Hallo

Welkom, Gast. Alsjeblieft inloggen of registreren.

Recent

368 gasten, 0 leden

Welkom, Gast. Alsjeblieft inloggen of registreren.

29 maart 2024, 13:06:41

Login met gebruikersnaam, wachtwoord en sessielengte

Nieuws

Welkom op het vernieuwde NL Computer Forum!

Auteur Topic: continue pop-up beveiliging melding  (gelezen 20720 keer)

0 leden en 1 gast bekijken dit topic.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
continue pop-up beveiliging melding
« Gepost op: 8 juni 2013, 08:42:06 »
Hallo,

Ik krijg sinds kort continue het volgende bericht:
"Hoewel deze pagina is versleuteld, zullen de gegevens die u hebt ingevuld over een niet-versleutelde verbinding worden verzonden en kunnen ze gemakkelijk worden gelezen door derden.

Weet u zeker dat u wilt doorgaan met het verzenden van deze gegevens?"


Ik weet niet goed wat ik hiermee moet doen maar vind het ontzettend lastig omdat ik de melding vaak krijg.
Ik gebruik Firefox als mijn internet. En op hetzelfde momennt dat ik deze melding steeds krijg, krijg ik ook regelmatif pop-up met reclame, wat ook erg irritant is, zeker omdat ik het daarvoor nooit had.

Hopelijk kan iemand mij helpen.

Groetjes
Alissa

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #1 Gepost op: 8 juni 2013, 11:02:12 »
Welkom Alissa,

Begin met het volgende:

Stap 1:
Download AdwCleaner by Xplode naar je bureaublad.

Sluit alle openstaande programma's.
Windows XP: Dubbelklik op AdwCleaner.
Windows Vista, 7 en 8: Rechtsklik op AdwCleaner en klik op 'Als administrator uitvoeren...'.
Klik op Verwijderen.
In het venster '- AdwCleaner – Afsluiting van de programma's -' klik op OK.

Tijdens de opruim-actie zullen de snelkoppelingen verdwijnen, dit is normaal.
Na het verwijderen verschijnen 2 meldingen:
In het venster '- AdwCleaner – Informatie -' klik op OK.
In het venster '- AdwCleaner – Herstarten noodzakelijk -' klik op OK.

Nadat de computer herstart is, opent een logfile.
De logfile kun je ook vinden in de hoofdmap, bijv. C:\AdwCleaner[xx].txt
Kopieer en plak de inhoud van deze logfile in een nieuw bericht.

Stap 2:
Download zoek.exe naar het bureaublad.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Windows XP gebruikers: Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers: Rechtsklik op Zoek.exe en klik op Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
standardsearch;
installedprogs;
autoclean;
  • Klik nu op de knop "Run Script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Kopieer en plak de inhoud van het geopende logje in je volgend bericht.
    (Past het niet in 1 bericht, verdeel het dan over meerdere berichten.)

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #2 Gepost op: 9 juni 2013, 13:16:06 »
Dankjewel!
Helaas lukt het me vanaf stap 2 niet meer...Ik heb op je link geklikt om zo Download zoek.exe version 4.0.0.2 te downloaden, die heb ik op mijn bureaublad gezet, vervolgens heb ik mijn Avira uitgezet volgens de link die je erbij gezet had.
Maar als ik nu met rechtermuisknop op zoek.exe klik en uitvoeren als administrator klik, gebeurd er niet veel, ik krijg een pop-up "wilt u het volgende programma van een onbekende uitgever wijzigingen aan deze computer aan te brengen" en dan klink ik op ja. maar dan gebeurd er niets meer....

Hopelijk heb je hiervoor ook een oplossing voor mij...

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #3 Gepost op: 9 juni 2013, 13:29:05 »
Hoi Alissa,

Post eerst de inhoud van de logfile van AdwCleaner, zie stap 1.

Download daarna EnableCMD.exe.
Na het gebruik van de tool zal deze melding verschijnen:


Probeer daarna opnieuw Zoek.exe te starten.


Peter

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #4 Gepost op: 10 juni 2013, 09:58:25 »
Sorry, het klink misschien stom maar waar moet ik die posten?

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #5 Gepost op: 10 juni 2013, 18:21:12 »
Hoi Alissa,

Citaat
Sorry, het klink misschien stom maar waar moet ik die posten?
Open met Notepad de logfile van AdwCleaner.
Kopieer en plak de inhoud in een nieuw bericht.

