF92FE86CB629282C3D0AEB8Signatures for known good applications)L

31M-http://dl.emsisoft.com/updates/8D9919F38F138B0E590BBF5D7C7176B2.zip.datLanguages\es-es.lngSpanish (Español) ñ¥8D9919F38F138B0E590BBF5D7C7176B2Language Support(K

3/M-http://dl.emsisoft.com/updates/A96996423A03152BA14FCF5F59C76EA6.zip.datLanguages\ca-es.lngCatalan (Català ) òA96996423A03152BA14FCF5F59C76EA6Language Support

N µ|? Æ9ü½}B Ä † N 6 Ma2mor.dll6.5.0.111686738dd11317dc31fa064ce6fb476< 'Ma2hooks64.dll7.0.0.109138c1d281999712a68fcb96d6c75c618<

'Ma2hooks32.dll7.0.0.109c9a9b7c0beacc25df284fc50f7d4306d> -Ma2hijackfree.exe4.5.0.1059900a239e2e57ea6635ed984b31fe6c9 #Ma2guard.exe8.1.0.318d8f409361718b641de6be8d58799549>

/Ma2framework64.dll8.1.0.2566b17621e35290482fd6df03dc086f5= +Ma2framework.dll8.1.0.31e1eaaca116eae3241872a5a67e3bb629; %Ma2engine.dll3.0.0.5964ceb7895b2a27e249e7557f4a72aef8aK #AMa2dix86.dll1.0.0.709 built by: WinDDKf83fb687fe3cb8908cd98b509dcb4ea6; %Ma2core64.dll7.0.0.11189b93237cb71628ba36b7dbb1215e318; %Ma2core32.dll7.0.0.1112a8dc74ccaef04bb2ac3e4a55050f450= -Ma2contmenu64.dll8.0.0.17b27fc1eb456620ce04935db672ec5c9; )Ma2contmenu.dll8.0.0.1cb0be635bfb53c812978d3b19cb7213a7 Ma2cmd.exe8.1.0.314d46c00fbbf2499a65334b70237b5402I AMa2acc.dll1.0.0.710 built by: WinDDKd9435da6b31a7d552ea8b4cdaf2980c2

M ÈLØžd&êš` Ù “ M D 9Moutlook2007scanner.dll1.0.0.517e06d7b491b66d6e1961ae8140400681D 9Moutlook2003scanner.dll1.0.0.51815ae19a385c980e98e6792f17617fc09 #Mlogging.dll8.1.0.31180947f97163c012576419d9c28abea0J !AMfrme32.dll1.0.0.478 built by: WinDDK1e370d588367ae396eaff9d34bd151498 #Mevcdiff.dll1.0.0.19e28caa559c533a531ccee624da8c64eN )AMcleanhlp32.dll1.0.0.149 built by: WinDDK725e5a19b34061bdd5a5f5720a4d9022: #Mclean32.dll1.0.0.1631958483f6e5d831f92475e199ba2750c< )Mblitzblank.exe1,0,0,323d7e47a121a58f7e1e639419e7cb28c08 !Mbdcore.dll11.0.1.61755023407fde00d9916505a557569d58 #Mavxdisk.dll1.4.0.0adf9f919e10832746ed516230420f7496 Ma2wsc.dll6.5.0.2f432eb8d1d84a565167107e2ef001473: %Ma2wizard.exe8.1.0.317c83894193504d4ac6b3d999fb24144a: %Ma2update.dll8.1.0.3111d313bffd2bab07257935ea475157ff9 #Ma2start.exe8.1.0.33e529485e177539a5000c85692f840a13; 'Ma2service.exe8.1.0.336fd8f474d031ae49bbd4cf1098f36c47

, ºr4ø¹m3õµw9 ë * m , ?- /Ma2framework64.dll8.1.0.2566b17621e35290482fd6df03dc086f5>, +Ma2framework.dll8.1.0.31e1eaaca116eae3241872a5a67e3bb629<+ %Ma2engine.dll3.0.0.5964ceb7895b2a27e249e7557f4a72aef8aL* #AMa2dix86.dll1.0.0.709 built by: WinDDKf83fb687fe3cb8908cd98b509dcb4ea6<) %Ma2core64.dll7.0.0.11189b93237cb71628ba36b7dbb1215e318<( %Ma2core32.dll7.0.0.1112a8dc74ccaef04bb2ac3e4a55050f450>' -Ma2contmenu64.dll8.0.0.17b27fc1eb456620ce04935db672ec5c9<& )Ma2contmenu.dll8.0.0.1cb0be635bfb53c812978d3b19cb7213a8% Ma2cmd.exe8.1.0.314d46c00fbbf2499a65334b70237b5402J$ AMa2acc.dll1.0.0.710 built by: WinDDKd9435da6b31a7d552ea8b4cdaf2980c2=# %#Munins000.exe51.1052.0.067fc5f2f794a32c6d6c77ac0e31966e8:" %Mresource.dll8.1.0.318b619f3ce4dd663440e2ec744e883573<! )Mquarantine.dll7.0.0.139bf2f24c1392cc93d3f4c00132c5454fF =Moutlook2010scanner64.dll1.0.0.82df33586a63c6cda88165f8929a5fb552D 9Moutlook2010scanner.dll1.0.0.8250c44e197eb6849822ba4260a09ddcc6

