Trojan Injector enz

irmz

30-10-2012 19:40

Hai Huib/Ben,
Ik zal de goedbedoelde scans achterwege laten
fijn dat jullie ondanks de drukte toch nog de moeite nemen
om te helpen….thnx !
ik weet niet of deze scan goed gelukt is, bij het updaten van Combofix
heeft de lap deze in downloads gezet, dus ik heb een snelkoppeling
gemaakt naar het bureau blad en daar de link in gesleept, dus ik hoop
dat het goed is en anders lees ik het wel, dan doe ik het overnieuw…
ik zal nu ook een hijack logje maken, is die Crossrider een trojan ?
bvd vr groet Irene
ComboFix 12-10-29.05 - Anca 29-10-2012 22:28:37.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.31.1043.18.3691.2294
Gestart vanuit: c:\users\Anca\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: SPYWAREfighter *Enabled/Updated* {4E92AA92-C88D-5FC6-69DE-FCC188839428}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-09-28 to 2012-10-29 ))))))))))))))))))))))))))))))
.
.
2012-10-29 22:56 . 2012-10-29 22:56 ——– d—–w- c:\users\Gast\AppData\Local\temp
2012-10-29 22:56 . 2012-10-29 22:56 ——– d—–w- c:\users\Default\AppData\Local\temp
2012-10-29 21:25 . 2012-10-29 21:25 69000 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F379AEB-4B12-4445-9ADE-C6D3695986D2}\offreg.dll
2012-10-29 19:37 . 2012-10-29 19:37 ——– d—–w- c:\users\Anca\AppData\Local\Macromedia
2012-10-29 19:24 . 2012-10-29 19:51 696760 —-a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-29 19:15 . 2012-08-23 15:28 3584 —-a-w- c:\windows\system32\drivers\nl-NL\tsusbflt.sys.mui
2012-10-29 19:15 . 2012-08-23 13:40 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2012-10-29 19:15 . 2012-08-23 13:41 13312 —-a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2012-10-29 19:15 . 2012-08-23 13:24 15360 —-a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2012-10-29 19:15 . 2012-08-23 14:10 19456 —-a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2012-10-29 19:11 . 2012-08-24 18:05 340992 —-a-w- c:\windows\system32\schannel.dll
2012-10-29 19:11 . 2012-08-24 16:57 247808 —-a-w- c:\windows\SysWow64\schannel.dll
2012-10-29 19:11 . 2012-08-24 18:13 154480 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-10-29 19:11 . 2012-08-24 18:09 458712 —-a-w- c:\windows\system32\drivers\cng.sys
2012-10-29 19:11 . 2012-08-24 18:04 307200 —-a-w- c:\windows\system32\ncrypt.dll
2012-10-29 19:11 . 2012-08-24 18:03 1448448 —-a-w- c:\windows\system32\lsasrv.dll
2012-10-29 19:11 . 2012-08-24 16:57 220160 —-a-w- c:\windows\SysWow64\ncrypt.dll
2012-10-29 19:11 . 2012-08-24 16:57 22016 —-a-w- c:\windows\SysWow64\secur32.dll
2012-10-29 19:11 . 2012-08-24 16:53 96768 —-a-w- c:\windows\SysWow64\sspicli.dll
2012-10-29 19:11 . 2012-05-04 11:00 366592 —-a-w- c:\windows\system32\qdvd.dll
2012-10-29 19:11 . 2012-05-04 09:59 514560 —-a-w- c:\windows\SysWow64\qdvd.dll
2012-10-29 18:55 . 2012-09-24 22:16 95208 —-a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-29 09:51 . 2012-10-23 11:18 364096 —-a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-29 09:51 . 2012-10-23 11:18 25232 —-a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-29 09:51 . 2012-10-15 17:59 54072 —-a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-10-29 09:51 . 2012-10-23 11:18 59728 —-a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-29 09:51 . 2012-10-23 11:18 984144 —-a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-29 09:51 . 2012-10-23 11:18 71600 —-a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-29 09:50 . 2012-10-23 11:17 41224 —-a-w- c:\windows\avastSS.scr
2012-10-29 09:50 . 2012-10-23 11:17 227648 —-a-w- c:\windows\SysWow64\aswBoot.exe
2012-10-27 18:01 . 2012-10-28 09:27 ——– d—–w- c:\programdata\clp
2012-10-27 18:00 . 2012-10-27 18:01 ——– d—–w- c:\users\Anca\AppData\Roaming\Fighters
2012-10-27 17:59 . 2012-10-27 17:59 ——– d—–w- c:\programdata\Common Toolkit Suite
2012-10-27 17:58 . 2012-10-29 21:24 ——– d—–w- c:\programdata\Fighters
2012-10-27 14:51 . 2012-10-29 20:35 ——– d—–w- c:\program files (x86)\Emsisoft Anti-Malware
2012-10-26 10:57 . 2012-10-12 07:19 9291768 —-a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1F379AEB-4B12-4445-9ADE-C6D3695986D2}\mpengine.dll
2012-10-10 14:36 . 2012-09-14 19:19 2048 —-a-w- c:\windows\system32\tzres.dll
2012-10-10 14:36 . 2012-09-14 18:28 2048 —-a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 14:36 . 2012-08-11 00:56 715776 —-a-w- c:\windows\system32\kerberos.dll