Als bovenstaande niet lukt mag je de logfile ook als bijlage aan je bericht toevoegen.
Gebruik hiervoor de knop "Een bijlage toevoegen" onder de berichten-editor.


Peter

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #6 Gepost op: 10 juni 2013, 22:08:46 »
Dankje voor het helpen, ik  heb de bijlage toegevoegd en heb geprobeerd EnableCMD.exe. te gebruiken, maar als ik dubbelklik of het via administrator doe, krijg ik wel eerst een pop up en dan klik ik op ja, maar er gebeurd weer niets....ik heb echt geen idee wat ik verkeerd doe...

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #7 Gepost op: 10 juni 2013, 22:22:51 »
Hoi Alissa,
Citaat
ik heb echt geen idee wat ik verkeerd doe...
Wie zegt dat jij iets verkeerd doet. Mogelijk komt dit door de infectie(s) op je computer .
AdwCleaner heeft al flink opgeruimd.

We gaan een andere tool proberen.
Download OTL naar je bureaublad.

Sluit alle openstaande programma's zodat het programma ongestoord zijn werk kan doen.
Windows XP: Dubbelklik op OTL.com om het programma te starten.
Windows Vista,7,8: Rechtsklik op OTL.com en klik op Als administrator uitvoeren.
Zet een vinkje bij Scan All Users.
Klik op de knop Quick Scan.
Verander verder geen instellingen van OTL. De scan zal niet heel erg lang duren.

Na de scan zullen twee kladblok-vensters geopend worden, OTL.txt en Extras.txt.
Deze bestanden zijn opgeslagen in dezelfde locatie als OTL.

Post deze 2 bestanden ook weer als bijlage.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #8 Gepost op: 10 juni 2013, 22:57:29 »
Volgens mij is dat wat ik je nu moet sturen...
Nogmaals echt bedankt dat je me wilt helpen.

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #9 Gepost op: 10 juni 2013, 23:27:55 »
Hoi Alissa,

De bijlages zijn niet goed leesbaar.
Open de 2 logbestanden nogmaals met Notepad.
Kopieer en plak de inhoud in je volgend bericht.
Als dit niet in 1 bericht past, verdeel het dan over meerdere berichten.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #10 Gepost op: 10 juni 2013, 23:37:30 »
Ik heb het in een word bestand gezet, ik weet niet of dat helpt, aangezien het de veel woorden zijn voor dit bericht.

Offline Peter

  • Sysop
  • *****
  • Berichten: 5.683
  • Geslacht: Man
Re: continue pop-up beveiliging melding
« Reactie #11 Gepost op: 10 juni 2013, 23:42:33 »
Hoi Alissa,

Nee, dit is ook niet goed.
Dergelijke tekstverwerkers kunnen de logbestanden ook verminken.
Ik weet dat het veel tekst is om te kopiëren en plakken maar zo zal je het toch moeten doen.

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #12 Gepost op: 10 juni 2013, 23:58:28 »
OTL logfile created on: 10-6-2013 21:34:45 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Alissa\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000413 | Country: Nederland | Language: NLD | Date Format: d-M-yyyy
 
3,80 Gb Total Physical Memory | 2,49 Gb Available Physical Memory | 65,40% Memory free
7,61 Gb Paging File | 5,91 Gb Available in Paging File | 77,74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,01 Gb Total Space | 170,01 Gb Free Space | 37,70% Space Free | Partition Type: NTFS
 
