log

• 

  M@ria

  01-10-2012 15:06

  Hallo, Ik heb 2 dagen een loge gehad en heb nu ineens zo'n fijne sweetin balk/startpagina/zoekassistentals ik mn browser open.

  Wie weet wat voor troep nog meer?? Mn pc komt namelijk ook ineens met fout meldingen bij het opstarten, die ook weer verdwijnen als de opstart klaar is. Dus ik dacht laat ik jullie eens met een bezoek vereren, voordat ik zelf de boel in honderd draai.

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 14:57:52, on 1-10-2012

  Platform: Windows 7 SP1 (WinNT 6.00.3505)

  MSIE: Internet Explorer v9.00 (9.00.8112.16450)

  Boot mode: Normal

  Running processes:

  C:\Program Files (x86)\Logitech\Vid HD\Vid.exe

  C:\Program Files (x86)\CastlePaste PRO\CastlePaste.exe

  C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

  C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

  C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

  C:\Program Files (x86)\MessengerPlus! 3\MsgPlus.exe

  C:\Program Files (x86)\AVG Secure Search\vprot.exe

  C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  C:\Program Files (x86)\AVG\AVG2013\avgui.exe

  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

  C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

  C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe

  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe

  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\AppData\Local\Google\Chrome\Application\chrome.exe

  C:\Users\marga\Downloads\HijackThis (1).exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10002&barid={818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE}

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

  O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (file missing)

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

  O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

  O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll

  O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

  O4 - HKLM\..\Run: C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r

  O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe”

  O4 - HKLM\..\Run: C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

  O4 - HKLM\..\Run: “C:\Program Files (x86)\MessengerPlus! 3\MsgPlus.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\vprot.exe”

  O4 - HKLM\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

  O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe” / /PROMPT /CMPID=ROC_JULY_P1

  O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG\AVG2013\avgui.exe” /TRAYONLY

  O4 - HKLM\..\Run: “C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe” / /PROMPT /CMPID=ROC_NT

  O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  O4 - HKCU\..\Run: “C:\Program Files (x86)\Logitech\Vid HD\Vid.exe” -bootmode

  O4 - HKCU\..\Run: “C:\Users\marga\AppData\Local\Google\Update\GoogleUpdate.exe” /c

  O4 - HKCU\..\Run: “C:\Program Files (x86)\MessengerPlus! 3\MsgPlus.exe” /WinStart

  O4 - HKCU\..\Run: C:\Program Files (x86)\CastlePaste PRO\CastlePaste.exe

  O4 - HKCU\..\Run: C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

  O4 - HKCU\..\Run: “C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

  O4 - HKCU\..\Run: C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

  O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

  O9 - Extra ‘Tools’ menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

  O11 - Options group: Accelerated graphics

  O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (file missing)

  O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

  O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

  O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

  O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

  O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

  O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

  O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

  O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

  O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing)

  O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

  O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

  O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

  O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

  O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

  O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

  O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

  O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

  O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

  O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

  O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

  O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

  O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

  –

  End of file - 10987 bytes

  Rapporteren
• 

  Ben

  01-10-2012 15:18

  Hallo,

  “zoek.exe” gebruiken

  Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.

  (hier of hier) kan je lezen hoe je dat doet.

  Download daarna zoek.exe naar het bureaublad.

  Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.

  Vervolgens zal er na een tijdje een venster geopend worden.

  Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)

  Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:

  startupall;

  filesrcm;

  iedefaults;

  {818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE};c

  emptyclsid;

  emptyjava;

  emptyflash;

  emptyiecache;

  emptytemp;

  Sluit nu eerst alle nog openstaande programmavensters!

  Klik nu op de knop "Run script".

  Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)

  Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  Post nu de inhoud van het geopende logje in het volgende bericht en vertel hoe het nu gaat.

  Gr.Ben

  

  Antivirusprikbord.nl

  Rapporteren
• 

  M@ria

  01-10-2012 15:38

  Zo Ben wat ben je snel!! bedankt.

  Eerst even mijn browsers geopend.

  google chrome geeft een popup dat sweetim voor facebook geactiveerd moet worden ( irri ding dus die sweetim)

  Mozila firefox heeft 1 of ander lachend emoticon poppetje in de startpagina?balk, met zeen zoek balkje erachte.

  Ik gebruik beide browsers dagelijks.

  Zoek.exe Version 3.0.0.3 Updated 30-09-2012

  Tool run by marga on ma 01-10-2012 at 15:23:30,28.

  Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

  Running in: Normal Mode Internet Access Detected

  ==== Set IE to Default ======================

  Old Values:

  “Start Page”=“http://home.sweetim.com/?crg=3.1010000.10002&barid={818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE}”

  “Start Page”=“http://home.sweetim.com/?crg=3.1010000.10002&barid={818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE}”

  “Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Start Page”=“http://home.sweetim.com/?crg=3.1010000.10002&barid={818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE}”

  “Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “DefaultScope”=“{EEE6C360-6118-11DC-9C72-001320C79847}”

  “DisplayName”=“SweetIM Search”

  “URL”=“http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10002&barid={818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE}”

  New Values:

  “Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Default_Page_URL”=“http://go.microsoft.com/fwlink/?LinkId=69157”

  “Default_Search_URL”=“http://go.microsoft.com/fwlink/?LinkId=54896”

  “DefaultScope”=“{0633EE93-D776-472f-A0FF-E1416B8B2E3A}”

  “SuggestionsURLFallback”=“http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}§ionHeight={ie:sectionHeight}&FORM=IE8SSC&market={language}”

  “FaviconPath”=“C:\\Users\\marga\\AppData\\LocalLow\\Microsoft\\Internet Explorer\\Services\\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico”

  “DisplayName”=“Bing”

  “URL”=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”