2012-10-10 14:36 . 2012-08-10 23:56 542208 —-a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 14:36 . 2012-06-02 05:41 1464320 —-a-w- c:\windows\system32\crypt32.dll
2012-10-10 14:36 . 2012-06-02 04:36 1159680 —-a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 14:36 . 2012-06-02 05:41 184320 —-a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 14:36 . 2012-06-02 05:41 140288 —-a-w- c:\windows\system32\cryptnet.dll
2012-10-10 14:36 . 2012-06-02 04:36 140288 —-a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 14:36 . 2012-06-02 04:36 103936 —-a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 15:34 . 2012-10-04 15:35 ——– d—–w- c:\users\Anca\AppData\Local\Facebook
2012-09-30 21:26 . 2009-07-14 01:41 230400 —-a-w- c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-29 19:51 . 2011-08-09 11:12 73656 —-a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-23 10:17 . 2012-09-27 20:29 285328 —-a-w- c:\windows\system32\aswBoot.exe
2012-10-11 17:31 . 2012-09-27 20:27 65309168 —-a-w- c:\windows\system32\MRT.exe
2012-09-29 17:54 . 2012-09-27 18:33 25928 —-a-w- c:\windows\system32\drivers\mbam.sys
2012-09-27 20:26 . 2012-05-21 07:04 821736 —-a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-27 20:26 . 2012-05-21 07:04 746984 —-a-w- c:\windows\SysWow64\deployJava1.dll
2012-09-02 08:46 . 2012-09-02 08:46 48648 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2012-09-02 08:46 . 2012-09-02 08:46 856712 —-a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-08-24 11:15 . 2012-09-25 14:55 17810944 —-a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-25 14:55 10925568 —-a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-25 14:55 2312704 —-a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-25 14:55 1346048 —-a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-25 14:55 1392128 —-a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-25 14:55 1494528 —-a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-25 14:55 237056 —-a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-25 14:55 85504 —-a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-25 14:55 173056 —-a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-25 14:55 816640 —-a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-25 14:55 599040 —-a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-25 14:55 2144768 —-a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-25 14:55 729088 —-a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-25 14:56 96768 —-a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-25 14:56 2382848 —-a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-25 14:55 248320 —-a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-25 14:55 1800704 —-a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-25 14:55 1129472 —-a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-25 14:55 1427968 —-a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-25 14:55 142848 —-a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-25 14:55 420864 —-a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-25 14:56 2382848 —-a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 17:27 1913200 —-a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 17:28 950128 —-a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 17:27 376688 —-a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 17:27 288624 —-a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-27 16:02 245760 —-a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-10 14:37 44032 —-a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 17:28 574464 —-a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 17:28 490496 —-a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
“Facebook Update”=“c:\users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe”
.
“StartCCC”=“c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
“HPQuickWebProxy”=“c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe”
“HP Quick Launch”=“c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe”
“Adobe Reader Speed Launcher”=“c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe”
“Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“Easybits Recovery”=“c:\program files (x86)\EasyBits For Kids\ezRecover.exe”
