windows 7 pc werkt bijna niet meer....

anneken60 · 15 dec 2014

Hallo,

Kan of wil iemand mij helpen...
Tweedehandscomputer werkt bijna niet meer, toetsenbordaanslagen sterk vertraagt, alsmaar reclamebanners, de computer download allerhande ongewenste progs en video's...., pop-ups, omleiding naar webpagina's die niet gevraagd worden....

Spijtig genoeg heb ik geen windows 7 dvd en restore system werkt niet.

Resultaten van adware:

meer dan 400 stuks in quarantaine gestoken.

H

Logfile of random's system information tool 1.10 (written by random/random)
Run by Oxfam at 2014-12-15 13:09:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 49 GB (69%) free of 71 GB
Total RAM: 2031 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:09:18, on 15/12/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Oxfam\Downloads\RSIT.exe
C:\Program Files\trend micro\Oxfam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [PCKeeper2] "C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

--
End of file - 4903 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Oxfam\AppData\Roaming\Mozilla\Firefox\Profiles\7hpo4wzh.default

prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=U270DF&PC=U270&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle Next Generation Java Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ma-config.com/HardwareDetection]
"Description"=Dtection matriel Ma-Config.com
"Path"=C:\Program Files\ma-config.com\nphardwaredetection.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll

C:\Users\Oxfam\AppData\Roaming\Mozilla\Firefox\Profiles\7hpo4wzh.default\extensions\
GLx@2jLXrUkx.com
l@l6peu

rg
{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
{c9d31470-81c6-4e3e-9a37-46eb9237ed3a}