Computer Name: ALISSA-PC | User Name: Alissa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013-06-10 21:31:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alissa\Desktop\OTL.com
PRC - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013-05-06 09:28:54 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013-04-04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013-03-28 22:27:13 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013-03-28 22:26:55 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013-03-27 15:18:02 | 001,098,072 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
PRC - [2013-03-27 15:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013-03-16 04:49:18 | 000,046,816 | ---- | M] () -- C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
PRC - [2013-02-25 21:04:45 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
PRC - [2013-02-25 15:50:10 | 000,704,520 | ---- | M] () -- C:\Windows\SysWOW64\C2MP\TrayMenu.exe
PRC - [2013-01-23 20:58:25 | 000,348,160 | ---- | M] () -- C:\ProgramData\BetterSoft\EasylifeGadget Updater\EasylifeGadget Updater.exe
PRC - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013-05-15 11:41:46 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\98e8641e2ca570f03352a91836b0b97a\System.ServiceModel.Routing.ni.dll
MOD - [2013-05-15 11:41:45 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0e5d2997438866de453e8b1401d84398\System.ServiceModel.Discovery.ni.dll
MOD - [2013-05-15 11:41:44 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3a75004c8363a598f4997686c16ae55e\System.ServiceModel.Channels.ni.dll
MOD - [2013-05-15 11:41:43 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4dbbfceeddfc9180d5f621f0fc586e2c\System.ServiceModel.Activities.ni.dll
MOD - [2013-05-15 11:41:41 | 018,080,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll
MOD - [2013-05-15 11:41:19 | 001,078,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll
MOD - [2013-05-15 11:39:37 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll
MOD - [2013-05-15 11:39:36 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
MOD - [2013-05-15 11:39:33 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8732d692f02402dbd81280b0d3c4f6a9\System.Xml.Linq.ni.dll
MOD - [2013-05-15 10:14:49 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013-05-15 10:14:48 | 018,002,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll
MOD - [2013-05-15 10:14:36 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013-05-15 10:14:28 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll
MOD - [2013-05-15 10:14:20 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013-05-15 10:14:15 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll
MOD - [2013-03-16 04:49:18 | 000,046,816 | ---- | M] () -- C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
MOD - [2013-02-25 21:04:45 | 000,142,336 | ---- | M] () -- C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
MOD - [2013-02-25 15:50:10 | 000,704,520 | ---- | M] () -- C:\Windows\SysWOW64\C2MP\TrayMenu.exe
MOD - [2013-01-12 02:04:55 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
MOD - [2013-01-12 02:04:51 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013-01-11 08:02:57 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
MOD - [2013-01-11 08:02:32 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013-01-11 08:02:22 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013-01-11 08:02:14 | 009,094,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013-01-11 08:02:05 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2012-11-28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012-11-28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2010-06-17 22:10:14 | 000,258,048 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009-07-14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009-03-03 03:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013-05-22 08:35:24 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013-05-14 23:11:05 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013-05-11 11:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013-04-04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013-04-04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013-03-28 22:27:13 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013-03-28 22:26:55 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013-03-27 15:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013-02-28 19:25:34 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012-10-02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2010-03-18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009-06-10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013-04-04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013-03-28 22:27:17 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013-03-28 22:27:17 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013-03-28 22:27:17 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012-12-13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012-08-23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012-08-23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012-08-21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012-03-01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012-01-10 23:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011-08-17 09:04:34 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64)
DRV:64bit: - [2011-08-17 09:04:28 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64)
DRV:64bit: - [2011-07-01 16:08:04 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011-06-10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011-03-11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011-03-11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010-11-20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010-06-17 22:10:14 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009-09-17 20:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009-07-14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009-07-14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009-07-14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009-06-10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009-06-10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009-06-10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009-06-10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009-07-14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #13 Gepost op: 10 juni 2013, 23:58:57 »
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/?pid=388&src=ie1&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = http://searchy.easylifeapp.com/?q={searchTerms}&pid=388&src=ie2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://searchy.easylifeapp.com/?pid=388&src=ie1&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes,DefaultScope = {01bd49d7-c76b-4310-8beb-14d7e5f322c6}
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6}: "URL" = http://searchy.easylifeapp.com/?q={searchTerms}&pid=388&src=ie2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&r=654
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..\SearchScopes\{D859E822-3CD6-4658-84FD-C3A37832F8F9}: "URL" = http://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=888596&p={searchTerms}
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "EasyLife"
FF - prefs.js..browser.search.defaultenginename,S: S", "EasyLife"
FF - prefs.js..browser.search.defaulturl: "http://searchy.easylifeapp.com/?pid=388&src=ff2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB&l=1&q="
FF - prefs.js..browser.search.order.1: "EasyLife"
FF - prefs.js..browser.search.order.1,S: S", "EasyLife"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=888596"
FF - prefs.js..browser.search.selectedEngine: "EasyLife"
FF - prefs.js..browser.search.selectedEngine,S: S", "EasyLife"
FF - prefs.js..browser.startup.homepage: "www.google.nl"
FF - prefs.js..extensions.enabledAddons: %7B66E978CD-981F-47DF-AC42-E3CF417C1467%7D:0.4.3
FF - prefs.js..extensions.enabledAddons: %7BEDA7B1D7-F793-4e03-B074-E6F303317FB0%7D:1.2.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "http://searchy.easylifeapp.com/?pid=388&src=ff2&r=2013/06/10&hid=1943649385&lg=EN&cc=GB&l=1&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-05-22 08:35:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013-05-22 08:35:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2013-01-02 13:01:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\Extensions
[2013-06-10 21:02:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\Firefox\Profiles\i31ypmfx.default\extensions
[2013-06-10 21:02:02 | 000,000,000 | ---D | M] (SearchNewTab) -- C:\Users\Alissa\AppData\Roaming\mozilla\Firefox\Profiles\i31ypmfx.default\extensions\qzsk@eyeu.net
[2013-01-14 20:45:59 | 000,005,482 | ---- | M] () (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\50f46537907fe@50f4653790837.com.xpi
[2013-02-19 15:43:35 | 000,213,444 | ---- | M] () (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\torntv@torntv.com.xpi
[2013-01-02 16:22:06 | 000,003,793 | ---- | M] () (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi
[2013-01-02 17:50:28 | 000,091,556 | ---- | M] () (No name found) -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi
[2013-06-10 21:01:55 | 000,000,583 | ---- | M] () -- C:\Users\Alissa\AppData\Roaming\mozilla\firefox\profiles\i31ypmfx.default\searchplugins\EasyLife.xml
[2013-05-22 08:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013-05-22 08:35:18 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013-05-22 08:35:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013-05-22 08:35:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - Extension: SearchNewTab = C:\Users\Alissa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aehbccjhjmoijijclangcijnfclbjhge\1\
 