  “ShowSearchSuggestions”=dword:00000000

  “TopResultURLFallback”=“http://www.bing.com/search?q={searchTerms}&src=ie9tr”

  ==== Deleting CLSID Registry Keys ======================

  ==== Deleting CLSID Registry Values ======================

  ==== Files Recently Created / Modified ======================

  ====== C:\Windows ====

  ====== C:\Users\marga\AppData\Local\Temp ====

  2012-10-01 12:13:53 8A4AF3B0695F29186AD02E2FD766FA3B 393016 —-a-w- C:\Users\marga\AppData\Local\Temp\mgsqlite3.dll

  2012-10-01 12:13:53 7704B843006444B69486FD27D4660845 3380216 —-a-w- C:\Users\marga\AppData\Local\Temp\SIMEEIInstaller.exe

  2012-10-01 12:13:40 BB804B756C631706B31B601B573C5A4C 6828888 —-a-w- C:\Users\marga\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe

  2012-09-25 16:20:54 AAB7AC8D97F195CF8282901C6B6D8AF8 4720736 —-a-w- C:\Users\marga\AppData\Local\Temp\CommonInstaller.exe

  2012-09-25 16:20:49 E3E294B6876F636A41C8A1D325280254 8212064 —-a-w- C:\Users\marga\AppData\Local\Temp\ToolbarInstaller.exe

  2012-09-25 16:20:37 A455E465CD4D710DC9B5ED2B8F9C0B0C 12143200 —-a-w- C:\Users\marga\AppData\Local\Temp\oi_{B581C445-B274-48A4-86C9-E8C742532CC4}.exe

  2012-09-25 16:20:22 CA77CD09F52149CB33FC117396087EBE 163936 —-a-w- C:\Users\marga\AppData\Local\Temp\MachineIdCreator.exe

  2012-09-25 16:20:22 08B04D5673C9283D3DBDBC4F845F049A 255072 —-a-w- C:\Users\marga\AppData\Local\Temp\avguidx.dll

  ====== C:\Windows\SysWOW64 =====

  2012-10-01 12:36:44 A3311F3354BCB10B9B5212313904B70B 95208 —-a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

  2012-09-22 19:32:04 BBA02541017653A42A73C9A544FD816A 2382848 —-a-w- C:\Windows\SysWOW64\mshtml.tlb

  2012-09-22 19:32:03 FEA05B225411C3DDA4F88503F56B782C 73216 —-a-w- C:\Windows\SysWOW64\mshtmled.dll

  2012-09-22 19:32:02 DBBBE5B64E2FE1AF8BE76CCAA2B54DFC 420864 —-a-w- C:\Windows\SysWOW64\vbscript.dll

  2012-09-22 19:32:02 CC0713B192BF47A124168957ACD75CC1 176640 —-a-w- C:\Windows\SysWOW64\ieui.dll

  2012-09-22 19:32:01 9FAC0F6D5F3D922DB294E30CD3F62369 1103872 —-a-w- C:\Windows\SysWOW64\urlmon.dll

  2012-09-22 19:32:01 8621FE8577BCFB8B5CB15897D4A9024A 142848 —-a-w- C:\Windows\SysWOW64\ieUnatt.exe

  2012-09-22 19:32:01 339E159B0956BA01B6662BB8546BDE95 231936 —-a-w- C:\Windows\SysWOW64\url.dll

  2012-09-22 19:32:00 58A18482F445D1C8DD51A1BC29251F61 607744 —-a-w- C:\Windows\SysWOW64\msfeeds.dll

  2012-09-22 19:32:00 020C295B09C7DDAE8B13CB9DE0758B4A 1427968 —-a-w- C:\Windows\SysWOW64\inetcpl.cpl

  2012-09-22 19:31:59 5553611E2F9EA6F613079177F1233068 1129472 —-a-w- C:\Windows\SysWOW64\wininet.dll

  2012-09-22 19:31:58 E34C4AAF1533648BC4B671C0F4D86F03 717824 —-a-w- C:\Windows\SysWOW64\jscript.dll

  2012-09-22 19:31:58 394373142655ACCF49D64AAD466C86FF 1800704 —-a-w- C:\Windows\SysWOW64\jscript9.dll

  2012-09-22 19:31:57 EB8A00E8E9931A7EC04F920B09D880D8 1793024 —-a-w- C:\Windows\SysWOW64\iertutil.dll

  2012-09-22 19:31:57 509D846FDF0C83158ED5970DE751364C 65024 —-a-w- C:\Windows\SysWOW64\jsproxy.dll

  2012-09-22 19:31:56 BB197F54A8F69EEA8356B7F70E6D3A20 12319744 —-a-w- C:\Windows\SysWOW64\mshtml.dll

  2012-09-22 19:31:53 0BA3F31E2B4D8D99DF8DD19E81155374 9738240 —-a-w- C:\Windows\SysWOW64\ieframe.dll

  ====== C:\Windows\SysWOW64\drivers =====

  ====== C:\Windows\Sysnative =====

  2012-10-01 12:15:06 EF9CA78A35862B33CB165015833B81A6 18832 —-a-w- C:\Windows\Sysnative\roboot64.exe

  2012-09-26 04:19:54 A236B1646E96AB06BE0F8D592B6D9A0D 245760 —-a-w- C:\Windows\Sysnative\OxpsConverter.exe

  2012-09-22 19:32:04 8A206E4DE6CBB3B8C0AB2E17EF0C4477 2382848 —-a-w- C:\Windows\Sysnative\mshtml.tlb

  2012-09-22 19:32:03 DD90692F0B62A80520A640479939C5D8 96768 —-a-w- C:\Windows\Sysnative\mshtmled.dll

  2012-09-22 19:32:01 FFE777CA06F74478C74CE761F4214152 173056 —-a-w- C:\Windows\Sysnative\ieUnatt.exe