C:\Users\Oxfam\AppData\Roaming\Mozilla\Firefox\Profiles\7hpo4wzh.default\searchplugins\
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-10-23 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-10-23 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-23 4423680]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26 271744]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PCKeeper2"=C:\Program Files\Kromtech\PCKeeper\PCKeeper.exe /autorun []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-12-15 13:09:08 ----D---- C:\Program Files\trend micro
2014-12-15 13:09:07 ----D---- C:\rsit
2014-12-15 12:41:04 ----D---- C:\Program Files\siaaviingtoyiou
2014-12-15 12:17:01 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-12-15 12:16:21 ----D---- C:\ProgramData\Malwarebytes
2014-12-15 12:16:21 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-12-15 12:16:21 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-12-15 12:16:21 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-12-15 12:16:21 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-12-15 12:04:21 ----SHD---- C:\Config.Msi
2014-12-15 11:50:22 ----D---- C:\ProgramData\Kromtech
2014-12-10 22:01:19 ----D---- C:\ProgramData\8050847087060886949
2014-12-10 17:18:36 ----D---- C:\Program Files\MindJET
2014-12-10 16:57:22 ----D---- C:\Windows\system32\appraiser
2014-12-10 14:03:04 ----A---- C:\Windows\system32\mfpmp.exe
2014-12-10 14:03:04 ----A---- C:\Windows\system32\mferror.dll
2014-12-10 14:03:03 ----A---- C:\Windows\system32\rrinstaller.exe
2014-12-10 14:03:03 ----A---- C:\Windows\system32\mfps.dll
2014-12-10 14:03:03 ----A---- C:\Windows\system32\mf.dll
2014-12-10 13:49:40 ----D---- C:\ProgramData\siaaviingtoyiou
2014-12-10 13:44:34 ----A---- C:\Windows\system32\drivers\tdx.sys
2014-12-10 13:44:32 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-10 13:44:30 ----A---- C:\Windows\system32\appraiser.dll
2014-12-10 13:44:30 ----A---- C:\Windows\system32\aitstatic.exe
2014-12-10 13:44:29 ----A---- C:\Windows\system32\invagent.dll
2014-12-10 13:44:29 ----A---- C:\Windows\system32\aepic.dll
2014-12-10 13:44:29 ----A---- C:\Windows\system32\aeinv.dll
2014-12-10 13:44:28 ----A---- C:\Windows\system32\devinv.dll
2014-12-10 13:44:27 ----A---- C:\Windows\system32\generaltel.dll
2014-12-10 13:44:27 ----A---- C:\Windows\system32\aepdu.dll
2014-12-10 13:44:21 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 13:44:21 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-12-10 13:44:21 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-12-10 13:44:20 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 13:44:20 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-10 13:44:19 ----A---- C:\Windows\system32\jscript9diag.dll
2014-12-10 13:44:19 ----A---- C:\Windows\system32\ieUnatt.exe
2014-12-10 13:44:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 13:44:19 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-10 13:44:18 ----A---- C:\Windows\system32\wininet.dll
2014-12-10 13:44:18 ----A---- C:\Windows\system32\vbscript.dll
2014-12-10 13:44:16 ----A---- C:\Windows\system32\ieui.dll
2014-12-10 13:44:16 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-10 13:44:14 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-12-10 13:44:14 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-10 13:44:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-12-10 13:44:12 ----A---- C:\Windows\system32\iertutil.dll
2014-12-10 13:44:09 ----A---- C:\Windows\system32\jscript9.dll
2014-12-10 13:44:08 ----A---- C:\Windows\system32\mshtml.dll
2014-12-10 13:44:06 ----A---- C:\Windows\system32\iernonce.dll
2014-12-10 13:44:06 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-10 13:44:06 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-10 13:44:05 ----A---- C:\Windows\system32\urlmon.dll
2014-12-10 13:44:05 ----A---- C:\Windows\system32\ieapfltr.dll
2014-12-10 13:44:04 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-10 13:43:59 ----A---- C:\Windows\system32\msrating.dll
2014-12-10 13:43:58 ----A---- C:\Windows\system32\iesetup.dll
2014-12-10 13:43:56 ----A---- C:\Windows\system32\ieframe.dll
2014-12-10 13:43:34 ----A---- C:\Windows\system32\tzres.dll
2014-12-10 13:42:56 ----A---- C:\Windows\system32\charmap.exe
2014-12-10 13:42:55 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-10 13:42:54 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-10 13:42:54 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 13:42:53 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 13:42:47 ----A---- C:\Windows\system32\WsmAuto.dll
2014-12-09 17:02:37 ----D---- C:\ProgramData\WorldWideWebCoupon
2014-11-25 22:35:49 ----D---- C:\Program Files\WheelandDeal
2014-11-24 20:23:10 ----A---- C:\Windows\Reimage.ini
2014-11-19 21:21:10 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-19 14:50:50 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 14:50:50 ----A---- C:\Windows\system32\kerberos.dll
2014-11-18 21:21:44 ----D---- C:\ProgramData\deal2dealit
2014-11-18 21:21:29 ----D---- C:\ProgramData\6fba5ac53d40a5a5
2014-11-18 20:45:38 ----D---- C:\Program Files\PC Speed Maximizer
2014-11-18 20:45:25 ----D---- C:\Program Files\Microsoft Office
2014-11-18 20:44:29 ----D---- C:\Program Files\MSECache
2014-11-18 20:40:36 ----RASH---- C:\MSDOS.SYS
2014-11-18 20:40:36 ----RASH---- C:\IO.SYS
2014-11-14 17:49:38 ----HD---- C:\ProgramData\Common Files
2014-11-14 17:49:38 ----D---- C:\ProgramData\MFAData
2014-11-12 13:15:37 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 13:15:34 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:15:30 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:15:26 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:15:26 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:15:25 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:15:25 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:15:25 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:15:25 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:15:24 ----A---- C:\Windows\system32\win32k.sys