O1 HOSTS File: ([2009-06-10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SearchNewTab) - {D65B654A-A2D3-D974-D83C-F3B55460911A} - C:\ProgramData\SearchNewTab\51b6311fb505a.dll ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Alissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files (x86)\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2377495357-3556135038-2084699557-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23E619A1-5869-421D-A618-1892CA8221A4}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20 - AppInit_DLLs: (c:\progra~2\easylife\sprote~1.dll) - c:\Program Files (x86)\EasyLife\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

Offline alissa_m14
  • Net nieuw
  • *
  • Berichten: 30
  • Geslacht: Vrouw
Re: continue pop-up beveiliging melding
« Reactie #14 Gepost op: 10 juni 2013, 23:59:23 »
========== Files/Folders - Created Within 30 Days ==========
 
[2013-06-10 21:31:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Alissa\Desktop\OTL.com
[2013-06-10 21:04:07 | 000,538,254 | ---- | C] (www.sordum.net) -- C:\Users\Alissa\Desktop\EnableCMD.exe
[2013-06-10 21:02:00 | 000,000,000 | ---D | C] -- C:\ProgramData\StarApp
[2013-06-10 21:01:58 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft
[2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SearchNewTab
[2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab
[2013-06-10 21:01:57 | 000,000,000 | ---D | C] -- C:\Users\Alissa\AppData\Local\Google
[2013-06-10 21:01:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EasyLife
[2013-06-10 21:01:45 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013-06-03 14:17:23 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Nieuwe map
[2013-06-02 21:41:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013-05-31 22:43:20 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Apple Blossom
[2013-05-31 22:14:59 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Beer Barrel Polka
[2013-05-31 21:14:15 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Tico tico
[2013-05-31 21:08:21 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Shoo Shoo baby
[2013-05-31 20:59:44 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Beat me daddy eight to the bar
[2013-05-29 23:22:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
[2013-05-29 23:22:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2013-05-29 20:40:45 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Rum and coca cola
[2013-05-29 20:32:38 | 012,800,512 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idtcpl64.cpl
[2013-05-29 20:32:38 | 003,467,264 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
[2013-05-29 20:32:38 | 000,564,224 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\idt64mp1.exe
[2013-05-29 08:14:36 | 000,000,000 | ---D | C] -- C:\Users\Alissa\AppData\Local\ElevatedDiagnostics
[2013-05-22 08:35:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013-05-21 20:22:19 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Chattanooga choo choo
[2013-05-21 20:21:56 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\don't sit under the apple tree
[2013-05-21 20:21:33 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\Bei mir bist du shoen
[2013-05-21 20:21:08 | 000,000,000 | ---D | C] -- C:\Users\Alissa\Desktop\In the mood
[2013-05-19 23:38:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013-05-19 23:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013-05-19 23:37:42 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013-05-19 23:37:42 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013-05-13 21:09:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Meridian93
[2013-05-13 20:43:32 | 000,000,000 | ---D | C] -- C:\Users\Alissa\AppData\Roaming\Meridian93
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013-06-10 21:31:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alissa\Desktop\OTL.com
[2013-06-10 21:07:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013-06-10 21:04:22 | 000,538,254 | ---- | M] (www.sordum.net) -- C:\Users\Alissa\Desktop\EnableCMD.exe
[2013-06-10 21:01:59 | 000,000,478 | -H-- | M] () -- C:\Windows\tasks\schedule!2844174011.job
[2013-06-10 20:55:33 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013-06-10 20:55:33 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013-06-10 20:48:16 | 000,001,093 | ---- | M] () -- C:\Users\Alissa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BBC iPlayer Desktop.lnk
[2013-06-10 20:47:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013-06-10 20:47:22 | 3062,910,976 | -HS- | M] () -- C:\hiberfil.sys
[2013-06-09 10:49:53 | 000,648,201 | ---- | M] () -- C:\Users\Alissa\Desktop\adwcleaner.exe