“HPOSD”=“c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe”
“SunJavaUpdateSched”=“c:\program files (x86)\Common Files\Java\Java Update\jusched.exe”
“emsisoft anti-malware”=“c:\program files (x86)\Emsisoft Anti-Malware\a2guard.exe”
“avast”=“c:\program files\AVAST Software\Avast\avastUI.exe”
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe
.
“ConsentPromptBehaviorAdmin”= 5 (0x5)
“ConsentPromptBehaviorUser”= 3 (0x3)
“EnableUIADesktopToggle”= 0 (0x0)
“HideFastUserSwitching”= 0 (0x0)
.
“EnableShellExecuteHooks”= 1 (0x1)
.
.
“LoadAppInit_DLLs”=0 (0x0)
.
Notification Packages REG_MULTI_SZ scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe
R3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
R3 AVFSFilter;AVFSFilter;c:\windows\system32\DRIVERS\avfsfilter.sys
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\users\Anca\Downloads\EmsisoftEmergencyKit\Run\a2ddax64.sys
S1 aswSnx;aswSnx;
S1 aswSP;aswSP;
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys
S2 a2AntiMalware;Emsisoft Anti-Malware 7.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
S2 aswFsBlk;aswFsBlk;
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys
S3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys
S3 BTWDPAN;Bluetooth Personal Area Network;c:\windows\system32\DRIVERS\btwdpan.sys
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys
.
.
— Andere Services/Drivers In Geheugen —
.
*NewlyCreated* - A2DDA
.
Inhoud van de ‘Gedeelde Taken’ map
.
2012-10-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
.
2012-10-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001Core.job
- c:\users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
2012-10-29 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001UA.job
- c:\users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
2012-10-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001Core.job
- c:\users\Anca\AppData\Local\Google\Update\GoogleUpdate.exe
.
2012-07-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001UA.job
- c:\users\Anca\AppData\Local\Google\Update\GoogleUpdate.exe
.
2012-10-24 c:\windows\Tasks\HPCeeScheduleForAnca.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
.
.
——— X64 Entries ———–
.
.
@=“{472083B0-C522-11CF-8763-00608CC02F24}”
2012-10-23 11:17 133400 —-a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
“RTHDVCPL”=“c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe”
“SynTPEnh”=“c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe”
“SetDefault”=“c:\program files\Hewlett-Packard\HP LaunchBox\SetDefault.exe”
.
——- Bijkomende Scan ——-
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Afbeelding verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Pagina verzenden naar &Bluetooth-apparaat… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.254
FF - ProfilePath - c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\
FF - ExtSQL: 2012-09-27 18:08; crossriderapp5060@crossrider.com; c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com
FF - ExtSQL: 2012-10-28 15:19; {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF - ExtSQL: 2012-10-29 10:50; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2012-10-29 20:38; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
——————— VERGRENDELDE REGISTER SLEUTELS ———————
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101”
.
“Enabled”=dword:00000001
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
@Denied: (A 2) (Everyone)
@=“Shockwave Flash Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
@=“0”
.
@=“ShockwaveFlash.ShockwaveFlash.11”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“ShockwaveFlash.ShockwaveFlash”
.
@Denied: (A 2) (Everyone)
@=“Macromedia Flash Factory Object”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx”
“ThreadingModel”=“Apartment”
.
@=“FlashFactory.FlashFactory.1”
.
@=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1”
.
@=“{D27CDB6B-AE6D-11cf-96B8-444553540000}”
.
@=“1.0”
.
@=“FlashFactory.FlashFactory”
.
@Denied: (A 2) (Everyone)
@=“IFlashBroker5”
.
@=“{00020424-0000-0000-C000-000000000046}”
.
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2012-10-30 00:00:59
ComboFix-quarantined-files.txt 2012-10-29 23:00
ComboFix2.txt 2012-10-28 23:08
.
Pre-Run: 438.607.310.848 bytes beschikbaar
Post-Run: 438.323.261.440 bytes beschikbaar
.
- - End Of File - - F0148D4B77698E089C7A9A0ADEE5643A
irmz