ÃN ‚. 3 „+Rí¥æ2014-02-02 01:56:54http://update.emsisoft.com/createkeyv3/?product=A2FR&mkey=2sdjImKsp11gpzaqwcysp3cYDiR6URnQlAhMBWdKykrNcErsKqizQTD7wcB3xXgYDC%2FyJ65UE70CIaixaQpEsY2QfqL5Ucs4RCscN3UZV1zPTlj1DeWQ1HVHLcFoC1KV5MXyZS9TCnT2KXTdNFdgWkEdPf%2FwMxh0jWWUyQLMbUY%3D&mname=BEA-LAPTOP ÈHTTP/1.1 200 OKF 3 ‚7+RíƒÜ2014-02-01 23:31:40http://update.emsisoft.com/checkupdatev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1&version=8.1β=0&lng=nl-nl ÈHTTP/1.1 200 OK) 3 }+RíƒÅ2014-02-01 23:31:17http://update.emsisoft.com/viewlicensev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1 ÈHTTP/1.1 200 OK‚: 3 „+RíƒÄ2014-02-01 23:31:16http://update.emsisoft.com/createkeyv3/?product=A2FR&mkey=GdFjV4qORSQkQHy0o30adHLOKP2XRHhFhrfvhe1DNFhtZYrMdlMcxIar%2F0ivgt1M3qiuByr9uNaA9FxxDZqhOJR46y0c6XGo3OuqOP5crcF5tWO6NE708T%2FnDW%2BK60M%2F%2B7ea9y2u%2FJWqGeUD%2B6zdZQIGXbM%2F6A2XLLjGj4doPHU%3D&mname=BEA-LAPTOP ÈHTTP/1.1 200 OK

§ Tq § G 3‚7+Rî0"2014-02-02 11:46:42http://update.emsisoft.com/checkupdatev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1&version=8.1β=0&lng=nl-nl ÈHTTP/1.1 200 OK) 3 }+Rî02014-02-02 11:46:28http://update.emsisoft.com/viewlicensev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1 ÈHTTP/1.1 200 OK‚4 3 „+Rî02014-02-02 11:46:26http://update.emsisoft.com/createkeyv3/?product=A2FR&mkey=0jaGVDxoY2sRq4dIo7gUUl4mDhRVDLXRI%2B3R%2Bg5bvfQcid9%2FLkripAbqkx%2Fh4NUdOPe5nf1nri1E82dgDY8M9ecDndKIFSuNotlUc27WgEDN%2BTXmcyfn3Aj3KyZ0k2Z9TTh6H3mHjNc78yXq6J4VF0S8eqGEWL5diLQJziWdZ2k%3D&mname=BEA-LAPTOP ÈHTTP/1.1 200 OK) 3 }+Rí¥è2014-02-02 01:56:56http://update.emsisoft.com/viewlicensev3/?product=A2FR&key=TAP-RAB-VEV-563&mkey=D830C033685FAEABA9CE786133DB22825892B6C1 ÈHTTP/1.1 200 OK

‡ l¹ [ ‡ QT -!Mhttp://dl.emsisoft.com/updates/59900A239E2E57EA6635ED984B31FE6C.zip.data2HiJackFree.exeHiJackFreeV‘59900A239E2E57EA6635ED984B31FE6CSystem analysis and management tool for advanced users - 4.5.0.10"S

3!M-http://dl.emsisoft.com/updates/A84BB2B0AD2FF878E7066B817747E0D3.zip.datLanguages\vi-vn.lngVietnamese ØÛA84BB2B0AD2FF878E7066B817747E0D3Language Support6R

3IM-http://dl.emsisoft.com/updates/EFB01C4720A0AA803985419178F20C32.zip.datLanguages\pt-br.lngPortuguese Brazil (Português) è¹EFB01C4720A0AA803985419178F20C32Language Support0Q

+MShttp://dl.emsisoft.com/updates/11686738DD11317DC31FA064CE6FB476.zip.data2mor.dllCleaning moduleÓ11686738DD11317DC31FA064CE6FB476Cleaning engine component - 5.6.0.1P

'-M

http://dl.emsisoft.com/updates/8E1B25B9E4A34E6F3B2A9F1900389460.zip.datvdbupdate.dllSignature update/8E1B25B9E4A34E6F3B2A9F1900389460

S®þ^ ;Y

#+Mghttp://dl.emsisoft.com/updates/ADF9F919E10832746ED516230420F749.zip.datavxdisk.dllScan Engine (B)d&ADF9F919E10832746ED516230420F749Scan Engine Component (avxdisk.dll) - 1.4.0.0X

3M-http://dl.emsisoft.com/updates/F68342529AA3FF13922534408F2B97D6.zip.datLanguages\gr-gr.lngGreekKF68342529AA3FF13922534408F2B97D6Language Support-W

37M-http://dl.emsisoft.com/updates/5BFF4E992DE2EB0C1486BC637A6107E1.zip.datLanguages\sl-si.lngSlovenian (Slovenski) ä]5BFF4E992DE2EB0C1486BC637A6107E1Language Support"V

%M=http://dl.emsisoft.com/updates/DF9D07240BA93E43EB824057C64ED8FB.zip.datru-ru.chmRussian Help õDF9D07240BA93E43EB824057C64ED8FBRussian online help file*U

31M-http://dl.emsisoft.com/updates/0D586810C687E7D3FB682CD60EEEE469.zip.datLanguages\zh-cn.lngChinese Simplified ·³0D586810C687E7D3FB682CD60EEEE469Language Support

× Br¢ × H]

/;Mchttp://dl.emsisoft.com/updates/566B17621E35290482FD6DF03DC086F5.zip.data2framework64.dllService Framework (x64)#£.566B17621E35290482FD6DF03DC086F5Service component for x64 systems - 8.1.0.2M\

%=Mwhttp://dl.emsisoft.com/updates/D27A8B7BB0E15DFBFC6B4E774EE17AD9.zip.data2ddax64.sysScan engine module (x64)4¿D27A8B7BB0E15DFBFC6B4E774EE17AD9Direct disk access module for x64 systems - 1.0.0.659M[

%=Mwhttp://dl.emsisoft.com/updates/B0CC0B50441372157F31C4C023D43A3E.zip.data2ddax86.sysScan engine module (x86)03B0CC0B50441372157F31C4C023D43A3EDirect disk access module for x86 systems - 1.0.0.659;Z