2014-11-12 13:15:24 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:15:21 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:15:21 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:15:20 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:15:20 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:15:20 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:15:20 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:15:12 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:15:09 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 13:15:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 13:15:09 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 13:15:08 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 13:15:08 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-11 18:39:13 ----D---- C:\Users\Oxfam\AppData\Roaming\Google
2014-11-11 18:33:36 ----D---- C:\Program Files\Google
2014-11-11 18:33:22 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-11-11 17:47:43 ----D---- C:\Program Files\Mozilla Firefox
2014-11-11 17:44:53 ----D---- C:\Users\Oxfam\AppData\Roaming\Foxit Software
2014-11-10 17:19:23 ----D---- C:\Program Files\Mozilla Firefox.bak
2014-10-24 11:37:03 ----D---- C:\Users\Oxfam\AppData\Roaming\Mozilla
2014-10-24 11:35:37 ----D---- C:\Program Files\Foxit Software
2014-10-24 11:33:09 ----A---- C:\Windows\system32\unrar.dll
2014-10-24 11:32:58 ----D---- C:\Program Files\K-Lite Codec Pack
2014-10-24 11:32:46 ----D---- C:\ProgramData\Mozilla
2014-10-24 11:32:45 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-10-24 11:15:15 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-24 11:15:06 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-24 11:15:06 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-24 11:15:06 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-24 11:15:06 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-24 11:15:06 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-24 11:14:32 ----A---- C:\Windows\system32\mstscax.dll
2014-10-24 11:03:45 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-10-24 10:33:44 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2014-10-24 10:33:39 ----A---- C:\Windows\system32\rdpudd.dll
2014-10-24 10:33:39 ----A---- C:\Windows\system32\rdpendp_winip.dll
2014-10-24 10:32:28 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-10-24 10:32:26 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-10-24 10:32:25 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2014-10-24 10:32:24 ----A---- C:\Windows\system32\wksprtPS.dll
2014-10-24 10:32:24 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-10-24 10:32:24 ----A---- C:\Windows\system32\tsgqec.dll
2014-10-24 10:32:24 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2014-10-24 10:32:23 ----A---- C:\Windows\system32\wksprt.exe
2014-10-24 10:32:23 ----A---- C:\Windows\system32\TSWbPrxy.exe
2014-10-24 10:32:23 ----A---- C:\Windows\system32\rdvidcrl.dll
2014-10-24 10:32:23 ----A---- C:\Windows\system32\mstsc.exe
2014-10-24 10:09:06 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-24 09:50:11 ----SD---- C:\Windows\system32\CompatTel
2014-10-24 09:47:05 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-24 09:46:07 ----A---- C:\Windows\system32\WMPhoto.dll
2014-10-24 09:45:58 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-24 09:43:32 ----A---- C:\Windows\system32\d2d1.dll
2014-10-24 09:18:09 ----D---- C:\Windows\Migration
2014-10-23 17:33:48 ----A---- C:\Windows\system32\DWrite.dll
2014-10-23 17:13:17 ----D---- C:\Program Files\Microsoft.NET
2014-10-23 16:40:54 ----D---- C:\ProgramData\Oracle
2014-10-23 15:38:03 ----D---- C:\Program Files\Common Files\Java
2014-10-23 15:37:32 ----A---- C:\Windows\system32\javaws.exe
2014-10-23 15:37:11 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-10-23 15:37:11 ----A---- C:\Windows\system32\javaw.exe
2014-10-23 15:37:11 ----A---- C:\Windows\system32\java.exe
2014-10-23 15:36:22 ----D---- C:\Program Files\Java
2014-10-23 13:28:40 ----D---- C:\Windows\system32\MRT
2014-10-23 13:28:34 ----A---- C:\Windows\system32\MRT.exe
2014-10-23 13:19:51 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-10-23 13:19:50 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-10-23 13:19:50 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-10-23 13:19:49 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-10-23 13:19:48 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-10-23 13:19:47 ----A---- C:\Windows\system32\WUDFx.dll
2014-10-23 13:19:47 ----A---- C:\Windows\system32\WUDFHost.exe
2014-10-23 13:17:23 ----A---- C:\Windows\system32\infocardapi.dll
2014-10-23 13:17:16 ----A---- C:\Windows\system32\icardres.dll
2014-10-23 13:17:07 ----A---- C:\Windows\system32\icardagt.exe
2014-10-23 13:16:47 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-10-23 13:15:08 ----A---- C:\Windows\system32\wmi.dll
2014-10-23 13:15:08 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2014-10-23 13:09:01 ----A---- C:\Windows\system32\browserchoice.exe
2014-10-23 12:50:48 ----A---- C:\Windows\system32\wmp.dll
2014-10-23 12:50:42 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-23 12:30:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-23 12:30:48 ----A---- C:\Windows\system32\jsIntl.dll
2014-10-23 12:30:48 ----A---- C:\Windows\system32\elshyph.dll
2014-10-23 12:30:47 ----A---- C:\Windows\system32\msls31.dll
2014-10-23 12:30:46 ----A---- C:\Windows\system32\url.dll
2014-10-23 12:30:46 ----A---- C:\Windows\system32\ieapfltr.dat
2014-10-23 12:30:46 ----A---- C:\Windows\system32\icardie.dll
2014-10-23 12:30:45 ----A---- C:\Windows\system32\wextract.exe
2014-10-23 12:30:45 ----A---- C:\Windows\system32\webcheck.dll
2014-10-23 12:30:45 ----A---- C:\Windows\system32\licmgr10.dll
2014-10-23 12:30:45 ----A---- C:\Windows\system32\inseng.dll
2014-10-23 12:30:45 ----A---- C:\Windows\system32\iexpress.exe
2014-10-23 12:30:44 ----A---- C:\Windows\system32\pngfilt.dll
2014-10-23 12:30:44 ----A---- C:\Windows\system32\occache.dll
2014-10-23 12:30:44 ----A---- C:\Windows\system32\mshta.exe
2014-10-23 12:30:44 ----A---- C:\Windows\system32\jscript.dll
2014-10-23 12:30:44 ----A---- C:\Windows\system32\imgutil.dll
2014-10-23 12:30:44 ----A---- C:\Windows\system32\iepeers.dll
2014-10-23 12:30:43 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-10-23 12:30:43 ----A---- C:\Windows\system32\msfeedssync.exe