30-10-2012 19:42

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:41:44, on 30-10-2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\Anca\Downloads\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/CQCON/7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com/CQCON/7
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun
O4 - HKLM\..\Run: “C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
O4 - HKLM\..\Run: C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM\..\Run: “C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe” /d=60
O4 - HKLM\..\Run: “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui
O4 - HKCU\..\Run: “C:\Users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra ‘Tools’ menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: Verzenden naar &Bluetooth-apparaat… - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Emsisoft Anti-Malware 7.0 - Service (a2AntiMalware) - Emsisoft GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
–
End of file - 11849 bytes
Ben

30-10-2012 19:51

Hallo,
Combo heeft het niet verwijderd doe het volgende;
“zoek.exe” gebruiken
Schakel je antivirus- en antispywareprogramma's uit, zoek.exe wordt tijdens het downloaden of tijdens gebruik soms als trojan aangezien.
(hier of hier) kan je lezen hoe je dat doet.
Download daarna zoek.exe naar het bureaublad.
Windows 2000 en Windows XP: start de tool middels dubbelklik op “zoek.exe”.
Windows Vista en Windows 7: start de tool middels rechtsklik op “zoek.exe” en dan kiezen voor Als Administrator uitvoeren.
Vervolgens zal er na een tijdje een venster geopend worden.
Met je muis selecteer je nu de volgende keuze "Combined fix"(rechts onderaan)
Kopieer nu onderstaande Vet gedrukte en plak die in het grote invulvenster:
startupall;
filesrcm;
c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com;f
emptyclsid;
emptyjava;
emptyflash;
emptyiecache;
emptytemp;
Sluit nu eerst alle nog openstaande programmavensters!
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent(dit kan na een herstart zijn)
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post nu de inhoud van het geopende logje in het volgende bericht vertel er ook bij hoe het met je pc gaat.
Gr.Ben
Antivirusprikbord.nl
irmz

02-11-2012 00:35

Hai Ben/Huib
Sorry ik was er even niet, ik heb het even gelezen wat ik moet doen
het lijkt me heel moeilijk maar ik ga morgen m'n best doen en zal
hopelijk morgenavond weer vertellen hoe het gaat….
vr groet Irene
irmz