!+Mghttp://dl.emsisoft.com/updates/1755023407FDE00D9916505A557569D5.zip.datbdcore.dllScan Engine ( ÛÝ1755023407FDE00D9916505A557569D5Scan Engine Component (bdcore.dll) - 11.0.1.6

µ 0‡ µ Oa

%;M}http://dl.emsisoft.com/updates/ED7BC428D411F386C5CD7818C67E5AFB.zip.data2accx86.sysFile guard module (x86)rCED7BC428D411F386C5CD7818C67E5AFBFile guard protection module for x86 systems - 1.0.0.705&`

#)M=http://dl.emsisoft.com/updates/9E28CAA559C533A531CCEE624DA8C64E.zip.datevcdiff.dllDiff component†™9E28CAA559C533A531CCEE624DA8C64EDiff component - 1.0.0.1a_ )3M!http://dl.emsisoft.com/updates/CB0BE635BFB53C812978D3B19CB7213A.zip.data2contmenu.dllContext menu module¯(CB0BE635BFB53C812978D3B19CB7213AExplorer context menu to scan files or folders with Anti-Malware - 8.0.0.1i^ -3M-http://dl.emsisoft.com/updates/7B27FC1EB456620CE04935DB672EC5C9.zip.data2contmenu64.dllContext menu module<7B27FC1EB456620CE04935DB672EC5C9Explorer context menu to scan files or folders with Anti-Malware (x64) - 8.0.0.1

} -ƒÐ+ } +f

33M-http://dl.emsisoft.com/updates/BA4422CE25DE1A93E2EC5447EB4FF71B.zip.datLanguages\zh-tw.lngChinese Traditional »BA4422CE25DE1A93E2EC5447EB4FF71BLanguage Support"e

%M=http://dl.emsisoft.com/updates/17E7CCC37E341FB56FFBD358171F28C9.zip.daten-us.chmEnglish Help

c17E7CCC37E341FB56FFBD358171F28C9English online help file0d

3=M-http://dl.emsisoft.com/updates/57D107BDB46B50C3675FDC230D9FD037.zip.datLanguages\hu-hu.lngHungarian (magyar nyelv) ôz57D107BDB46B50C3675FDC230D9FD037Language support'c

3+M-http://dl.emsisoft.com/updates/65D05D5BCC856E05EE07D0732C34D0BD.zip.datLanguages\fi-fi.lngFinnish (Suomi) ñP65D05D5BCC856E05EE07D0732C34D0BDLanguage supportPb

%;M}http://dl.emsisoft.com/updates/797E1068EE061C5DEE668F0DC6B3C601.zip.data2accx64.sysFile guard module (x64) ‰Û797E1068EE061C5DEE668F0DC6B3C601File guard protection module for x64 systems - 1.0.0.705

´ %J~ ´ Gj

)=Mghttp://dl.emsisoft.com/updates/429E208432A0D5342FA84D8C700423CE.zip.datlicense_de.rtfLicense Agreement German9l429E208432A0D5342FA84D8C700423CEEmsisoft License Agreement in German languageIi

)?Mihttp://dl.emsisoft.com/updates/547CF66ABE97308CD3046A5057E46980.zip.datlicense_en.rtfLicense Agreement English6S547CF66ABE97308CD3046A5057E46980Emsisoft License Agreement in English languageXh

'MMyhttp://dl.emsisoft.com/updates/138C1D281999712A68FCB96D6C75C618.zip.data2hooks64.dllBehavior blocker component (x64)…ú138C1D281999712A68FCB96D6C75C618Behavior blocker component for x64 systems - 7.0.0.109Xg

'MMyhttp://dl.emsisoft.com/updates/C9A9B7C0BEACC25DF284FC50F7D4306D.zip.data2hooks32.dllBehavior blocker component (x86)i«C9A9B7C0BEACC25DF284FC50F7D4306DBehavior blocker component for x86 systems - 7.0.0.109

ž 6”óA ž o

#M;http://dl.emsisoft.com/updates/FF8541E8860EFF595F4B514C2FE2AC4F.zip.datde-de.chmGerman HelpíFF8541E8860EFF595F4B514C2FE2AC4FGerman online help file/n

3;M-http://dl.emsisoft.com/updates/D5E8A740E2C9D1445E0F4B67FDED25B7.zip.datLanguages\pt-pt.lngPortuguese (Português) ïÒD5E8A740E2C9D1445E0F4B67FDED25B7Language Supportm

3M-http://dl.emsisoft.com/updates/DF05B946C963F316CE4D3B8F461FB2FA.zip.datLanguages\ar-sa.lngArabic æWDF05B946C963F316CE4D3B8F461FB2FALanguage Supportl

3M-http://dl.emsisoft.com/updates/3A2E74BCEC6DF428CB6EDC8A3E250821.zip.datLanguages\ru-ru.lngRussian ߶3A2E74BCEC6DF428CB6EDC8A3E250821Language SupportGk

)=Mghttp://dl.emsisoft.com/updates/16A574ABE4FB8D72CBC91C9F677C270F.zip.datlicense_fr.rtfLicense Agreement French=Ô16A574ABE4FB8D72CBC91C9F677C270FEmsisoft License Agreement in French language

à ]³e à t

3M-http://dl.emsisoft.com/updates/1E3A940E96F5F6B241A679947C51E306.zip.datLanguages\fa-ir.lngPersian ã51E3A940E96F5F6B241A679947C51E306Language Support*s

31M-http://dl.emsisoft.com/updates/3C7263E33FA6646EA5564B726E074AC2.zip.datLanguages\nl-nl.lngDutch (Nederlands) ék3C7263E33FA6646EA5564B726E074AC2Language Supportr

3M-http://dl.emsisoft.com/updates/A4DCB0BE672B2D4A2A475AD56B987522.zip.datLanguages\ko-kr.lngKorean ʯA4DCB0BE672B2D4A2A475AD56B987522Language Support'q