  2012-09-22 19:32:01 D818DFC9D1EDD4A17C31988DAD3A1E2C 237056 —-a-w- C:\Windows\Sysnative\url.dll

  2012-09-22 19:32:01 0A3AABA7A24BDC90472EEB1B42991418 248320 —-a-w- C:\Windows\Sysnative\ieui.dll

  2012-09-22 19:32:00 653D9EC63F8A03185B4DC5DF21AC0A1A 1494528 —-a-w- C:\Windows\Sysnative\inetcpl.cpl

  2012-09-22 19:32:00 5F377E8C27727CADE95E306A678E1FA0 729088 —-a-w- C:\Windows\Sysnative\msfeeds.dll

  2012-09-22 19:32:00 2885A3C3148F725CDA0B4C593BA8F7CE 1346048 —-a-w- C:\Windows\Sysnative\urlmon.dll

  2012-09-22 19:32:00 1D3FAF2E2305A75EBFE1C5F5F7A2CB25 2312704 —-a-w- C:\Windows\Sysnative\jscript9.dll

  2012-09-22 19:31:59 3D165C53E40236A68B7102D1A622D4E0 1392128 —-a-w- C:\Windows\Sysnative\wininet.dll

  2012-09-22 19:31:58 F50F26E6DC3082D8334F2946CE9125FA 599040 —-a-w- C:\Windows\Sysnative\vbscript.dll

  2012-09-22 19:31:58 D841F7629505EE542E26E5F0A4D20101 2144768 —-a-w- C:\Windows\Sysnative\iertutil.dll

  2012-09-22 19:31:58 BFC767B51A25AEA82E277003296E4B0B 816640 —-a-w- C:\Windows\Sysnative\jscript.dll

  2012-09-22 19:31:58 1684704478AC8B936CDA8FA16A878A0E 85504 —-a-w- C:\Windows\Sysnative\jsproxy.dll

  2012-09-22 19:31:54 F244DA6DD2C365ABAFD076222C22C2BE 17810944 —-a-w- C:\Windows\Sysnative\mshtml.dll

  2012-09-22 19:31:53 4ECE12D296ED94CA2C7DD6C383A5AB66 10925568 —-a-w- C:\Windows\Sysnative\ieframe.dll

  ====== C:\Windows\Sysnative\drivers =====

  2012-09-17 16:58:54 132251CBBB95062E12FF21E212EB8FB4 56672 —-a-w- C:\Windows\Sysnative\drivers\avgidsha.sys

  2012-09-14 03:34:34 DC353C527816297BD11B13EA60C9BE75 105312 —-a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys

  2012-09-12 09:47:20 1917293728A872BF520952F69E024FE6 199520 —-a-w- C:\Windows\Sysnative\drivers\avgtdia.sys

  2012-09-12 09:47:02 996FCACE7A8EFD926C8BB2C70A40C83F 175968 —-a-w- C:\Windows\Sysnative\drivers\avgldx64.sys

  2012-09-12 04:18:24 760E38053BF56E501D562B70AD796B88 950128 —-a-w- C:\Windows\Sysnative\drivers\ndis.sys

  2012-09-12 04:18:24 0E01641D96889BDEB22DE12D30575B08 41472 —-a-w- C:\Windows\Sysnative\drivers\RNDISMP.sys

  2012-09-12 04:18:21 F782CAD3CEDBB3F9FFE3BF2775D92DDC 1913200 —-a-w- C:\Windows\Sysnative\drivers\tcpip.sys

  2012-09-12 04:18:21 910DD6694848872FD3B8F42BAF801D0A 288624 —-a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS

  2012-09-12 04:18:21 7942B7AC3FF598F8A1736D51ADAF04E8 376688 —-a-w- C:\Windows\Sysnative\drivers\netio.sys

  2012-09-03 19:52:19 A313C4AE276E3C975A1BC27170AA23C6 31080 —-a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys

  ====== C:\Windows\Tasks ======

  ====== C:\Windows\Temp ======

  ======= C:\Program Files =====

  ======= C:\Program Files (x86) =====

  2012-10-01 12:26:28 ——– d—–w- C:\Program Files (x86)\WinASO

  2012-10-01 12:15:00 ——– d—–w- C:\Program Files (x86)\RegClean Pro

  2012-10-01 12:13:35 ——– d—–w- C:\Program Files (x86)\RegCleaner

  2012-09-30 12:46:13 ——– d—–w- C:\Program Files (x86)\Medion GoPal Assistant

  2012-09-25 16:20:52 ——– d—–w- C:\Program Files (x86)\AVG Secure Search

  ======= C: =====

  ====== C:\Users\marga\AppData\Roaming ======

  2012-10-01 12:15:09 ——– d—–w- C:\users\marga\AppData\Roaming\Systweak

  2012-09-30 12:46:43 ——– d—–w- C:\users\marga\AppData\Roaming\GoPal Assistant

  2012-09-25 16:24:00 ——– d—–w- C:\users\marga\AppData\Roaming\AVG2013

  2012-09-25 16:21:11 ——– d—–w- C:\users\marga\AppData\Roaming\TuneUp Software

  2012-09-25 16:00:51 ——– d—–w- C:\users\marga\AppData\Local\MFAData

  2012-09-25 16:00:51 ——– d—–w- C:\users\marga\AppData\Local\Avg2013

  2012-09-03 19:52:31 ——– d—–w- C:\users\marga\AppData\Local\AVG Secure Search

  ====== C:\Users\marga ======

  2012-09-25 16:17:21 ——– d—–w- C:\ProgramData\AVG2013

  ====== C: exe-files ==

  2012-10-01 12:56:54 9A2347903D6EDB84C10F288BC0578C1C 388608 —-a-w- C:\Users\marga\Downloads\HijackThis (1).exe