08-11-2012 23:21

Hai Ben,
sorry dat het zo lang duurde maar ik was even weg….
hierbij het gevraagde logje, ik heb het idee dat de laptop nog steeds
traag is, maar ik moet eerlijk zeggen dat ik er nog niet veel achter gezeten
heb, ik ben gelijk aan het logje begonnen, ik hoop natuurlijk wel dat alle rommel
weg is maar dat verneem ik graag van jullie,
vr groet Irene.
Zoek.exe Version 3.0.0.4 Updated 08-November-2012
Tool run by Anca on do 08-11-2012 at 23:05:28,69.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Deleting CLSID Registry Keys ======================
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
==== Deleting Files \ Folders ======================
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome.manifest” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\install.rdf” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\button1.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\button2.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\button3.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\button4.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\button5.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\crossrider_statusbar.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\icon128.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\icon16.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\icon24.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\icon48.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\panelarrow-up.png” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\popup.css” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\popup.html” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\popup_binding.xml” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\skin.css” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin\update.css” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\background.html” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\browser.xul” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\crossrider.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\crossriderapi.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\CrossriderEXT.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\dialog.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\options.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\options.xul” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\search_dialog.xul” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\update.html” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode\backgroundCode.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode\pageCode.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\lib\reports.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\defaults\preferences\prefs.js” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\locale\en-US\translations.dtd” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\defaults” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\locale” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\skin” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\chrome\content\lib” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\defaults\preferences” deleted
“c:\users\Anca\AppData\Roaming\Mozilla\Firefox\Profiles\v8056ts0.default\extensions\crossriderapp5060@crossrider.com\locale\en-US” deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2012-10-28 21:36:43 F042EE4C8D66248D9B86DCF52ABAE416 256000 —-a-w- C:\Windows\PEV.exe
2012-10-28 21:36:43 9E05A9C264C8A908A8E79450FCBFF047 80412 —-a-w- C:\Windows\grep.exe
2012-10-28 21:36:43 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 —-a-w- C:\Windows\zip.exe
2012-10-28 21:36:43 0297C72529807322B152F517FDB0A9FC 406528 —-a-w- C:\Windows\SWSC.exe
2012-10-28 21:36:43 0277C027A26428DB64EF4F64F52BB4FD 208896 —-a-w- C:\Windows\MBR.exe
====== C:\Users\Anca\AppData\Local\Temp ====
====== C:\Windows\SysWOW64 =====
2012-10-29 19:24:26 0E10FC1911D6A138C513BC05FF60BEF4 696760 —-a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-29 19:14:52 D3F64318307CEC05CBDE533D99976532 16896 —-a-w- C:\Windows\SysWOW64\wksprtPS.dll
2012-10-29 19:14:52 A9D4140B8B843D5719F7C3EED8C0F9FD 37376 —-a-w- C:\Windows\SysWOW64\tsgqec.dll
2012-10-29 19:14:52 8999F18D38D55E34D356796507FFD639 192000 —-a-w- C:\Windows\SysWOW64\rdpendp_winip.dll
2012-10-29 19:14:51 E6446AB7A7E602CAFF51ACA3C68C1526 269312 —-a-w- C:\Windows\SysWOW64\aaclient.dll
2012-10-29 19:14:51 3F853160DEE5B71B9AD2F1BAF2B1E55B 46592 —-a-w- C:\Windows\SysWOW64\MsRdpWebAccess.dll
2012-10-29 19:14:49 40FF6C636380A87DE3A99F4E348BFDCB 1048064 —-a-w- C:\Windows\SysWOW64\mstsc.exe
2012-10-29 19:14:47 EF1689081813A60D4610FF429530BA36 4916224 —-a-w- C:\Windows\SysWOW64\mstscax.dll
2012-10-29 19:11:46 AF78F66116814FDD6677CEBD73035CDD 247808 —-a-w- C:\Windows\SysWOW64\schannel.dll
2012-10-29 19:11:44 859CFCE4A0F72916911BD9F6C6E84581 220160 —-a-w- C:\Windows\SysWOW64\ncrypt.dll
2012-10-29 19:11:43 BFB26890612FB8AE8B0463EBEBE84B7E 96768 —-a-w- C:\Windows\SysWOW64\sspicli.dll
2012-10-29 19:11:43 A113AFEED3159A1ED52D78CB0226006D 22016 —-a-w- C:\Windows\SysWOW64\secur32.dll
2012-10-29 19:11:39 33B26FA5DBEB69FFAB703EDCB4E6DE4A 514560 —-a-w- C:\Windows\SysWOW64\qdvd.dll
2012-10-29 18:55:14 893D84B8695A165D0621E5C023D7FD23 95208 —-a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2012-10-29 19:15:09 7B619C36F84720CB6AB77031B6F4FA60 13312 —-a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyExtension.dll