3+M-http://dl.emsisoft.com/updates/002D1A219A1E255B96C2BD7AA07827F4.zip.datLanguages\pl-pl.lngPolish (Polski) ó 002D1A219A1E255B96C2BD7AA07827F4Language Support p

#M;http://dl.emsisoft.com/updates/44E591B51DA1445C0FB560F68B44CD6D.zip.datfr-fr.chmFrench Help344E591B51DA1445C0FB560F68B44CD6DFrench online help file

Ÿ F_† Ÿ dx #[Mhttp://dl.emsisoft.com/updates/720AEB9F18D76BE49DE86C8B25A9FC38.zip.data2dix86.sysBackground guard driver component (x86)N2720AEB9F18D76BE49DE86C8B25A9FC38Background guard driver component for x86 systems - 1.0.0.709Vw

#MMyhttp://dl.emsisoft.com/updates/F83FB687FE3CB8908CD98B509DCB4EA6.zip.data2dix86.dllBackground guard component (x86) ‘ûF83FB687FE3CB8908CD98B509DCB4EA6Background guard component for x86 systems - 1.0.0.709dv #[Mhttp://dl.emsisoft.com/updates/05936579605018BD2BC528FF2C1AD95F.zip.data2dix64.sysBackground guard driver component (x64)\œ05936579605018BD2BC528FF2C1AD95FBackground guard driver component for x64 systems - 1.0.0.6577u

/M]http://dl.emsisoft.com/updates/D9435DA6B31A7D552EA8B4CDAF2980C2.zip.data2acc.dllFile guard module ”¾D9435DA6B31A7D552EA8B4CDAF2980C2File guard protection module - 1.0.0.710

; S¨Í ò ; 4}

%+MUhttp://dl.emsisoft.com/updates/8B619F3CE4DD663440E2EC744E883573.zip.datresource.dllResource Module+³8B619F3CE4DD663440E2EC744E883573Additional data resources - 8.1.0.31X| %CMhttp://dl.emsisoft.com/updates/89B93237CB71628BA36B7DBB1215E318.zip.data2core64.dllBehavior blocker core (x64) •L89B93237CB71628BA36B7DBB1215E318Behavior blocker core component for x64 systems - 7.0.0.111X{ %CMhttp://dl.emsisoft.com/updates/2A8DC74CCAEF04BB2AC3E4A55050F450.zip.data2core32.dllBehavior blocker core (x86) ˆ_2A8DC74CCAEF04BB2AC3E4A55050F450Behavior blocker core component for x86 systems - 7.0.0.111(z

3-M-http://dl.emsisoft.com/updates/7EEF6792D8AF293A9F60FF5FFA34E990.zip.datLanguages\de-de.lngGerman (Deutsch) ñò7EEF6792D8AF293A9F60FF5FFA34E990Language Support*y

31M-http://dl.emsisoft.com/updates/07E9D1CA0AAE489D2874B5319DF5834D.zip.datLanguages\fr-fr.lngFrench (Français) ý“07E9D1CA0AAE489D2874B5319DF5834DLanguage Support

b U›½ b *

#+MChttp://dl.emsisoft.com/updates/1958483F6E5D831F92475E199BA2750C.zip.datclean32.dllCleaning engine´1958483F6E5D831F92475E199BA2750CCleaning engine - 1.0.0.163)

1M?http://dl.emsisoft.com/updates/C61694310D85F74584C6CE29822FB85B.zip.datclean.datCleaning resources Ý

C61694310D85F74584C6CE29822FB85BCleaning engine componentZ ;Mhttp://dl.emsisoft.com/updates/4D46C00FBBF2499A65334B70237B5402.zip.data2cmd.exeCommandline Scanner 8.1.‡4D46C00FBBF2499A65334B70237B5402Console application using command line parameters to scan - 8.1.0.317

+;MEhttp://dl.emsisoft.com/updates/E1EAACA116EAE3241872A5A67E3BB629.zip.data2framework.dllService Framework (x86)WME1EAACA116EAE3241872A5A67E3BB629Service component - 8.1.0.31(~

%)M?http://dl.emsisoft.com/updates/11D313BFFD2BAB07257935EA475157FF.zip.data2update.dllUpdater moduleì«11D313BFFD2BAB07257935EA475157FFUpdater module - 8.1.0.31

» (V‹ » L

!?Muhttp://dl.emsisoft.com/updates/1E370D588367AE396EAFF9D34BD15149.zip.datfrme32.dllCleaning engine componentp1E370D588367AE396EAFF9D34BD15149Cleaning engine file and registry module - 1.0.0.478G

)KMWhttp://dl.emsisoft.com/updates/725E5A19B34061BDD5A5F5720A4D9022.zip.datcleanhlp32.dllCleaning engine component (x86) –Ã725E5A19B34061BDD5A5F5720A4D9022Cleaning engine component - 1.0.0.149N

)SM_http://dl.emsisoft.com/updates/DBC8CDAFC84E96E894C3BAAED9B30F47.zip.datcleanhlp32.sysCleaning engine helper driver (x86)b)DBC8CDAFC84E96E894C3BAAED9B30F47Cleaning engine helper driver - 1.0.0.149T

)SMkhttp://dl.emsisoft.com/updates/B794DCF38C965FA2F93C45A7C3D582C5.zip.datcleanhlp64.sysCleaning engine helper driver (x64)kÝB794DCF38C965FA2F93C45A7C3D582C5Cleaning engine helper driver (x64) - 1.0.0.149

Ý H{ž Ý =

'Muhttp://dl.emsisoft.com/updates/6FD8F474D031AE49BBD4CF1098F36C47.zip.data2service.exeServiceÿ^6FD8F474D031AE49BBD4CF1098F36C47Service application for non admin support - 8.1.0.33Y #?Mhttp://dl.emsisoft.com/updates/E529485E177539A5000C85692F840A13.zip.data2start.exeEmsisoft Anti-Malware 8.1&ÞOE529485E177539A5000C85692F840A13Main application including scanner and configuration - 8.1.0.33I