  2012-10-01 12:36:16 BCFDE991C56EE0D987E57ABD9AAC69EF 10524080 —-a-w- C:\Users\marga\Downloads\mbam-setup-1.65.0.1400.exe

  2012-10-01 12:34:44 46933090544C61673130F8DA566ABDC5 894952 —-a-w- C:\Users\marga\Downloads\chromeinstall-7u7.exe

  2012-10-01 12:25:32 6A4F1ECC3112E7F73F23D22B63471706 5843376 —-a-w- C:\Users\marga\Downloads\WinASO_RO_v4.7.7.exe

  2012-10-01 12:15:06 EF9CA78A35862B33CB165015833B81A6 18832 —-a-w- C:\Windows\System32\roboot64.exe

  2012-10-01 12:15:03 F8DA4E83499D0D5D09CE12DB50617CC5 608792 —-a-w- C:\Program Files (x86)\RegClean Pro\systweakasp.exe

  2012-10-01 12:15:03 3DBC04C03BFF8637AA3BD996298BB526 902032 —-a-w- C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe

  2012-10-01 12:15:00 979F677A41AB469F32C8703DD41AD85D 1181072 —-a-w- C:\Program Files (x86)\RegClean Pro\unins000.exe

  2012-10-01 12:13:53 7704B843006444B69486FD27D4660845 3380216 —-a-w- C:\Users\marga\AppData\Local\Temp\SIMEEIInstaller.exe

  2012-10-01 12:13:40 BB804B756C631706B31B601B573C5A4C 6828888 —-a-w- C:\Users\marga\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe

  2012-10-01 12:13:35 6595D9219001C38B9D727983B38ADDFD 773632 —-a-w- C:\Program Files (x86)\RegCleaner\RegCleanr.exe

  2012-10-01 12:13:35 27C905A32039710713949A7373E0818B 53834 —-a-w- C:\Program Files (x86)\RegCleaner\Uninstall.exe

  2012-09-28 09:57:08 C3B2ACC07BB0610405FC786E3432BEF9 150400 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\ISBEWX64.exe

  2012-09-28 09:57:08 3122474A4FAA5813A0FA4BA0B47A17EF 323968 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\ISBEWI64.exe

  2012-09-28 09:50:58 4769BAFF86F204D4BD713323AD6E5BA6 30587640 —-a-w- C:\Users\marga\AppData\Roaming\TomTom\HOME\Profiles\diszgt6v.default\Updates\v2_9_2_2837_win.exe

  2012-09-26 04:19:54 A236B1646E96AB06BE0F8D592B6D9A0D 245760 —-a-w- C:\Windows\System32\OxpsConverter.exe

  2012-09-25 16:21:03 BF9103F362D7E38CDDF1279F8BD3D318 856160 —-a-w- C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe

  2012-09-25 16:21:02 BF9103F362D7E38CDDF1279F8BD3D318 856160 —-a-w- C:\Program Files (x86)\AVG Secure Search\roc_nt.exe

  2012-09-25 16:21:01 0BF22DE5DBB7F6CBC97D2A47425D5DF7 1514080 —-a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe

  2012-09-25 16:20:54 AAB7AC8D97F195CF8282901C6B6D8AF8 4720736 —-a-w- C:\Users\marga\AppData\Local\Temp\CommonInstaller.exe

  2012-09-25 16:20:53 CCA57170E4C29E466127BAAFCEBD3BB7 793184 —-a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe

  2012-09-25 16:20:53 3BC09C39241237FD1EDA89697CFCECBD 1066592 —-a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe

  2012-09-25 16:20:53 2C1B935D1E56B226202FAEB0B844E15F 947808 —-a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe

  2012-09-25 16:20:49 E3E294B6876F636A41C8A1D325280254 8212064 —-a-w- C:\Users\marga\AppData\Local\Temp\ToolbarInstaller.exe

  2012-09-25 16:20:37 A455E465CD4D710DC9B5ED2B8F9C0B0C 12143200 —-a-w- C:\Users\marga\AppData\Local\Temp\oi_{B581C445-B274-48A4-86C9-E8C742532CC4}.exe

  2012-09-25 16:20:22 CA77CD09F52149CB33FC117396087EBE 163936 —-a-w- C:\Users\marga\AppData\Local\Temp\MachineIdCreator.exe

  2012-09-25 16:00:46 D725B8C5528FB71D05A78AF466774EB2 42104 —-a-w- C:\ProgramData\MFAData\SelfUpd\avguirux.exe

  2012-09-25 16:00:46 A77FBFE75A17790244A3AE2F9CCAF4FA 7175408 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe

  2012-09-25 16:00:45 FD464FA77ADE059D789C1FD29A512BBF 270968 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgrunasx.exe

  2012-09-25 16:00:45 D1AD62F6E370067493401BB18855326E 616568 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpx.exe

  2012-09-25 16:00:35 9A5F8F497F5698288007484FCF15E34D 378720 —-a-w- C:\ProgramData\MFAData\SelfUpd\fixcfg.exe

  2012-09-25 16:00:35 2AE999EC5269B489F5B9986F82C79FDD 648544 —-a-w- C:\ProgramData\MFAData\SelfUpd\idpfixx.exe

  2012-09-25 16:00:34 EA1145DEBCD508FD25BD1E95C4346929 193288 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgwdsvc.exe

  2012-09-25 16:00:34 596F5A2C5916EFD177B0614788B0CDF1 2596984 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgtray.exe

  2012-09-25 16:00:34 2EE6E94BF54256182779EE1AE53C7A83 709824 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgwsc.exe

  2012-09-25 16:00:34 16E3C0E47A954680ED5CE18FD01E9A1D 4370552 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgui.exe

  2012-09-25 16:00:33 CB7C95F140DCBC45B0937F843D63F4D8 1252192 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmaa.exe

  2012-09-25 16:00:33 406D3F757C9E75101E6E51835AAC312B 793952 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmax.exe