2012-10-29 19:15:08 E9A0777DCA9148157E0EF9B71D7DE353 15360 —-a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2012-10-29 19:15:08 0E894692EB8579703FB1EC8AB6908571 13312 —-a-w- C:\Windows\Sysnative\TsUsbRedirectionGroupPolicyControl.exe
2012-10-29 19:14:53 09112DADA82F4700F833C2E40DFB59FC 18432 —-a-w- C:\Windows\Sysnative\wksprtPS.dll
2012-10-29 19:14:52 E98E2152251EB2576714B2CCE01555DC 44032 —-a-w- C:\Windows\Sysnative\tsgqec.dll
2012-10-29 19:14:52 9EB297848DAACF111C36B6048EFF5AEA 43520 —-a-w- C:\Windows\Sysnative\TsUsbGDCoInstaller.dll
2012-10-29 19:14:51 87E8244DCB33A7A0836C66389B8874B6 322560 —-a-w- C:\Windows\Sysnative\aaclient.dll
2012-10-29 19:14:50 F059D17612BF074443C01FCCC8D5C905 54272 —-a-w- C:\Windows\Sysnative\MsRdpWebAccess.dll
2012-10-29 19:14:50 D346E07D62E3D4BEAB040939744EC31B 228864 —-a-w- C:\Windows\Sysnative\rdpendp_winip.dll
2012-10-29 19:14:50 AE8535663AA64318D174CD7CA44ED947 62976 —-a-w- C:\Windows\Sysnative\TSWbPrxy.exe
2012-10-29 19:14:50 AD4D0AEDB5993EDA31EB80A54EDBC344 243200 —-a-w- C:\Windows\Sysnative\rdpudd.dll
2012-10-29 19:14:50 6846ECABF7034DD97EE1DE38F1DA16B4 384000 —-a-w- C:\Windows\Sysnative\wksprt.exe
2012-10-29 19:14:49 98C04A60A10777D99B569636C55FE91C 1123840 —-a-w- C:\Windows\Sysnative\mstsc.exe
2012-10-29 19:14:48 8F69EE5E0EB0779DC3E90DFD8D8E8683 3174912 —-a-w- C:\Windows\Sysnative\rdpcorets.dll
2012-10-29 19:14:46 FF16B21E5C0C46A70B2CD4F65B87D9F1 5773824 —-a-w- C:\Windows\Sysnative\mstscax.dll
2012-10-29 19:11:46 B7D42CB36C08FA017E73FF2433CD7287 340992 —-a-w- C:\Windows\Sysnative\schannel.dll
2012-10-29 19:11:45 9B3718651DDE8A75FC4E8D6542A250D8 307200 —-a-w- C:\Windows\Sysnative\ncrypt.dll
2012-10-29 19:11:44 685527DA09EBFB681E98C515978BDEE2 1448448 —-a-w- C:\Windows\Sysnative\lsasrv.dll
2012-10-29 19:11:39 973131EB99BE1E19DAC502CB724E72A5 366592 —-a-w- C:\Windows\Sysnative\qdvd.dll
====== C:\Windows\Sysnative\drivers =====
2012-10-29 19:15:00 313F68E1A3E6345A4F47A36B07062F34 19456 —-a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys
2012-10-29 19:14:59 AD64450A4ABE076F5CB34CC08EEACB07 30208 —-a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys
2012-10-29 19:14:59 17C6B51CBCCDED95B3CC14E22791F85E 57856 —-a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys
2012-10-29 19:11:45 AAFCB52FE0037207FB6FBEA070D25EFE 458712 —-a-w- C:\Windows\Sysnative\drivers\cng.sys
2012-10-29 19:11:45 7EFB9333E4ECCE6AE4AE9D777D9E553E 154480 —-a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2012-10-10 14:37:09 E453ACF4E7D44E5530B5D5F2B9CA8563 1659760 —-a-w- C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
2012-10-29 19:24:50 4A5B2CE607172AF9D3867F9DD542D760 940 —-a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
======= C: =====
2012-10-28 21:19:49 D1FA36894D18EC8968D75497FA1A7F24 25833 —-a-w- C:\AdwCleaner.txt
====== C:\Users\Anca\AppData\Roaming ======
2012-10-30 20:34:31 ——– d—–w- C:\users\Public\AppData\Local\temp
2012-10-30 20:34:31 ——– d—–w- C:\users\Gast\AppData\Local\temp
2012-10-30 20:34:31 ——– d—–w- C:\users\Default\AppData\Local\temp
2012-10-30 20:34:31 ——– d—–w- C:\users\Default User\AppData\Local\temp
2012-10-27 18:00:48 ——– d—–w- C:\users\Anca\AppData\Roaming\Fighters
====== C:\Users\Anca ======
2012-10-29 21:11:50 9EF8B425246827F0A9AB6A887B1D4D36 296 —-a-w- C:\Users\Anca\CFScript.txt
2012-10-28 23:08:59 ——– d—–w- C:\Users\Public\AppData
2012-10-27 18:01:12 ——– d—–w- C:\ProgramData\clp
2012-10-27 17:59:56 ——– d—–w- C:\ProgramData\Common Toolkit Suite
2012-10-27 17:58:09 ——– d—–w- C:\ProgramData\Fighters
====== C: exe-files ==
=== C: other files ==
==== Startup Registry Enabled ======================
“Facebook Update”=“C:\Users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver”
“StartCCC”=“C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun”
“HPQuickWebProxy”=“C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe”
“HP Quick Launch”=“C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe”
“Adobe Reader Speed Launcher”=“C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe”
“Adobe ARM”=“C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe”
“Easybits Recovery”=“C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe”
“HPOSD”=“C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe”
“SunJavaUpdateSched”=“C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
“emsisoft anti-malware”=“C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe /d=60”
“Facebook Update”=“C:\Users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver”
==== Startup Folders ======================
2011-09-19 21:42:15 836 —-a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job –a—— C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001Core.job –a—— C:\Users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001UA.job –a—— C:\Users\Anca\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001Core.job –a—— C:\Users\Anca\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-139012978-1220910512-2524659261-1001UA.job –a—— C:\Users\Anca\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\tasks\HPCeeScheduleForAnca.job –a—— C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Anca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Anca\AppData\Local\Temp successfully emptied
==== Deleting Files / Folders ======================
“C:\Users\Anca\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat” not deleted
“C:\users\Gast\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NQBSW3FK\skype.com” not found
Ben