%7Mshttp://dl.emsisoft.com/updates/7C83894193504D4AC6B3D999FB24144A.zip.data2wizard.exeSecurity Setup Wizard"iJ7C83894193504D4AC6B3D999FB24144ATool to setup the security configuration - 8.1.0.314

#)MYhttp://dl.emsisoft.com/updates/180947F97163C012576419D9C28ABEA0.zip.datlogging.dllLogging module ÷>180947F97163C012576419D9C28ABEA0Debug logging helper module - 8.1.0.31

I” ”˜¢§¬±¶»ÀÅÊÏÔÙÞãèíò÷ü$).38=BGLQV[`ejoty~ƒˆ’—œ¡¦«°µº¿ÄÉÎÓØÝâçìñöûŠ…€{uoic]WQKE?93-'! ý÷ñëåßÙÓÍÇÁ»µ¯©£—‘‹…ysmga[UNG@92+$ ‡ † … „ ƒ ‚ €~}|{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPO N M L K J

! " # $ % & ' ( ) * + , - . / 0 1 2 3 4 5 6 7 8 9 : ; < = > ? @ A B C D E F G H I

Rû ‡Œ‘–›¡§*³¹¿ÅËÑ×Ýãéïõû

%+17=CIOU[agmsy…‹‘—£©¯µ»ÁÈÏÖÝäëòù€yrkd]VOHA:3,% û œ › š ™ ˜ — – • ” “ ’ ‘ Ž Œ ‹ Š ‰ K L M NOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~ € ‚ ƒ „ … † ‡ ˆ

D nº D H

))M{http://dl.emsisoft.com/updates/3D7E47A121A58F7E1E639419E7CB28C0.zip.datBlitzBlank.exeBlitzBlank 1.0 õ3D7E47A121A58F7E1E639419E7CB28C0Removes infections that nothing else removes - 1.0.0.32&

)MAhttp://dl.emsisoft.com/updates/139D664E42F8F5A849F4F5069769595D.zip.dathu-hu.chmHungarian helpca139D664E42F8F5A849F4F5069769595DHungarian online help file0

!M]http://dl.emsisoft.com/updates/F432EB8D1D84A565167107E2EF001473.zip.data2wsc.dllWSC moduleª®F432EB8D1D84A565167107E2EF001473Windows Security Center module - 6.5.0.2(

3-M-http://dl.emsisoft.com/updates/49430175DECDF78AA27506D09C2EEF9E.zip.datLanguages\cz-cz.lngCzech (CeÅ¡tina) ºd49430175DECDF78AA27506D09C2EEF9ELanguage supportb #-M/http://dl.emsisoft.com/updates/8D8F409361718B641DE6BE8D58799549.zip.data2guard.exeProtection GuardÁ*8D8F409361718B641DE6BE8D58799549Background guard with file guard, behavior blocker and surf protection - 8.1.0.31

“ .5< “ %

#+M9http://dl.emsisoft.com/updates/FAB8FFDBAFB612DC2067D4C31E375F69.zip.data2hosts.datHosts blacklist0Y½FAB8FFDBAFB612DC2067D4C31E375F69Host blocker blacklistu %kMhttp://dl.emsisoft.com/updates/8DEA3FE12A6686573F16A06AD95D7AB9.zip.data2util32.sysBackground guard utility driver component (x86)ï8DEA3FE12A6686573F16A06AD95D7AB9Background guard utility driver component for x86 systems - 1.0.0.661u %kMhttp://dl.emsisoft.com/updates/0932B29AA1B9372FFE6D3AF8BA2ABA3A.zip.data2util64.sysBackground guard utility driver component (x64)#œ0932B29AA1B9372FFE6D3AF8BA2ABA3ABackground guard utility driver component for x64 systems - 1.0.0.661N

-AMmhttp://dl.emsisoft.com/updates/CDECBEC73B9681E13AB06ECA3AB8606A.zip.data2cmd_readme.txtCommandline Scanner Readme¸CDECBEC73B9681E13AB06ECA3AB8606AReadme and help file for the commandline scanner

Ÿ K¨ûM Ÿ *

31M-http://dl.emsisoft.com/updates/7BF17EFD40FF6878E54D6EC64D3C3F9A.zip.datLanguages\it-it.lngItalian (Italiano) éó7BF17EFD40FF6878E54D6EC64D3C3F9ALanguage Support*

31M-http://dl.emsisoft.com/updates/F4EF042CB0F0FA3EAAF3D002914AF5C0.zip.datLanguages\tr-tr.lngTurkish (Türkçe) îÿF4EF042CB0F0FA3EAAF3D002914AF5C0Language Support)

3/M-http://dl.emsisoft.com/updates/142B0DD7D276FB9DA679E0F24F04B920.zip.datLanguages\sv-se.lngSwedish (Svenska) è142B0DD7D276FB9DA679E0F24F04B920Language Support

3M-http://dl.emsisoft.com/updates/8F7EA25FCE90A392080BA92A653A273B.zip.datLanguages\en-us.lngEnglish Ö²8F7EA25FCE90A392080BA92A653A273BLanguage Support1

%+MOhttp://dl.emsisoft.com/updates/4CEB7895B2A27E249E7557F4A72AEF8A.zip.data2engine.dllScan Engine (A)Uë4CEB7895B2A27E249E7557F4A72AEF8AScan Engine Component - 3.0.0.596

% S¥ê% A

#9Mchttp://dl.emsisoft.com/updates/0BFEF73D54CABA563425923E437D501A.zip.data2trust.datTrust check signatures ¦¬0BFEF73D54CABA563425923E437D501ASignatures to verify digitally signed files7

5MYhttp://dl.emsisoft.com/updates/79FC6F80C36D4199DC5DC41807B73A13.zip.data2wl.datWhitelist signatures %ý79FC6F80C36D4199DC5DC41807B73A13Signatures for known good applications*