  2012-09-25 16:00:33 0D082FB144AC46B0ADC63E5B223E7597 11383392 —-a-w- C:\ProgramData\MFAData\SelfUpd\AVGTBInstall.exe

  2012-09-25 16:00:32 FE6ED6DE378C50774D710243F4B39CBC 1114232 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgntdumpa.exe

  2012-09-25 16:00:32 72EE3BF7378869AB5D72E7E191FD5FAA 2011768 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgnsa.exe

  2012-09-25 16:00:32 4AE532194AE7D2FE6378C1166B006B49 990840 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgscanx.exe

  2012-09-25 16:00:32 10AEE3CEE4801E5962AF1B8E17DAD353 1728120 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgscana.exe

  2012-09-25 16:00:32 072D294B9005F9AA1D03B7EBFA981344 1393784 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgrsa.exe

  2012-09-25 16:00:31 F6A528DE535396C2FB1A4E3C6F00CEC4 5167736 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgidsagent.exe

  2012-09-25 16:00:31 3C9B25C38E7A2BA07FB4F7DB351D6FF0 146784 —-a-w- C:\ProgramData\MFAData\SelfUpd\avglscanx.exe

  2012-09-25 16:00:30 F3EBE5508BC9EA8AB88DB5A46397EE09 686712 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpx.exe

  2012-09-25 16:00:30 ECC96985954185DFCF455FBBB8037A1B 338784 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrvx.exe

  2012-09-25 16:00:30 B96E3E543675039FC93D14EDF627231A 520032 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcsrva.exe

  2012-09-25 16:00:30 B082D1AA020008B26D08B838C5B1E6BB 2698112 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgdiagex.exe

  2012-09-25 16:00:30 938928B014F2ABA4C1293EA4D8714020 1607040 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgemca.exe

  2012-09-25 16:00:30 74CE9F4CBDCC147BB16042FAC323E970 1194104 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgdumpa.exe

  2012-09-25 16:00:30 365AF669B33F7B0B2A45B99F269C0145 4590712 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcrema.exe

  2012-09-25 16:00:29 C4C1C65323B63C640B79BD1C6969BC8D 878712 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcmgr.exe

  2012-09-25 16:00:29 9F0678A35B06CA75A8495762CE274495 493920 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcfgex.exe

  === C: other files ==

  2012-10-01 12:36:44 A3311F3354BCB10B9B5212313904B70B 95208 —-a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

  2012-10-01 12:15:07 71A2DCA8F626FCEF8BFF7E2C17C67A7F 126976 —-a-w- C:\Program Files (x86)\RegClean Pro\xmllite.dll

  2012-10-01 12:13:53 8A4AF3B0695F29186AD02E2FD766FA3B 393016 —-a-w- C:\Users\marga\AppData\Local\Temp\mgsqlite3.dll

  2012-09-29 08:52:14 BD8420732905C07F04A9D55C9BAF009F 301 —-a-w- C:\Users\marga\Documents\TomTom\HOME\Download\complete\map\Europa_-_noordelijke_zone-1\activation.zip

  2012-09-29 08:52:14 B3BF4B0D001D058F0440C605D44B1F83 1194798474 —-a-w- C:\Users\marga\Documents\TomTom\HOME\Download\complete\map\Europa_-_noordelijke_zone-1\Europe_North.zip

  2012-09-28 09:57:08 A93F625EF42B54C2B0F4D38201E67606 267128 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\ISRT.dll

  2012-09-28 09:57:07 FD18DA2A10CC48304A5D15F103A1D124 335872 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0816.dll

  2012-09-28 09:57:07 E2B4EE858C2C5F82C7CA2A0724D4E783 323584 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x041d.dll

  2012-09-28 09:57:07 D6BBF7FF6984213C7F1F0F8F07C51E6A 553067 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0809.dll

  2012-09-28 09:57:07 B7E3F7ADCE24E22D85497443E5FDB91A 274432 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0804.dll

  2012-09-28 09:57:07 AE476FF14BDE8E6C6D432E73DD636CF7 323584 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x041f.dll

  2012-09-28 09:57:06 E124564CABFBD3B31F338644404A6DBD 327680 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0414.dll

  2012-09-28 09:57:06 CBD52FA65DECCB4BB6B615FAC2862356 327680 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x041b.dll

  2012-09-28 09:57:06 780B2FC9DB905F7CC9B6290F538FAE8B 331776 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0415.dll

  2012-09-28 09:57:06 53DE5B697EE985E80CDD1AD8203681D6 331776 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0416.dll

  2012-09-28 09:57:06 1B9F0857D3C02FC12D43101503CE5A38 327680 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0419.dll

  2012-09-28 09:57:05 D26C33A89917D7E6291E300B603C9B1B 339968 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x040a.dll

  2012-09-28 09:57:05 AC7E1B78D58440110FF42D3C8CD0CD3A 331776 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x040e.dll

  2012-09-28 09:57:05 A3019A6A89BD36BD0198AF99B6525661 335872 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0410.dll

  2012-09-28 09:57:05 9A5EE236B50A02E0828CB2D1BFF96F83 335872 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0413.dll

  2012-09-28 09:57:05 96521C0328D147DD0016FE074D8D38C7 323584 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x040b.dll

  2012-09-28 09:57:05 946142DEAB8757AD6CC94E23C54A6051 339968 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x040c.dll

  2012-09-28 09:57:04 D6BBF7FF6984213C7F1F0F8F07C51E6A 553067 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0409.dll

  2012-09-28 09:57:04 CDB9841F728C1CB5BF3B15666EE2F1D5 327680 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0405.dll

  2012-09-28 09:57:04 BE66EA498B8188FAEFAA50FF0D7A76EA 327680 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0406.dll

  2012-09-28 09:57:04 6B29601A050A6B66A36D79C6582A8942 274432 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0404.dll