2014-10-23 12:30:43 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-10-23 12:30:43 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-10-23 12:30:42 ----A---- C:\Windows\system32\mshtmler.dll
2014-10-23 12:30:42 ----A---- C:\Windows\system32\iesysprep.dll
2014-10-23 12:29:30 ----A---- C:\Windows\system32\tdh.dll
2014-10-23 12:29:30 ----A---- C:\Windows\system32\smss.exe
2014-10-23 12:29:30 ----A---- C:\Windows\system32\ntdll.dll
2014-10-23 12:29:30 ----A---- C:\Windows\system32\csrsrv.dll
2014-10-23 12:29:30 ----A---- C:\Windows\system32\advapi32.dll
2014-10-23 12:29:09 ----A---- C:\Windows\system32\mswsock.dll
2014-10-23 12:28:51 ----A---- C:\Windows\system32\taskhost.exe
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-23 12:26:26 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\XpsPrint.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\UIAnimation.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\FntCache.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\dxgi.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\d3d10level9.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\d3d10core.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\d3d10_1.dll
2014-10-23 12:26:26 ----A---- C:\Windows\system32\d3d10.dll
2014-10-23 12:24:08 ----A---- C:\Windows\system32\d3d11.dll
2014-10-23 12:10:51 ----A---- C:\Windows\system32\drivers\afd.sys
2014-10-23 12:10:50 ----A---- C:\Windows\system32\imagehlp.dll
2014-10-23 12:10:32 ----A---- C:\Windows\system32\winlogon.exe
2014-10-23 12:10:30 ----A---- C:\Windows\system32\winsta.dll
2014-10-23 12:10:30 ----A---- C:\Windows\system32\rdrmemptylst.exe
2014-10-23 12:10:30 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-23 12:10:29 ----A---- C:\Windows\system32\rdpwsx.dll
2014-10-23 12:10:29 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-23 12:10:28 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-23 12:09:19 ----A---- C:\Windows\system32\gameux.dll
2014-10-23 12:09:18 ----A---- C:\Windows\system32\Wpc.dll
2014-10-23 12:09:01 ----A---- C:\Windows\system32\ntkrnlpa.exe
2014-10-23 12:09:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-23 12:08:59 ----A---- C:\Windows\system32\KernelBase.dll
2014-10-23 12:08:58 ----A---- C:\Windows\system32\objsel.dll
2014-10-23 12:08:57 ----A---- C:\Windows\system32\wincredprovider.dll
2014-10-23 12:08:57 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-10-23 12:08:57 ----A---- C:\Windows\system32\dimsroam.dll
2014-10-23 12:08:57 ----A---- C:\Windows\system32\cngprovider.dll
2014-10-23 12:08:57 ----A---- C:\Windows\system32\capiprovider.dll
2014-10-23 12:08:57 ----A---- C:\Windows\system32\adprovider.dll
2014-10-23 12:08:22 ----A---- C:\Windows\system32\OxpsConverter.exe
2014-10-23 12:08:08 ----A---- C:\Windows\system32\certutil.exe
2014-10-23 12:08:08 ----A---- C:\Windows\system32\certenc.dll
2014-10-23 12:07:34 ----A---- C:\Windows\system32\cryptdlg.dll
2014-10-23 12:06:35 ----A---- C:\Windows\system32\netcorehc.dll
2014-10-23 12:06:35 ----A---- C:\Windows\system32\ncsi.dll
2014-10-23 12:06:35 ----A---- C:\Windows\system32\iphlpsvc.dll
2014-10-23 12:06:34 ----A---- C:\Windows\system32\nlasvc.dll
2014-10-23 12:06:34 ----A---- C:\Windows\system32\nlaapi.dll
2014-10-23 12:06:34 ----A---- C:\Windows\system32\netevent.dll
2014-10-23 12:06:34 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2014-10-23 12:06:27 ----A---- C:\Windows\system32\Wdfres.dll
2014-10-23 12:06:27 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2014-10-23 12:06:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2014-10-23 12:06:20 ----A---- C:\Windows\system32\ntshrui.dll
2014-10-23 12:06:02 ----A---- C:\Windows\system32\shell32.dll
2014-10-23 12:06:00 ----A---- C:\Windows\system32\msihnd.dll
2014-10-23 12:06:00 ----A---- C:\Windows\system32\consent.exe
2014-10-23 12:06:00 ----A---- C:\Windows\system32\authui.dll
2014-10-23 12:05:48 ----A---- C:\Windows\system32\gdi32.dll
2014-10-23 12:05:46 ----A---- C:\Windows\system32\iologmsg.dll
2014-10-23 12:05:46 ----A---- C:\Windows\system32\drivers\storport.sys
2014-10-23 12:05:46 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2014-10-23 12:05:46 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2014-10-23 12:05:41 ----A---- C:\Windows\system32\osk.exe
2014-10-23 12:05:39 ----A---- C:\Windows\system32\scavengeui.dll
2014-10-23 12:05:36 ----A---- C:\Windows\system32\wscript.exe
2014-10-23 12:05:36 ----A---- C:\Windows\system32\scrrun.dll
2014-10-23 12:05:36 ----A---- C:\Windows\system32\cscript.exe
2014-10-23 12:05:34 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-10-23 12:05:34 ----A---- C:\Windows\system32\drivers\netio.sys
2014-10-23 12:05:34 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2014-10-23 12:05:32 ----A---- C:\Windows\system32\wintrust.dll
2014-10-23 12:05:24 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-23 12:05:24 ----A---- C:\Windows\system32\crypt32.dll
2014-10-23 12:05:23 ----A---- C:\Windows\system32\cryptnet.dll
2014-10-23 12:05:16 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2014-10-23 12:05:16 ----A---- C:\Windows\system32\dhcpcore6.dll
2014-10-23 12:05:10 ----A---- C:\Windows\system32\lpk.dll
2014-10-23 12:05:10 ----A---- C:\Windows\system32\dciman32.dll
2014-10-23 12:05:10 ----A---- C:\Windows\system32\atmlib.dll
2014-10-23 12:05:10 ----A---- C:\Windows\system32\atmfd.dll
2014-10-23 12:05:09 ----A---- C:\Windows\system32\fontsub.dll
2014-10-23 12:05:04 ----A---- C:\Windows\system32\kernel32.dll
2014-10-23 12:05:04 ----A---- C:\Windows\system32\conhost.exe
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-10-23 12:05:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-10-23 12:05:03 ----A---- C:\Windows\system32\winsrv.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-10-23 12:05:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-10-23 12:05:00 ----A---- C:\Windows\system32\mscorier.dll
2014-10-23 12:04:59 ----A---- C:\Windows\system32\mscories.dll
2014-10-23 12:04:59 ----A---- C:\Windows\system32\dfshim.dll
2014-10-23 12:04:49 ----A---- C:\Windows\system32\srcore.dll
2014-10-23 12:04:40 ----A---- C:\Windows\system32\shdocvw.dll
2014-10-23 12:04:32 ----A---- C:\Windows\system32\TSWorkspace.dll