[2013-06-06 10:07:25 | 000,001,798 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2013-06-06 10:07:25 | 000,001,798 | ---- | M] () -- C:\Users\Alissa\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2013-06-02 21:41:20 | 312,795,965 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013-05-31 00:14:45 | 004,996,283 | ---- | M] () -- C:\Users\Alissa\Desktop\bass The Andrews Sisters - Boogie Woogie Bugle Boy (Backing Track Instrumentale)(2).mp3
[2013-05-29 23:22:30 | 000,001,901 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
[2013-05-29 23:22:30 | 000,001,866 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[2013-05-27 08:09:56 | 001,549,262 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013-05-27 08:09:56 | 000,701,564 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2013-05-27 08:09:56 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013-05-27 08:09:56 | 000,133,564 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2013-05-27 08:09:56 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013-05-25 22:06:26 | 004,513,122 | ---- | M] () -- C:\Users\Alissa\Desktop\Jane Russell - Buttons And Bows (Backing Track Instrumentale).mp3
[2013-05-19 23:38:13 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013-05-15 12:46:51 | 000,415,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013-06-10 21:01:58 | 000,000,478 | -H-- | C] () -- C:\Windows\tasks\schedule!2844174011.job
[2013-06-09 10:49:43 | 000,648,201 | ---- | C] () -- C:\Users\Alissa\Desktop\adwcleaner.exe
[2013-06-02 21:41:20 | 312,795,965 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013-05-31 00:14:42 | 004,996,283 | ---- | C] () -- C:\Users\Alissa\Desktop\bass The Andrews Sisters - Boogie Woogie Bugle Boy (Backing Track Instrumentale)(2).mp3
[2013-05-29 23:22:30 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
[2013-05-29 23:22:30 | 000,001,866 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk
[2013-05-29 20:58:42 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013-05-25 22:06:23 | 004,513,122 | ---- | C] () -- C:\Users\Alissa\Desktop\Jane Russell - Buttons And Bows (Backing Track Instrumentale).mp3
[2013-05-19 23:38:13 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013-03-16 04:49:24 | 000,038,736 | ---- | C] () -- C:\Windows\SysWow64\dischandler.exe
[2013-03-13 20:39:34 | 003,915,776 | ---- | C] () -- C:\Windows\SysWow64\ffmpeg.dll
[2013-03-13 20:38:34 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2013-03-13 20:35:56 | 000,271,360 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2013-03-13 20:35:38 | 000,157,184 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2013-03-13 20:35:36 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2013-03-13 20:35:36 | 000,099,840 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2013-03-13 20:35:34 | 001,525,760 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2013-03-13 20:35:34 | 000,211,968 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2013-03-13 20:35:34 | 000,114,688 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2013-02-10 15:15:04 | 000,384,472 | ---- | C] () -- C:\Windows\SysWow64\swscale-lav-2.dll
[2013-02-10 15:15:04 | 000,188,072 | ---- | C] () -- C:\Windows\SysWow64\libbluray.dll
[2013-02-10 15:15:02 | 007,833,552 | ---- | C] () -- C:\Windows\SysWow64\avcodec-lav-54.dll
[2013-02-10 15:15:02 | 001,256,952 | ---- | C] () -- C:\Windows\SysWow64\avformat-lav-54.dll
[2013-02-10 15:15:02 | 000,247,920 | ---- | C] () -- C:\Windows\SysWow64\avutil-lav-52.dll
[2013-02-10 15:15:02 | 000,169,888 | ---- | C] () -- C:\Windows\SysWow64\avfilter-lav-3.dll
[2013-02-10 15:15:02 | 000,165,160 | ---- | C] () -- C:\Windows\SysWow64\avresample-lav-1.dll
[2013-01-30 20:46:06 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012-09-29 23:47:28 | 000,000,178 | ---- | C] () -- C:\Windows\SysWow64\Formats.ini
[2012-01-10 23:27:26 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2012-01-10 23:27:26 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2012-01-10 23:27:26 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2012-01-10 22:29:54 | 013,904,384 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011-12-07 20:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\Lagarith.dll
[2011-09-08 15:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2011-09-08 15:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2011-09-08 15:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2011-09-08 15:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2011-09-08 15:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2011-09-08 15:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2011-09-08 15:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2011-09-08 15:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2011-09-08 14:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2011-09-08 14:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2011-06-24 04:58:32 | 000,242,259 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011-06-24 04:58:04 | 000,877,296 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
 