  2012-09-28 09:57:04 62850E91E5A496B1B53DF16754E521A9 339968 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0407.dll

  2012-09-28 09:57:04 5EE37FCB4F10A5E95E6D191D01DA5CB0 339968 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0408.dll

  2012-09-28 09:57:03 DCBEF44687886453A934FC971A096C6A 335872 —-a-w- C:\Users\marga\AppData\Local\Temp\{8F463D47-CE6B-4D2E-9993-557E3D48EF3B}\_isres_0x0403.dll

  2012-09-27 01:18:31 8E8A76CE250735918D20F7F587ED02F2 323 —-a-w- C:\ProgramData\AVG2013\IDS\config\quarantinedList.zip

  2012-09-25 16:20:53 679F7C46A01611ED1152FC883B130BD1 1734240 —-a-w- C:\Program Files (x86)\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

  2012-09-25 16:20:53 08B04D5673C9283D3DBDBC4F845F049A 255072 —-a-w- C:\Program Files (x86)\AVG Secure Search\avguidx.dll

  2012-09-25 16:20:52 7707598CD1964518221EF6829AFAEEF2 2411945 —-a-w- C:\Program Files (x86)\AVG Secure Search\toolbar.zip

  2012-09-25 16:20:22 08B04D5673C9283D3DBDBC4F845F049A 255072 —-a-w- C:\Users\marga\AppData\Local\Temp\avguidx.dll

  2012-09-25 16:18:13 61A7E0B02F82CFF3DB2445BBE50B3589 24144 —-a-w- C:\Program Files (x86)\AVG\AVG2013\Drivers\avgidsfilterx.sys

  2012-09-25 16:18:13 0F293406F64B48D5D2F0D3A1117F3A83 29776 —-a-w- C:\Program Files (x86)\AVG\AVG2013\Drivers\avgidsfiltera.sys

  2012-09-25 16:00:46 7F79EED0F09C0C4D9DF72928BE524C19 775800 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgmfarx.dll

  2012-09-25 16:00:46 268C9A738A01224A987CD978AC25E057 2876024 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgupdx.dll

  2012-09-25 16:00:46 13DD23172C3E8A81FAA9F88C34131C61 939008 —-a-w- C:\ProgramData\MFAData\SelfUpd\htmlayout.dll

  2012-09-25 16:00:35 B7439A352DE0FB9C5E1737B3242E6E92 1447032 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgxpla.dll

  2012-09-25 16:00:35 957B54CF5BEEC9EEC78F4D2E6B4BB5B9 736608 —-a-w- C:\ProgramData\MFAData\SelfUpd\axioo.dll

  2012-09-25 16:00:35 283BA4ACC3CF1E5797AF7879EFB38386 952952 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgxpl.dll

  2012-09-25 16:00:34 E630B23CEA86E86DAF9C9D0AE7F94BBC 429920 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgwebui.dll

  2012-09-25 16:00:34 B642E645D7A790E0FA41E16C6C4234E6 386160 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgwdwsc.dll

  2012-09-25 16:00:34 AC633C7D40C63A197649955A512AD7BD 1982160 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgwd.dll

  2012-09-25 16:00:34 6F20729E802D5CC643A73A7F0339032B 3178104 —-a-w- C:\ProgramData\MFAData\SelfUpd\avguires.dll

  2012-09-25 16:00:34 5BCDCC4A48C21782508A53340F188716 1737568 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgutila.dll

  2012-09-25 16:00:34 4D5F1648A82FE60BC4B2F6BD41F3C12A 595808 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgvvx.dll

  2012-09-25 16:00:34 363DEB242D11AE18251304D04292956A 1104736 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgvva.dll

  2012-09-25 16:00:34 33EBF29394D8D6E3A1AA2CD7A7911A46 1186144 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgutilx.dll

  2012-09-25 16:00:34 04263A657BFEDD480B354826CE08A2DB 2638456 —-a-w- C:\ProgramData\MFAData\SelfUpd\avguiadv.dll

  2012-09-25 16:00:33 F108BD69365EFC749C7E5F8BBEB51E3B 490336 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsysa.dll

  2012-09-25 16:00:33 B4A4AE41F86BB7F01ADCCA7D6E34AAE6 214880 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsea.dll

  2012-09-25 16:00:33 B496B116F621223357DEFE4508B0987E 507512 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsrmx.dll

  2012-09-25 16:00:33 9FE93E05194427727A755032436533B3 1417336 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgssie.dll

  2012-09-25 16:00:33 93312F83FD4D5C38CEE8AA1265C061EE 366432 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsysx.dll

  2012-09-25 16:00:33 416C51633BF1E74E48B0B3BF106CBFEC 1968248 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgssiea.dll

  2012-09-25 16:00:33 060F2AED6BE18FCC05515A18CE4A0813 959608 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsrma.dll

  2012-09-25 16:00:32 EB4A30EAC3B3C304EAC8A10970E3402E 547168 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsched.dll

  2012-09-25 16:00:32 E387AE51F3BD310897C960399EE0D257 661344 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgresf.dll

  2012-09-25 16:00:32 D260A37BBEFCE7220A3BDB5DF55C525B 776824 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgrkta.dll

  2012-09-25 16:00:32 BBA44865F606EE1E698ABDF705A90F87 212320 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgscana.dll

  2012-09-25 16:00:32 B9E71037FC6E049FD6D43336B74E02DE 174464 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgppa.dll

  2012-09-25 16:00:32 AFF2E23E4E867140F07ABADC9E29ACDC 129376 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgopensslx.dll

  2012-09-25 16:00:32 ADFA73BBBED712CFA273FF65B6A8571B 1231200 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgpostinstx.dll

  2012-09-25 16:00:32 A5675206B80C4127BC687DCCA9A57212 426848 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgntsqlitex.dll