09-11-2012 08:31

Hallo,
Wat een troep allemaal maar er is toch weer een berg opgeruimd.
Plaats nog even een nieuw DDS.txt logje.
Gr.Ben
Antivirusprikbord.nl
irmz

09-11-2012 11:03

Hai Ben,
Tja die jonge meiden maken alleen gebruik van het -leuke- van internet
ik vind eigenlijk dat ze op school les moeten krijgen hoe je je pc veilig
kan houden, voor jezelf maar ook voor je medemens, we hebben immers
allemaal onze eigen verantwoordelijkheid, maar goed, ik zal m'n best doen
om ze dat wat bij te brengen….
helaas weet ik niet wat een DDS logje is, dat verneem ik nog graag, en ook nog
wat er eventueel nog meer moet gebeuren,
vr groet Irene
Ben

09-11-2012 11:40

Hallo,
Hier heb je het al uitgevoerd.
http://antivirus.startpagina.nl/prikbord/16042554/16043196/re-trojan-injector-enz#msg-16043196
Gr.Ben
Antivirusprikbord.nl
irmz

09-11-2012 12:43

Hai Ben
ik zal het over ong een uurtje uitvoeren, het was al even geleden
en wist niet meer wat een DDS logje was, nu wel dankzij jouw linkje
bedankt alvast en tot straks
vr groet Irene
irmz

09-11-2012 13:36

.Hai Ben hierbij het gevraagde logje
ik hoop dat je hier genoeg aan hebt
vr groet Irene
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 26-1-2012 13:34:27
System Uptime: 9-11-2012 13:19:31 (0 hours ago)
.
Motherboard: Hewlett-Packard | | 3577
Processor: AMD E-450 APU with Radeon™ HD Graphics | Socket FT1 | 1650/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 446 GiB total, 406,459 GiB free.
D: is FIXED (NTFS) - 15 GiB total, 1,678 GiB free.
E: is FIXED (FAT32) - 4 GiB total, 1,084 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP89: 28-10-2012 22:01:03 - avast! Internet Security Setup
RP90: 29-10-2012 10:50:04 - avast! Free Antivirus Setup
RP91: 29-10-2012 11:04:23 - Installed Fighters.
RP92: 29-10-2012 19:53:59 - Installed Java 7 Update 9
RP93: 29-10-2012 20:11:53 - Windows Update
RP94: 5-11-2012 16:41:51 - Windows Update
RP95: 8-11-2012 22:56:17 - avast! Free Antivirus Setup
RP96: 8-11-2012 23:48:17 - avast! Free Antivirus Setup
RP97: 9-11-2012 13:24:31 - Windows Update
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) MUI
Adobe Shockwave Player 11.5
Agatha Christie - Peril at End House
AMD APP SDK Runtime
AMD Fuel
AMD Media Foundation Decoders
AMD VISION Engine Control Center
ATI Catalyst Install Manager
avast! Free Antivirus
Bejeweled 3
Blackhawk Striker 2
Blasterball 3
Bounce Symphony
Broadcom 802.11 Wireless LAN Adapter
Broadcom Bluetooth Software
Broadcom InConcert Maestro
Cake Mania
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chronicles of Albian
Chuzzle Deluxe
Compaq Setup Manager
Cradle of Rome 2
CyberLink YouCam
D3DX10
Emsisoft Anti-Malware
ESU for Microsoft Windows 7 SP1
Evernote v. 4.2.3
Facebook Video Calling 1.2.0.287
Farm Frenzy
FATE
Final Drive: Nitro
Governor of Poker 2 Premium Edition
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Documentation
HP Games
HP Launch Box
HP On Screen Display
HP Power Manager
HP Quick Launch
HP QuickWeb
HP Setup
HP Software Framework
HP Support Assistant
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 31
JavaFX 2.1.0
Jewel Quest: The Sleepless Star - Collector's Edition
Junk Mail filter update
Magic Desktop
Mah Jong Medley
Malwarebytes Anti-Malware versie 1.65.1.1000
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile NLD Language Pack
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Office Klik-en-Klaar 2010
Microsoft Office Starter 2010 - Nederlands
Microsoft PowerPoint Viewer
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Mozilla Firefox 16.0.2 (x86 nl)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Mystery of Mortlake Mansion
Namco All-Stars: PAC-MAN
Penguins!
Plants vs. Zombies - Game of the Year
Poker Superstars III
Polar Bowler
Polar Golfer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Recovery Manager
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
Skype Click to Call
Skype™ 5.10
Slingo Supreme
SpywareBlaster 4.6
Synaptics TouchPad Driver
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
TweetDeck
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Vacation Quest - The Hawaiian Islands
Virtual Villagers 5 - New Believers
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zuma Deluxe
.
==== End Of File ===========================

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

Trojan Injector enz

irmz

irmz

Ben

irmz

irmz

Ben

irmz

Ben

irmz

irmz