2014-10-23 12:04:26 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2014-10-23 12:04:26 ----A---- C:\Windows\system32\credui.dll
2014-10-23 12:04:19 ----A---- C:\Windows\system32\drivers\ndis.sys
2014-10-23 12:04:18 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2014-10-23 12:04:17 ----A---- C:\Windows\system32\drivers\fvevol.sys
2014-10-23 12:04:14 ----A---- C:\Windows\system32\synceng.dll
2014-10-23 12:04:12 ----A---- C:\Windows\system32\dpnet.dll
2014-10-23 12:04:09 ----A---- C:\Windows\system32\drivers\usb8023.sys
2014-10-23 12:04:07 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-10-23 12:04:04 ----A---- C:\Windows\system32\drivers\ataport.sys
2014-10-23 12:04:03 ----A---- C:\Windows\system32\netapi32.dll
2014-10-23 12:04:03 ----A---- C:\Windows\system32\browser.dll
2014-10-23 12:04:02 ----A---- C:\Windows\system32\browcli.dll
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbport.sys
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbohci.sys
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbhub.sys
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbehci.sys
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbd.sys
2014-10-23 12:04:01 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2014-10-23 12:03:58 ----A---- C:\Windows\system32\localspl.dll
2014-10-23 12:03:57 ----A---- C:\Windows\system32\wer.dll
2014-10-23 12:03:54 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 12:03:52 ----A---- C:\Windows\system32\drivers\usbcir.sys
2014-10-23 12:03:51 ----A---- C:\Windows\system32\webio.dll
2014-10-23 12:03:49 ----A---- C:\Windows\system32\qedit.dll
2014-10-23 12:03:48 ----A---- C:\Windows\system32\drivers\hidparse.sys
2014-10-23 12:03:48 ----A---- C:\Windows\system32\drivers\hidclass.sys
2014-10-23 12:03:47 ----A---- C:\Windows\system32\cdosys.dll
2014-10-23 12:03:41 ----A---- C:\Windows\system32\comctl32.dll
2014-10-23 12:03:39 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2014-10-23 12:03:39 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2014-10-23 12:03:39 ----A---- C:\Windows\system32\cdd.dll
2014-10-23 12:03:31 ----A---- C:\Windows\system32\msieftp.dll
2014-10-23 12:03:30 ----A---- C:\Windows\system32\drivers\portcls.sys
2014-10-23 12:03:30 ----A---- C:\Windows\system32\drivers\drmk.sys
2014-10-23 12:03:29 ----A---- C:\Windows\system32\msxml6.dll
2014-10-23 12:03:28 ----A---- C:\Windows\system32\msxml6r.dll
2014-10-23 12:03:27 ----A---- C:\Windows\system32\WebClnt.dll
2014-10-23 12:03:27 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2014-10-23 12:03:27 ----A---- C:\Windows\system32\davclnt.dll
2014-10-23 12:03:26 ----A---- C:\Windows\system32\rpcrt4.dll
2014-10-23 12:03:23 ----A---- C:\Windows\system32\rastls.dll
2014-10-23 12:03:21 ----A---- C:\Windows\system32\win32spl.dll
2014-10-23 12:03:20 ----A---- C:\Windows\system32\wwansvc.dll
2014-10-23 12:03:20 ----A---- C:\Windows\system32\wwanprotdim.dll
2014-10-23 12:03:13 ----A---- C:\Windows\system32\WMVDECOD.DLL
2014-10-23 12:03:12 ----A---- C:\Windows\system32\usp10.dll
2014-10-23 12:03:11 ----A---- C:\Windows\system32\qdvd.dll
2014-10-23 12:03:10 ----A---- C:\Windows\system32\drivers\partmgr.sys
2014-10-23 12:03:08 ----A---- C:\Windows\system32\drivers\ntfs.sys
2014-10-23 12:03:07 ----A---- C:\Windows\system32\profsvc.dll
2014-10-23 12:03:06 ----A---- C:\Windows\system32\msvcrt.dll
2014-10-23 12:03:04 ----A---- C:\Windows\system32\quartz.dll
2014-10-23 12:03:02 ----A---- C:\Windows\system32\IKEEXT.DLL
2014-10-23 12:03:02 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2014-10-23 12:03:01 ----A---- C:\Windows\system32\nshwfp.dll
2014-10-23 12:02:34 ----A---- C:\Windows\system32\secproc_isv.dll
2014-10-23 12:02:34 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2014-10-23 12:02:34 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2014-10-23 12:02:34 ----A---- C:\Windows\system32\RMActivate_isv.exe
2014-10-23 12:02:34 ----A---- C:\Windows\system32\RMActivate.exe
2014-10-23 12:02:33 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2014-10-23 12:02:33 ----A---- C:\Windows\system32\secproc_ssp.dll
2014-10-23 12:02:33 ----A---- C:\Windows\system32\secproc.dll
2014-10-23 12:02:33 ----A---- C:\Windows\system32\msdrm.dll
2014-10-23 11:41:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-10-23 11:41:07 ----A---- C:\Windows\system32\drivers\cng.sys
2014-10-23 11:41:06 ----A---- C:\Windows\system32\sspisrv.dll
2014-10-23 11:41:06 ----A---- C:\Windows\system32\sspicli.dll
2014-10-23 11:41:06 ----A---- C:\Windows\system32\secur32.dll
2014-10-23 11:41:06 ----A---- C:\Windows\system32\lsass.exe
2014-10-23 11:39:57 ----A---- C:\Windows\system32\appinfo.dll
2014-10-23 11:20:04 ----ASH---- C:\pagefile.sys
2014-10-23 11:20:04 ----ASH---- C:\hiberfil.sys
2014-10-23 11:07:55 ----A---- C:\Windows\system32\igxpun.exe
2014-10-23 11:06:35 ----A---- C:\Windows\system32\rdpcore.dll
2014-10-23 11:06:34 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2014-10-23 10:46:14 ----A---- C:\Windows\system32\wups2.dll
2014-10-23 10:46:14 ----A---- C:\Windows\system32\wucltux.dll
2014-10-23 10:46:14 ----A---- C:\Windows\system32\wuauclt.exe
2014-10-23 10:46:13 ----A---- C:\Windows\system32\wuaueng.dll
2014-10-23 10:46:02 ----A---- C:\Windows\system32\wups.dll
2014-10-23 10:46:02 ----A---- C:\Windows\system32\wudriver.dll
2014-10-23 10:46:02 ----A---- C:\Windows\system32\wuapi.dll
2014-10-23 10:45:55 ----A---- C:\Windows\system32\wuwebv.dll
2014-10-23 10:45:55 ----A---- C:\Windows\system32\wuapp.exe
2014-10-23 10:42:34 ----SD---- C:\Users\Oxfam\AppData\Roaming\Microsoft
2014-10-23 10:42:34 ----D---- C:\Users\Oxfam\AppData\Roaming\Macromedia
2014-10-23 10:42:34 ----D---- C:\Users\Oxfam\AppData\Roaming\LibreOffice
2014-10-23 10:42:34 ----D---- C:\Users\Oxfam\AppData\Roaming\Identities
2014-10-23 10:42:34 ----D---- C:\Users\Oxfam\AppData\Roaming\Adobe
2014-10-23 10:40:46 ----SHD---- C:\Recovery
2014-10-23 10:40:46 ----SHD---- C:\ProgramData\Modles
2014-10-23 10:40:46 ----SHD---- C:\ProgramData\Menu Dmarrer
2014-10-23 10:40:46 ----SHD---- C:\ProgramData\Favoris
2014-10-23 10:40:46 ----SHD---- C:\ProgramData\Bureau
2014-10-23 10:40:46 ----SHD---- C:\Program Files\Fichiers communs
2014-10-23 10:25:21 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 3 months======