  2012-09-25 16:00:32 935A2E131BCA3A075AD72F0DC2077D7B 1047904 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgsbga.dll

  2012-09-25 16:00:32 91DC97F9DA3E2B59049D410870935C78 889696 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgntopensslx.dll

  2012-09-25 16:00:32 863D56F63D254EBE27589893688CA8B3 1126752 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgntopenssla.dll

  2012-09-25 16:00:32 857CBB3BB6BBB2BAEB9FB66CAC0DFC27 589152 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgntsqlitea.dll

  2012-09-25 16:00:32 801FC32EFA043F6C9E9F5BDAC84795F2 158560 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgse.dll

  2012-09-25 16:00:32 6F83C67F5339C2235996174BFB05041E 160608 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgopenssla.dll

  2012-09-25 16:00:32 63960EF68D878D006D24603C5D4F176A 140128 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgscanx.dll

  2012-09-25 16:00:32 4D2F7EF92AE8725243E5A3AFD3F1834F 122752 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgpp.dll

  2012-09-25 16:00:31 D298CD4ED9E62620A35BC2F88A53F93D 289632 —-a-w- C:\ProgramData\MFAData\SelfUpd\avglnga.dll

  2012-09-25 16:00:31 B2E9DB5E5F4091FCDA0C9249C1E3F974 343392 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgidpmx.dll

  2012-09-25 16:00:31 8B9D6D070113CFD8E20793768AFA26FC 176992 —-a-w- C:\ProgramData\MFAData\SelfUpd\avglngx.dll

  2012-09-25 16:00:31 5B8D71AC2074550D78BC188A8888054F 851576 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgidpsdkx.dll

  2012-09-25 16:00:31 56ADE3A81878DC51443465DC00391124 108416 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgmvflx.dll

  2012-09-25 16:00:31 3438CCBCBD32AB39628D5E4C24F36A85 165760 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgmvfla.dll

  2012-09-25 16:00:30 FCF1A9C3FB29786946302B4470952D85 853344 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcslx.dll

  2012-09-25 16:00:30 FC7BEA10A59ABEA8C225BD6C55B09B7F 7500408 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcorea.dll

  2012-09-25 16:00:30 CA4912C91BAD92DD2AFCF282039740EC 5485176 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcorex.dll

  2012-09-25 16:00:30 B164DCA3DC26FD3DE0005902C1F5BB4C 1393272 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgdtiea.dll

  2012-09-25 16:00:30 2DE0F0CF9A7F1CBBC4860EB020E08660 938104 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgdtiex.dll

  2012-09-25 16:00:30 17D469C94763642CD58FF8C98C12CA6F 385920 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgdecider.dll

  2012-09-25 16:00:30 077E3B75FF949678A2599ECD65C190B8 1336672 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcsla.dll

  2012-09-25 16:00:29 E2C78D19572AACC2062A00F01503807E 1049440 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcfgx.dll

  2012-09-25 16:00:29 DB4C494406ECAA861C49E4BF2FE1352E 476792 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgadvisorx.dll

  2012-09-25 16:00:29 D64B112ECC7230808829A7BE86DCE8E3 261984 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgchcla.dll

  2012-09-25 16:00:29 BE897F865582A30F7D552B3FECF9B24A 64864 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgapps.dll

  2012-09-25 16:00:29 A28CA9B35F6D0536CDAF99C296922FB7 586872 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgapia.dll

  2012-09-25 16:00:29 8415EF35A9CC4CF9E335AEC0EB562AAA 1834336 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcfga.dll

  2012-09-25 16:00:29 80DDC9151BFDF260AC4441A2F3943A04 580960 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcclia.dll

  2012-09-25 16:00:29 747601D47721AD1DE22CFFB4F912203D 374392 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcerta.dll

  2012-09-25 16:00:29 7240EA3FA768ED1E6E52741AE47EA08A 1336440 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgabout.dll

  2012-09-25 16:00:29 60732ECEC8AEF0A05FE36E661AA1C99C 256864 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgclitx.dll

  2012-09-25 16:00:29 583D2AB70DA4BDC7DCB5EC5C7B87A57C 250488 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcertx.dll

  2012-09-25 16:00:29 3466855DE825F86C484A3454AD090967 172896 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgchclx.dll

  2012-09-25 16:00:29 2A4C9B21AEE9B53DD086B3AFBD251514 354656 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgclita.dll

  2012-09-25 16:00:29 11790A73767FBC981BA961D2231907E2 362848 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgcclix.dll

  2012-09-25 16:00:29 1176FAE769EA995FF3BA0B26D0E5A773 350840 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgapix.dll

  2012-09-25 16:00:29 0C9456994D087498B4B12DB6DE02779C 632440 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgchjwa.dll

  2012-09-25 16:00:29 08B098B89C5F5968BDA67EC58855B309 392032 —-a-w- C:\ProgramData\MFAData\SelfUpd\avgamnot.dll

  ==== Startup Registry Enabled ======================

  “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

  “Sidebar”=“%ProgramFiles%\Windows\Sidebar.exe /autoRun”

  “Logitech Vid”=“C:\Program Files (x86)\Logitech\Vid HD\Vid.exe -bootmode”

  “Google Update”=“C:\Users\marga\AppData\Local\Google\Update\GoogleUpdate.exe /c”

  “MessengerPlus3”=“C:\Program Files (x86)\MessengerPlus 3\MsgPlus.exe /WinStart”

  “C-CastlePaste”=“C:\Program Files (x86)\CastlePaste PRO\CastlePaste.exe”

  “Gadwin PrintScreen”=“C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash”

  “TomTomHOME.exe”=“C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

  “KiesHelper”=“C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s”

  “KiesAirMessage”=“C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup”

  “KiesPDLR”=“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe”

  “mctadmin”=“C:\Windows\System32\mctadmin.exe”