31M-http://dl.emsisoft.com/updates/8D9919F38F138B0E590BBF5D7C7176B2.zip.datLanguages\es-es.lngSpanish (Español) ñ¥8D9919F38F138B0E590BBF5D7C7176B2Language Support)

3/M-http://dl.emsisoft.com/updates/A96996423A03152BA14FCF5F59C76EA6.zip.datLanguages\ca-es.lngCatalan (Català ) òA96996423A03152BA14FCF5F59C76EA6Language Support

˜4Ìh±P ç † h

AMO Signatures\BD\emalware.522²ä8B230C600F1722839A451F9FBE4E69E1Malware signatures (emalware.522)_ 9MG Signatures\BD\jpeg.cvd«4126CDF0C0B40BC2314476BEA28CD9E9Malware signatures (jpeg.cvd)g AMO Signatures\BD\emalware.i35ú3F98992DB974810D5DDF7FA24A126737Malware signatures (emalware.i35)_ 9MG Signatures\BD\cran.ivd¼BE86C2E2801832757FA216B77BA955CEMalware signatures (cran.ivd)g AMO Signatures\BD\emalware.000[344E16009837E3F71BEC9A2CDBB6A7F7Malware signatures (emalware.000)L #M9 a2hosts.datÍCA64216AA8EAEF4F9E93BCCB2521B22CHost blocker blacklistb =MK Signatures\BD\update.txt[997DEB0A63D73B64D513332DDDB89635Malware signatures (update.txt)f AMO Signatures\BD\emalware.000°5340980E252938B75E22D434A40ADF9CMalware signatures (emalware.000)b =MK Signatures\BD\e_spyw.i10B36AFD9AAA7704CFD6E883E737EC7B8CMalware signatures (e_spyw.i10)f AMO Signatures\BD\emalware.522OR683C8DE6FBAA02579D62425DED80D8F7Malware signatures (emalware.522)

ê ›2É_úªN ê b #Mc a2trust.datô0BFEF73D54CABA563425923E437D501ASignatures to verify digitally signed filesZ MY a2wl.datH79FC6F80C36D4199DC5DC41807B73A13Signatures for known good applicationsN #M9 a2hosts.dat “:FAB8FFDBAFB612DC2067D4C31E375F69Host blocker blacklistc =MK Signatures\BD\update.txt\BCA98DF6D84746715E7C9BB482A1668BMalware signatures (update.txt)h AMO Signatures\BD\emalware.523ãF8B888D2EB73141DA33D621075F141F5Malware signatures (emalware.523)g

AMO Signatures\BD\emalware.i33¼AC3C5E275DA792EF2BF24BDE34214C7AMalware signatures (emalware.i33)g AMO Signatures\BD\emalware.i34õ39BD13605B47C6DDFF4AB228D8855717Malware signatures (emalware.i34)c =MK Signatures\BD\e_spyw.i10Q5AEE0F57E37074EFA215806F194EBA10Malware signatures (e_spyw.i10)

\ ăDÌŽRØŸd) ê * \ O< )AMcleanhlp32.dll1.0.0.149 built by: WinDDK725e5a19b34061bdd5a5f5720a4d9022;; #Mclean32.dll1.0.0.1631958483f6e5d831f92475e199ba2750c=: )Mblitzblank.exe1,0,0,323d7e47a121a58f7e1e639419e7cb28c099 !Mbdcore.dll11.0.1.61755023407fde00d9916505a557569d598 #Mavxdisk.dll1.4.0.0adf9f919e10832746ed516230420f74977 Ma2wsc.dll6.5.0.2f432eb8d1d84a565167107e2ef001473;6 %Ma2wizard.exe8.1.0.317c83894193504d4ac6b3d999fb24144a;5 %Ma2update.dll8.1.0.3111d313bffd2bab07257935ea475157ff:4 #Ma2start.exe8.1.0.33e529485e177539a5000c85692f840a13<3 'Ma2service.exe8.1.0.336fd8f474d031ae49bbd4cf1098f36c4772 Ma2mor.dll6.5.0.111686738dd11317dc31fa064ce6fb476=1 'Ma2hooks64.dll7.0.0.109138c1d281999712a68fcb96d6c75c618=0 'Ma2hooks32.dll7.0.0.109c9a9b7c0beacc25df284fc50f7d4306d?/ -Ma2hijackfree.exe4.5.0.1059900a239e2e57ea6635ed984b31fe6c:. #Ma2guard.exe8.1.0.318d8f409361718b641de6be8d58799549

b Åx<õ®gߢb >F %#Munins000.exe51.1052.0.067fc5f2f794a32c6d6c77ac0e31966e8;E %Mresource.dll8.1.0.318b619f3ce4dd663440e2ec744e883573=D )Mquarantine.dll7.0.0.139bf2f24c1392cc93d3f4c00132c5454fGC =Moutlook2010scanner64.dll1.0.0.82df33586a63c6cda88165f8929a5fb552EB 9Moutlook2010scanner.dll1.0.0.8250c44e197eb6849822ba4260a09ddcc6EA 9Moutlook2007scanner.dll1.0.0.517e06d7b491b66d6e1961ae8140400681E@ 9Moutlook2003scanner.dll1.0.0.51815ae19a385c980e98e6792f17617fc0:? #Mlogging.dll8.1.0.31180947f97163c012576419d9c28abea0K> !AMfrme32.dll1.0.0.478 built by: WinDDK1e370d588367ae396eaff9d34bd151499= #Mevcdiff.dll1.0.0.19e28caa559c533a531ccee624da8c64e

HitmanPro is denk ik deze:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Bea at 2014-02-02 11:19:10

Microsoft Windows 7 Professional Service Pack 1

System drive C: has 14 GB (18%) free of 76 GB

Total RAM: 4095 MB (40% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:19:18, on 2-2-2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe

C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe

C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe

C:\Program Files (x86)\ASUSTek\ASUSDVD 8\PDVD8Serv.exe

C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Google\Drive\googledrivesync.exe

C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe

C:\Windows\AsScrPro.exe

C:\Program Files (x86)\Cyberlink\Power2Go\CLMLSvc.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Desktop\pc beveiliging\HijackThis (1) (1).exe

C:\Windows\SysWOW64\NOTEPAD.EXE

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Bea\Downloads\RSIT.exe

C:\Program Files (x86)\trend micro\Bea.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: LastPass Vault - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O2 - BHO: FlashGetBHO - {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [Google Update] "C:\Users\Bea\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: LastPass - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=lastpass

O8 - Extra context menu item: LastPass Invulformulieren - file://C:\Users\Bea\AppData\LocalLow\LastPass\context.html?cmd=fillforms

O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra 'Tools' menuitem: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Emsisoft Anti-Malware 8.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe

O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe

O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe

O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HitmanPro.Alert Service (hmpalertsvc) - SurfRight B.V. - C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe

O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) - Nitro PDF Software - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\NLSSRV32.EXE

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13474 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\AutoKMS.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314706107-1989528577-1666421781-1001Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-314706107-1989528577-1666421781-1001UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-01-16 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95D9ECF5-2A4D-4550-BE49-70D42F71296E}]

LastPass Vault - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}]

FlashGetBHO - C:\Users\Bea\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01 149168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-01-16 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - LastPass Toolbar - C:\Program Files (x86)\LastPass\LPToolbar.dll [2013-12-19 612864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"UpdateP2GoShortCut"=C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Bea\AppData\Local\Google\Update\GoogleUpdate.exe [2014-01-22 116648]

"GoogleChromeAutoLaunch_140299A73DDFBEE682C1057A74DE4DC2"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2014-01-23 866584]

"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2013-12-06 20203904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-03-09 4171464]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CleanHlp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-02-02 11:19:10 ----D---- C:\rsit

2014-02-02 11:19:10 ----D---- C:\Program Files (x86)\trend micro

2014-02-01 22:11:50 ----D---- C:\Program Files (x86)\Emsisoft Anti-Malware

2014-02-01 22:10:13 ----D---- C:\Program Files (x86)\HitmanPro.Alert

2014-02-01 22:10:13 ----A---- C:\Windows\SysWOW64\hmpalert.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\wksprtPS.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\tsgqec.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\rdpendp_winip.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\mstsc.exe

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-02-01 21:23:27 ----A---- C:\Windows\SysWOW64\aaclient.dll

2014-02-01 21:23:26 ----A---- C:\Windows\SysWOW64\mstscax.dll

2014-02-01 20:30:25 ----D---- C:\Windows\SoftwareDistribution

2014-01-31 10:35:40 ----D---- C:\Program Files (x86)\Common Files\DESIGNER

2014-01-28 23:08:51 ----D---- C:\Windows\Migration

2014-01-28 23:05:13 ----A---- C:\Windows\SysWOW64\qdvd.dll

2014-01-16 11:25:29 ----D---- C:\ProgramData\Oracle

2014-01-16 11:23:13 ----A---- C:\Windows\SysWOW64\javaws.exe

2014-01-16 11:23:02 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-01-16 11:23:02 ----A---- C:\Windows\SysWOW64\javaw.exe

2014-01-16 11:23:02 ----A---- C:\Windows\SysWOW64\java.exe

2014-01-12 12:22:40 ----SHD---- C:\$RECYCLE.BIN

2014-01-12 12:18:27 ----A---- C:\Windows\zoek-delete.exe

2014-01-12 12:18:25 ----D---- C:\Windows\Temp

2014-01-12 09:36:07 ----HD---- C:\VTRoot

2014-01-11 23:50:52 ----D---- C:\Users\Bea\AppData\Roaming\Comodo

2014-01-11 21:49:51 ----SD---- C:\ProgramData\Shared Space

2014-01-11 21:49:33 ----D---- C:\ProgramData\Comodo

2014-01-11 21:49:28 ----D---- C:\ProgramData\Comodo Downloader

2014-01-10 23:18:23 ----D---- C:\Windows\pss

2014-01-10 09:53:48 ----A---- C:\DelFix.txt

2014-01-09 18:09:32 ----D---- C:\zoek_backup

======List of files/folders modified in the last 1 month======

2014-02-02 11:19:10 ----RD---- C:\Program Files (x86)

2014-02-02 11:08:30 ----D---- C:\Windows\Tasks

2014-02-02 01:15:36 ----HD---- C:\ProgramData

2014-02-02 01:14:06 ----SHD---- C:\Windows\Installer

2014-02-02 01:14:06 ----SHD---- C:\Config.Msi

2014-02-02 01:00:02 ----D---- C:\Windows\inf

2014-02-01 23:29:11 ----AD---- C:\Windows

2014-02-01 22:10:13 ----D---- C:\Windows\SysWOW64

2014-02-01 22:10:13 ----D---- C:\Windows\System32

2014-02-01 22:00:50 ----RD---- C:\Program Files

2014-02-01 21:43:11 ----D---- C:\Windows\winsxs

2014-02-01 21:39:46 ----D---- C:\Windows\SysWOW64\wbem

2014-02-01 21:39:46 ----D---- C:\Windows\SysWOW64\nl-NL

2014-02-01 21:39:45 ----D---- C:\Windows\PolicyDefinitions

2014-02-01 21:22:52 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI

2014-02-01 21:19:25 ----SHD---- C:\System Volume Information

2014-02-01 15:39:48 ----D---- C:\Users\Bea\AppData\Roaming\uTorrent

2014-02-01 15:38:28 ----D---- C:\Windows\Prefetch

2014-01-31 11:20:30 ----D---- C:\Windows\AutoKMS

2014-01-31 10:53:26 ----D---- C:\Windows\Microsoft.NET

2014-01-31 10:41:59 ----D---- C:\ProgramData\Microsoft Help

2014-01-31 10:39:06 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2014-01-31 10:38:10 ----RSD---- C:\Windows\Fonts