2014-12-15 13:09:08 ----RD---- C:\Program Files
2014-12-15 13:08:23 ----D---- C:\Windows\Temp
2014-12-15 12:51:19 ----D---- C:\Windows\system32\config
2014-12-15 12:40:00 ----HD---- C:\ProgramData
2014-12-15 12:39:58 ----D---- C:\Windows\system32\Tasks
2014-12-15 12:37:09 ----D---- C:\Windows\winsxs
2014-12-15 12:36:20 ----D---- C:\Windows\system32\catroot2
2014-12-15 12:36:20 ----D---- C:\Windows\system32\catroot
2014-12-15 12:35:10 ----D---- C:\Windows\System32
2014-12-15 12:34:27 ----D---- C:\Windows\system32\drivers
2014-12-15 12:34:27 ----D---- C:\Windows\addins
2014-12-15 12:33:22 ----D---- C:\Windows\inf
2014-12-15 12:32:30 ----D---- C:\Windows\Tasks
2014-12-15 12:16:03 ----D---- C:\Windows\Prefetch
2014-12-15 12:05:54 ----SHD---- C:\Windows\Installer
2014-12-15 12:04:59 ----SHD---- C:\System Volume Information
2014-12-15 11:59:57 ----D---- C:\Windows\Downloaded Program Files
2014-12-14 23:08:09 ----D---- C:\Windows\rescache
2014-12-14 21:09:41 ----D---- C:\Windows\system32\nl-NL
2014-12-14 18:40:10 ----D---- C:\Windows
2014-12-10 16:57:22 ----D---- C:\Windows\AppCompat
2014-12-10 16:57:21 ----SD---- C:\ProgramData\Microsoft
2014-12-10 16:57:21 ----D---- C:\Windows\system32\fr-FR
2014-12-10 16:57:21 ----D---- C:\Windows\system32\en-US
2014-12-10 16:57:21 ----D---- C:\Windows\system32\de-DE
2014-12-10 16:57:21 ----D---- C:\Windows\PolicyDefinitions
2014-12-10 16:57:19 ----D---- C:\Program Files\Internet Explorer
2014-12-10 13:58:15 ----D---- C:\Windows\debug
2014-11-30 14:43:53 ----SHD---- C:\$Recycle.Bin
2014-11-22 06:50:40 ----D---- C:\Windows\system32\LogFiles
2014-11-21 08:16:53 ----D---- C:\Windows\system32\wdi
2014-11-18 20:45:25 ----D---- C:\Program Files\Common Files\microsoft shared
2014-11-14 17:51:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-12 22:25:21 ----D---- C:\Windows\Microsoft.NET
2014-11-12 22:24:45 ----RSD---- C:\Windows\assembly
2014-11-11 17:53:11 ----D---- C:\Windows\system32\FxsTmp
2014-11-10 17:31:28 ----D---- C:\Windows\Logs
2014-11-09 21:34:38 ----D---- C:\Program Files\Windows Sidebar
2014-11-09 21:34:38 ----D---- C:\Program Files\Windows Media Player
2014-11-09 21:34:38 ----D---- C:\Program Files\Windows Mail
2014-11-09 21:34:38 ----D---- C:\Program Files\Windows Journal
2014-11-09 21:34:38 ----D---- C:\Program Files\DVD Maker
2014-11-09 21:34:34 ----D---- C:\Windows\servicing
2014-11-09 21:34:34 ----D---- C:\Program Files\Windows Photo Viewer
2014-11-09 21:34:34 ----D---- C:\Program Files\Windows Defender
2014-11-09 21:34:34 ----D---- C:\Program Files\Common Files\System
2014-11-09 21:34:33 ----D---- C:\Windows\IME
2014-11-09 21:34:33 ----D---- C:\Windows\ehome
2014-11-09 21:34:33 ----D---- C:\Windows\DigitalLocker
2014-11-09 21:34:31 ----D---- C:\Windows\system32\winrm
2014-11-09 21:34:31 ----D---- C:\Windows\system32\oobe
2014-11-09 21:34:31 ----D---- C:\Windows\system32\migwiz
2014-11-09 21:34:21 ----D---- C:\Windows\system32\XPSViewer
2014-11-09 21:34:21 ----D---- C:\Windows\system32\sysprep
2014-11-09 21:34:21 ----D---- C:\Windows\system32\slmgr
2014-11-09 21:34:21 ----D---- C:\Windows\system32\Setup
2014-11-09 21:34:21 ----D---- C:\Windows\system32\migration
2014-11-09 21:34:21 ----D---- C:\Windows\system32\Boot
2014-11-09 21:34:20 ----D---- C:\Windows\system32\WCN
2014-11-09 21:34:20 ----D---- C:\Windows\system32\MUI
2014-11-09 21:34:20 ----D---- C:\Windows\system32\DriverStore
2014-11-09 21:34:20 ----D---- C:\Windows\system32\drivers\UMDF
2014-11-09 21:34:20 ----D---- C:\Windows\system32\Dism
2014-11-09 21:34:18 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2014-11-09 21:34:11 ----D---- C:\Windows\system32\com
2014-11-09 21:34:11 ----D---- C:\Windows\Speech
2014-11-09 21:34:11 ----D---- C:\Windows\AppPatch
2014-11-09 21:34:02 ----D---- C:\Windows\system32\drivers\en-US
2014-10-30 12:24:45 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-24 11:50:51 ----D---- C:\Windows\Panther
2014-10-24 11:38:00 ----RSD---- C:\Windows\Fonts
2014-10-24 10:36:19 ----D---- C:\Windows\system32\drivers\nl-NL
2014-10-24 10:36:18 ----D---- C:\Windows\system32\wbem
2014-10-24 10:07:32 ----D---- C:\Program Files\Microsoft Security Client
2014-10-23 17:04:20 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-23 16:50:41 ----D---- C:\Windows\system32\pt-PT
2014-10-23 16:50:41 ----D---- C:\Windows\system32\pt-BR
2014-10-23 16:50:41 ----D---- C:\Windows\system32\it-IT
2014-10-23 16:50:40 ----D---- C:\Windows\system32\zh-TW
2014-10-23 16:50:40 ----D---- C:\Windows\system32\zh-HK
2014-10-23 16:50:40 ----D---- C:\Windows\system32\zh-CN
2014-10-23 16:50:40 ----D---- C:\Windows\system32\tr-TR
2014-10-23 16:50:40 ----D---- C:\Windows\system32\sv-SE
2014-10-23 16:50:40 ----D---- C:\Windows\system32\ru-RU
2014-10-23 16:50:40 ----D---- C:\Windows\system32\pl-PL
2014-10-23 16:50:40 ----D---- C:\Windows\system32\nb-NO
2014-10-23 16:50:40 ----D---- C:\Windows\system32\ko-KR
2014-10-23 16:50:40 ----D---- C:\Windows\system32\ja-JP
2014-10-23 16:50:40 ----D---- C:\Windows\system32\hu-HU
2014-10-23 16:50:40 ----D---- C:\Windows\system32\fi-FI
2014-10-23 16:50:40 ----D---- C:\Windows\system32\es-ES
2014-10-23 16:50:40 ----D---- C:\Windows\system32\el-GR
2014-10-23 16:50:40 ----D---- C:\Windows\system32\cs-CZ
2014-10-23 16:50:39 ----D---- C:\Windows\system32\da-DK
2014-10-23 15:38:03 ----D---- C:\Program Files\Common Files
2014-10-23 11:22:07 ----D---- C:\Windows\system32\RTCOM
2014-10-23 10:42:33 ----RD---- C:\Users
2014-10-23 10:40:46 ----D---- C:\Windows\system32\Recovery
2014-10-23 10:40:46 ----D---- C:\Program Files\Windows NT
2014-10-23 10:35:13 ----D---- C:\Windows\system32\restore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 e1express;Pilote de la connexion rseau Intel(R) PRO/1000 PCI Express; C:\Windows\system32\DRIVERS\e1e6032.sys [2009-07-13 211456]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2007-07-09 44416]
R3 IFXTPM;IFXTPM; C:\Windows\system32\DRIVERS\IFXTPM.SYS [2007-01-23 36608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-26 1761696]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-12-15 114904]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 51928]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2009-07-13 1035776]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Pilote de filtre du bus AMD AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet*-*NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Priphrique Bluetooth (rseau personnel); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 cpuz134;cpuz134; \??\C:\Users\Oxfam\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2011-07-21 16640]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 39272]
S3 netw5v32;Pilote de carte de liaison WiFi sans fil Intel(R) 5000 Series pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Priphrique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
S3 sisagp;Filtre de bus AGP SIS; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TPM;Module de plateforme scurise (TPM); C:\Windows\system32\drivers\tpm.sys [2009-07-14 30720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;Filtre de bus AGP VIA; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Pilote de processeur VIA C7; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]
S2 37e018df;TrustMix; c:\Program Files\WheelandDeal\LowPrices.dll [2014-11-25 4125184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-11 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09 267440]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-11 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-22 102912]
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2011-11-14 311928]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-14 114288]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-05 1343400]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