  “mctadmin”=“C:\Windows\System32\mctadmin.exe”

  “HDAudDeck”=“C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r”

  “ATICustomerCare”=“C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe”

  “LWS”=“C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide”

  “MessengerPlus3”=“C:\Program Files (x86)\MessengerPlus 3\MsgPlus.exe”

  “StartCCC”=“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun”

  “Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  “vProt”=“C:\Program Files (x86)\AVG Secure Search\vprot.exe”

  “KiesTrayAgent”=“C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe”

  “ROC_ROC_JULY_P1”=“C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1”

  “AVG_UI”=“C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY”

  “ROC_ROC_NT”=“C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe / /PROMPT /CMPID=ROC_NT”

  “SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”

  “Logitech Vid”=“C:\Program Files (x86)\Logitech\Vid HD\Vid.exe -bootmode”

  “Google Update”=“C:\Users\marga\AppData\Local\Google\Update\GoogleUpdate.exe /c”

  “MessengerPlus3”=“C:\Program Files (x86)\MessengerPlus 3\MsgPlus.exe /WinStart”

  “C-CastlePaste”=“C:\Program Files (x86)\CastlePaste PRO\CastlePaste.exe”

  “Gadwin PrintScreen”=“C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash”

  “TomTomHOME.exe”=“C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe”

  “KiesHelper”=“C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s”

  “KiesAirMessage”=“C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup”

  “KiesPDLR”=“C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe”

  ==== Task Scheduler Jobs ======================

  C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-565504948-1937985983-4094459105-1002Core1cd9cea27cf2ae3.job –a—— C:\Users\marga\AppData\Local\Google\Update\GoogleUpdate.exe

  C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-565504948-1937985983-4094459105-1002UA.job –a—— C:\Users\marga\AppData\Local\Google\Update\GoogleUpdate.exe

  ==== Empty IE Cache ======================

  C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\marga\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

  C:\Users\marga\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\marga\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

  C:\Users\marga\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

  ==== Empty All Flash Cache ======================

  Flash Cache Emptied Successfully

  ==== Empty All Java Cache ======================

  Java Cache cleared successfully

  After Reboot

  ==== Empty Temp Folders ======================

  C:\Windows\Temp successfully emptied

  C:\Users\marga\AppData\Local\Temp successfully emptied

  ==== Deleting Files / Folders ======================

  “C:\Users\marga\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not found

  Rapporteren
• 

  Ben

  01-10-2012 15:45

  Hallo,

  >>>Eerst even mijn browsers geopend.

  google chrome geeft een popup dat sweetim voor facebook geactiveerd moet worden ( irri ding dus die sweetim)

  Mozila firefox heeft 1 of ander lachend emoticon poppetje in de startpagina?balk, met zeen zoek balkje erachte.

  Ik gebruik beide browsers dagelijks. <<<

  Dit heb je voor of na zoek.exe gedaan?

  Gr.Ben

  

  Antivirusprikbord.nl

  Rapporteren
• 

  M@ria

  01-10-2012 15:47

  exact gedaan wat jij zei in je bericht, de pc ging herstarten, toen verscheen er een log, en toen voor ik hier ging posten, kijken of het probleem verholpen was.

  Ik dacht kan die log wel plaatsen zonder eerst even te kijken maar dan vraag je toch , ‘'en is het probleem verholpen? ’'

  Rapporteren
• 

  M@ria

  01-10-2012 15:49

  oh en waar ik net achter kom, als ik nieuw tabblad open in google chroome komt ook http://home.sweetim.com/?barid={818F08EB-0BC1-11E2-96FA-BCAEC51AFBDE}&src=95 ipv mijn vertrouwde starpagina

  Rapporteren
• 

  Ben

  01-10-2012 15:56

  Hallo,

  Oke dan gaan we verder kijken (tu)

  Had je MessengerPlus 3 al op je pc staan?

  Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.

  Download AdwCleaner by Xplode naar het bureaublad.

  

  *Sluit alle openstaande vensters.

  *Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…

  *Klik vervolgens op Verwijderen.

  *Klik bij AdwCleaner – Information op OK

  *Klik bij AdwCleaner – Restart Required op OK

  Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.

  Nadat de PC opnieuw is opgestart, opent een logfile.

  Post aansluitend de inhoud van dit log in je volgende bericht.

  Krijg je en foutmelding doe het volgende!

  Voer AdwCleaner via de Zoek functie uit:

  Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.

  

  *Sluit alle openstaande vensters.

  *Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…

  *Klik vervolgens op Zoeken.

  Post aansluitend de inhoud van dit log in je volgende bericht.

  Gr.Ben

  

  Antivirusprikbord.nl

  Rapporteren
• 

  M@ria

  01-10-2012 16:24

  Ja ik had messenger plus op de pc.

  als ik het programma run zoals jij zegt krijg ik een foutmelding, ook als ik het doe via start. Het is de volgende melding.

  

  mocht het niet groot genoeg zijn, dan hier de tekst in de error melding

  line2056(file''c:users\marga\desktop\adwcleaner.exe''): Error variable used without being declared

  Rapporteren
• 

  Ben

  01-10-2012 16:59

  Hallo,

  >>>als ik het programma run zoals jij zegt krijg ik een foutmelding, ook als ik het doe via start. Het is de volgende melding.<<<

  Via start?

  Voer AdwCleaner via de Zoek functie uit:

  Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.

  

  *Sluit alle openstaande vensters.

  *Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…

  *Klik vervolgens op Zoeken.

  Post aansluitend de inhoud van dit log in je volgende bericht.

  Gr.Ben

  

  Antivirusprikbord.nl

  Rapporteren
• 

  M@ria

  01-10-2012 17:28

  sorry, ik bedoelde zoek, beide opties zelfde foutmelding

  Rapporteren

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.