2014-01-31 10:37:35 ----D---- C:\Windows\ShellNew

2014-01-31 10:37:04 ----D---- C:\Program Files (x86)\MSBuild

2014-01-31 10:35:40 ----D---- C:\Program Files (x86)\Common Files

2014-01-31 10:27:13 ----A---- C:\Windows\win.ini

2014-01-28 23:09:44 ----D---- C:\Windows\SysWOW64\en-US

2014-01-28 23:08:51 ----SD---- C:\ProgramData\Microsoft

2014-01-28 22:31:32 ----D---- C:\Users\Bea\AppData\Roaming\Nitro PDF

2014-01-25 13:34:46 ----D---- C:\Users\Bea\AppData\Roaming\Mozilla

2014-01-23 01:23:03 ----D---- C:\Windows\debug

2014-01-21 17:50:59 ----RSD---- C:\Windows\assembly

2014-01-11 21:20:14 ----D---- C:\Program Files (x86)\Microsoft Security Client

2014-01-10 12:32:32 ----D---- C:\Program Files (x86)\Microsoft

2014-01-09 10:24:50 ----SD---- C:\Users\Bea\AppData\Roaming\Microsoft

2014-01-09 10:09:19 ----SHD---- C:\Boot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AsDsm;AsDsm; C:\Windows\SysWOW64\drivers\AsDsm.sys []

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys []

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys []

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []

R1 A2DDA;A2 Direct Disk Access Support Driver; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2013-03-28 26176]

R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys []

R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys []

R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys []

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []

R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []

R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]

R2 hmpalert;HitmanPro.Alert Support Driver; \??\C:\Windows\system32\drivers\hmpalert.sys []

R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys []

R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []

R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys []

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys []

R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys []

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys []

R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys []

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []

R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []

S3 a2acc;a2acc; \??\C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2013-08-24 70960]

S3 cleanhlp;cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [2013-12-04 57024]

S3 cpuz135;cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]

S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys []

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []

S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys []

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys []

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2AntiMalware;Emsisoft Anti-Malware 8.0 - Service; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-12-04 4161512]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe []

R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]

R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]

R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-10-20 6254152]

R2 hmpalertsvc;HitmanPro.Alert Service; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [2014-02-01 1830768]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]

R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool; C:\Program Files\Common Files\Nitro PDF\Professional\6.0\NitroPDFDriverServicex64.exe [2011-01-12 341312]

R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2013-03-25 230408]

R2 nlsX86cc;NLS Service; C:\Windows\SysWOW64\NLSSRV32.EXE [2011-01-12 68928]

R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []

R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-08-27 239176]

R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2013-08-27 93072]

R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [2009-04-15 271760]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]

S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]

S2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 23808]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10 257416]

S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]

S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-09-24 164056]

S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-02 116648]

S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-03-09 30798512]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []

S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

[beaba]

Het lijkt of Ccleaner nu ook veel langer draait dan voorheen. Een reactie versturen duurde net ook heel erg lang???

[kape]

Ga naar de site van ESET Online Scanner.

Klik op de knop “Run ESET Online Scanner”

In een apart scherm krijg je de vraag om EsetSmartInstaller te downloaden

Klik op de link van esetsmartinstaller_enu.exe en dan start de download automatisch op.

Kies voor “Download” van dit bestand.

Klik op “uitvoeren” van dit bestand esetsmartinstaller_enu.exe

Zet een vinkje bij “YES, I accept the Terms of Use”

Klik op “Start”

Klik op "Advanced settings"

Zet een vinkje bij de volgende opties:

• Remove found threats
  
• Scan archives
  
• Scan for potentially unwanted applications
  
• Scan for potentially unsafe applications
  
• Enable Anti-Stealth technology
  

Klik op “Start”

De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.

Je mag het venster sluiten wanneer de scan klaar is.

Gebruik Kladblok om het logje te openen. Dit logje vind je op de locatie C:\\Program Files\\Eset\\EsetOnlineScanner\\log.txt

Kopieer en plak de inhoud van dit logje in je volgende bericht.

[beaba]

Scan is net klaar. Stond in program files x86.

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=72d0d752def0e547808a6ab8b3a40a54

# engine=16910

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-02-02 09:05:13

# local_time=2014-02-02 10:05:13 (+0100, West-Europa (standaardtijd))

# country="Netherlands"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=3074 16777213 100 84 17017 25331153 0 0

# compatibility_mode=5893 16776574 100 94 1847801 143004963 0 0

# scanned=181472

# found=4

# cleaned=4

# scan_time=16629

sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Bea\Downloads\ccsetup410 (1).exe"

sh=0F97FB08E6FC4500F86E64D3285C171C6462BD61 ft=1 fh=acbbffe185c36761 vn="Win32/Bundled.Toolbar.Google.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Bea\Downloads\ccsetup410.exe"

sh=13EE8C9FCE6F74512DCD188CCA0655C5EDE37612 ft=1 fh=756c61b76c471ca8 vn="MSIL/HackKMS.A application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\AutoKMS\AutoKMS.exe"

sh=3F7F25A0628A731849E70F5C6A37B48F3CF431D0 ft=1 fh=6ca57a02b1c441c3 vn="a variant of Win32/Bundled.Toolbar.Ask.F application (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\Installer\MSIE82F.tmp"

[kape]

Krijg je nu nog virusmeldingen nà deze scan ?

[beaba]

Ik wacht het even af de komende dagen. Is autoKMS nu verwijderd?

[kape]

Ik wacht het even af de komende dagen. Is autoKMS nu verwijderd?

Inderdaad ... AutoKMS wordt door de meeste scanners als illegaal beschouwd ... en is het natuurlijk ook. Vandaar dat die er "korte metten" mee maken.