-----------------EOF-----------------

---------- Bericht toegevoegd op 13:44 ---------- Vorige bericht was op 13:24 ----------

# AdwCleaner v4.105 - Rapport aangemaakt 15/12/2014 op 13:37:04
# Laatste Update 08/12/2014 door Xplode
# Database : 2014-12-13.4 [Live]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Gebruikersnaam : Oxfam - OXFAM-PC
# Gestart vanuit : C:\Users\Oxfam\Desktop\adwcleaner_4.105.exe
# Optie : Scannen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_govome.inspsearch.com_0.localstorage-journal
Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage
Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal
Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
Bestand Gevonden : C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
Bestand Gevonden : C:\Users\Oxfam\AppData\Roaming\Mozilla\Firefox\Profiles\7hpo4wzh.default\searchplugins\bingp.xml
Bestand Gevonden : C:\Windows\Reimage.ini
Map Gevonden : C:\Program Files\PC Speed Maximizer
Map Gevonden : C:\Program Files\siaaviingtoyiou
Map Gevonden : C:\ProgramData\6fba5ac53d40a5a5
Map Gevonden : C:\ProgramData\8050847087060886949
Map Gevonden : C:\ProgramData\deal2dealit
Map Gevonden : C:\ProgramData\siaaviingtoyiou
Map Gevonden : C:\ProgramData\WorldWideWebCoupon
Map Gevonden : C:\ProgramData\WorldWideWebCoupon
Map Gevonden : C:\Users\Oxfam\AppData\Roaming\Mozilla\Firefox\Profiles\7hpo4wzh.default\Extensions\GLx@2jLXrUkx.com
Map Gevonden : C:\Users\Oxfam\AppData\Roaming\Mozilla\Firefox\Profiles\7hpo4wzh.default\Extensions\l@l6peu

rg

***** [ Taken ] *****

Taak Gevonden : LaunchSignup
Taak Gevonden : PennyBee

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Gevonden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Sleutel Gevonden : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Sleutel Gevonden : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Sleutel Gevonden : HKCU\Software\Optimizer Pro
Sleutel Gevonden : HKCU\Software\Reimage
Sleutel Gevonden : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Sleutel Gevonden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Sleutel Gevonden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Sleutel Gevonden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
Sleutel Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}
Sleutel Gevonden : HKLM\SOFTWARE\Reimage

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Mozilla Firefox v33.1.1 (x86 nl)