========== ZeroAccess Check ==========
 
[2009-07-14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013-02-27 06:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013-02-27 05:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013-02-22 23:16:25 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\8floor
[2013-02-21 15:30:59 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\AlawarEntertainment
[2013-03-06 23:29:04 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Artifex Mundi
[2013-05-06 18:22:04 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Audacity
[2013-06-08 09:08:21 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Azureus
[2013-02-25 21:04:56 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
[2013-02-21 14:51:55 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Blue Tea Games
[2013-02-19 16:12:54 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Boolat Games
[2013-02-17 20:08:35 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Boomzap
[2013-02-16 21:57:46 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Color Brush
[2013-02-10 14:03:32 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Eipix
[2013-03-06 23:26:38 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Elephant Games
[2013-05-09 21:29:17 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\ERS Game Studios
[2013-02-12 19:10:59 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Fenomen Games
[2013-01-03 13:30:05 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Games
[2013-05-07 10:57:26 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Garmin
[2013-05-11 17:17:20 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\GetRightToGo
[2013-02-10 10:11:26 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Ghost Ship Studios
[2013-02-12 19:15:42 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Gogii Games
[2013-01-03 12:11:23 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Legacy Games
[2013-01-03 17:34:25 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\LestaStudio
[2013-02-26 21:52:27 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Maximize Games
[2013-05-13 20:43:32 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Meridian93
[2013-02-20 22:01:27 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\PlayFavoriteGames
[2013-01-02 14:38:55 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Raptr
[2013-02-17 21:14:26 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\SulusGames
[2013-01-07 14:34:45 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\tabagames
[2013-03-28 22:55:00 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\TuneUpMedia
[2013-01-25 20:53:04 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\Vast Studios
[2013-01-10 22:16:30 | 000,000,000 | ---D | M] -- C:\Users\Alissa\AppData\Roaming\WindSolutions
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 233 bytes -> C:\ProgramData\TEMP:8BAD6F90
@Alternate Data Stream - 232 bytes -> C:\ProgramData\TEMP:97CA3B9E
@Alternate Data Stream - 213 bytes -> C:\ProgramData\TEMP:E33C786A
@Alternate Data Stream - 197 bytes -> C:\ProgramData\TEMP:C5AE4E07
@Alternate Data Stream - 149 bytes -> C:\ProgramData\TEMP:6EFFF8B9
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:98CF1A39
@Alternate Data Stream - 148 bytes -> C:\ProgramData\TEMP:0FAE191E
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:8866C899
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:7D938C9B
@Alternate Data Stream - 146 bytes -> C:\ProgramData\TEMP:2339C9FD
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:FD4C7AD3
@Alternate Data Stream - 144 bytes -> C:\ProgramData\TEMP:EF0BD3A1
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:AD179392
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:09629F6E
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:BF6C4AAC
@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:036AA5DD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:5C42F64A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:0B278A1A
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:BB99F46B
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:B504E4C2
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:01F9D1B4
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:94B25DF5
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:8B480195
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:3D1D487A
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4A5CFD3B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:48D6EA0F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:02172F27
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:E94FA418
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:B21F2857
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:5A068EE1
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:C00C7190
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:CB3667AF
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:59A6876B
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:234E9CC5
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:0CEE6109
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:F3A185AE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:8F6B75BF
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:460638C7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:E517FE76
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:48BCFDB6
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:1CF1FB36
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:D434342F
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:3241739E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:CCD8056E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:709E81D4
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:04BC9A2C
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:9524D821
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:7EB93F0E

< End of report >