[7hpo4wzh.default] - Regel gevonden : user_pref("extensions.PL4L2k3Jm6jyG2wL.scode", "try{(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.index[...]
[7hpo4wzh.default] - Regel gevonden : user_pref("extensions.PL4L2k3Jm6jyG2wL.url", "hxxp://guardo.info/sync2/?q=hfZ9ofqKhchEAen0rihTB6lKDzt4oktxtNtVh7n0rjnFrjw5rTaErjsGtMFHhd9FqdwFrjYGrjk8rHYMDMlGojUMAe4Uojw6qjsEpjrGqHCErjsFqHw4rjkMC6qUoj[...]
[7hpo4wzh.default] - Regel gevonden : user_pref("extensions.PhxwcueEkyd7ovbu.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\[...]
[7hpo4wzh.default] - Regel gevonden : user_pref("extensions.PhxwcueEkyd7ovbu.url", "hxxp://jpiservice.info/sync2/?q=hfZ9ofmEhShEAen0rihTB6lKDzt4oktxtNtVh7n0rjnFrTwErjsHpjrHtMFHhd9FqdwGrjnFqHnFqjsMDMlGojUMAe4Uojw9rdw9pdU4qTwFrjw5rHaFqjYHtN[...]

-\\ Google Chrome v38.0.2125.111

[C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gevonden [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1416339582&from=cor&uid=ST380815AS_6RW14H4M&q={searchTerms}
[C:\Users\Oxfam\AppData\Local\Google\Chrome\User Data\Default\Web data] - Gevonden [Search Provider] : hxxp://www.sweet-page.com/web/?type=ds&ts=1416339582&from=cor&uid=ST380815AS_6RW14H4M&q={searchTerms}

*************************

AdwCleaner[R0].txt - [5151 octets] - [15/12/2014 13:37:04]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5211 octets] ##########

abbs · 15 dec 2014

Hallo,

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met Zoek.exe.

Download

Zoek.exe naar het bureaublad.

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.

Zoek.exe uitvoeren (voor meer informatie kunt u deze handleiding raadplegen)
Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

Dubbelklik vervolgens op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:

Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

Code:

firefoxlook;
torpigcheck;
emptyfolderscheck;delete
chromelook;
C:\Program Files\siaaviingtoyiou;fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run];r
"PCKeeper2"=-;r
C:\ProgramData\Kromtech;fs
C:\ProgramData\8050847087060886949;vs
standardsearch;
C:\Program Files\MindJET;fs
C:\ProgramData\deal2dealit;fs
C:\ProgramData\6fba5ac53d40a5a5;fs
C:\Program Files\PC Speed Maximizer;fs
cpuz134;s
filesrcm;
autoclean;
startupall;

Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

anneken60 · 15 dec 2014

Dit zijn de resultaten van zoek.exe

abbs · 15 dec 2014

Hallo,

Voer AdwCleaner nogmaals uit en klik op verwijderen na het scannen.

AdwCleaner uitvoeren

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik vervolgens op de knop Scannen.
Wanneer de scan gereed is Klikt u vervolgens op de knop Verwijderen.
Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
Plaats dit logbestand als bijlage in het volgende bericht.

Download

MalwareBytes Anti-Malware bij voorkeur naar het bureaublad.

Dubbelklik op mbam-setup-2.0.exe om de installatie van Malwarebytes Anti-Malware te starten.
Volg de verdere aanwijzingen, de volledige installatieprocedure kunt u nalezen op de volgende link - Malwarebytes Anti-Malware installeren.
Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
De scan wordt nu automatisch gestart, gebruik de computer bij voorkeur niet tijdens de scan.

Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
- Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
- Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
- Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
- Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
- Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
- Selecteer het laatste Scanlogboek en klik op de knop Bekijk.
- Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
- Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
- Voeg het logbestand wat u zojuist heeft opgeslagen als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in Malwarebytes Anti-Malware bij Historie > Programmalogboeken)

anneken60 · 15 dec 2014

Hier de volgende resultaten, de reclame is nog steeds niet weg....

abbs · 15 dec 2014

Hallo,

In welke browser heb je die problemen nog?

anneken60 · 15 dec 2014

Google Chrome

abbs · 15 dec 2014

Hallo,

Google Chrome Browserinstellingen terugzetten:

Open Google Chrome en klik rechtsboven op het icoon met de drie streepjes.
Selecteer Instellingen.
Klik onderaan op Geavanceerde instellingen weergeven.
Klik onder het gedeelte 'Instellingen opnieuw instellen' op Instellingen opnieuw instellen.
Klik op Terugzetten in het dialoogvenster dat wordt weergegeven.
Sluit Google Chrome af om de wijzigingen door te voeren.

Vertel of dit heeft geholpen.

anneken60 · 15 dec 2014

Heel erg bedankt abbs, dit machientje werkt terug perfect.

abbs · 15 dec 2014

Hallo,

Dat is mooi doe nog het volgende;

Malwarebytes kan je laten staan en n maal in de week (na te hebben geupdate) je pc mee scannen.

Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

Download

Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet nu vinkjes voor de volgende items:

Remove disinfection tools
Purge System Restore
Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.

anneken60 · 15 dec 2014

Van harte bedankt, alles is ok.

abbs · 15 dec 2014

Hallo,

Bedankt en graag gedaan

windows 7 pc werkt bijna niet meer....

anneken60

Junior lid

abbs

Heeft veel posts

anneken60

Junior lid

Bijlagen

abbs

Heeft veel posts

anneken60

Junior lid

Bijlagen

abbs

Heeft veel posts

anneken60

Junior lid

abbs

Heeft veel posts

anneken60

Junior lid

abbs

Heeft veel posts

anneken60

Junior lid

abbs

Heeft veel posts

Nieuwste berichten

Wij waarderen jouw privacy