Zoek.exe v5.0.0.0 Updated 15-08-2014 Tool run by lucky on zo 17/08/2014 at 13:29:43,42. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\lucky\Downloads\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-08-17-111758.log 46178 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\lucky\Downloads\zoek (1).exe C:\Program Files\Microsoft Games\Hearts\Hearts.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 1014 MB CPU Info: Genuine Intel(R) CPU T2300 @ 1.66GHz CPU Speed: 1661,6 MHz Sound Card: Hoofdtelefoon (High Definition | Apparaat voor digitale uitvoer | Display Adapters: Mobile Intel(R) 945GM Express Chipset Controller 0 (Microsoft Corporation - WDDM) | Mobile Intel(R) 945GM Express Chipset Controller 0 (Microsoft Corporation - WDDM) | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Atheros AR5007UG Wireless Network Adapter | Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T10N Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 93,2GB | D: 18,6GB Hard Disks - Free: C: 41,2GB | D: 13,5GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 01/15/07 | MEDION - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDION WIM2120 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 35.0.1916.114 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 35.0.1916.114 Adobe Reader version: 10.1.10.18 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\lucky\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-08-17 08:28:43 667A4DAAD3AA57B1051484BAC057CF7C 619664 ----a-w- C:\Windows\System32\icardagt.exe 2014-08-17 08:28:43 3662E6500C477AC0DFAECE4CF7B163B8 99480 ----a-w- C:\Windows\System32\infocardapi.dll 2014-08-17 08:28:42 A86F5EEC0ACEC16906532F2B1A7C00B6 8856 ----a-w- C:\Windows\System32\icardres.dll 2014-08-17 08:28:17 E66A29C118DE2FE3E5766E5C7A2E8E2B 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2014-08-16 10:42:27 D6BACADF83661F08F9E1515AAE74B03E 92672 ----a-w- C:\Windows\System32\UIAnimation.dll 2014-08-16 10:42:27 22C2646DD3ED24004F994D0DA9755955 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll 2014-08-16 10:42:26 8C459CFAC2FB3DFB693BCFEC32F25407 3023360 ----a-w- C:\Windows\System32\UIRibbon.dll 2014-08-16 10:40:23 9B9108D3019C18BD6D38B860813E6E52 31232 ----a-w- C:\Windows\System32\BthMtpContextHandler.dll 2014-08-16 10:40:23 801FBDB89D472B3C467EB112A0FC9246 81920 ----a-w- C:\Windows\System32\wpdbusenum.dll 2014-08-16 10:40:23 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe 2014-08-16 10:40:21 B53BD9E63867CD9FD853F666CA172713 60928 ----a-w- C:\Windows\System32\PortableDeviceConnectApi.dll 2014-08-16 10:40:20 58E42DDB9F734E8DBDA17E806EF3F64A 33280 ----a-w- C:\Windows\System32\WpdConns.dll 2014-08-16 10:40:20 3501443C148C780E8CE6B5108CE6D95E 61952 ----a-w- C:\Windows\System32\WpdMtpUS.dll 2014-08-16 10:40:19 E92143D1B2E32FAF6CC56FD97B908F6A 2537472 ----a-w- C:\Windows\System32\wpdshext.dll 2014-08-16 10:40:19 81072240917688254A55C1C568B2377B 546816 ----a-w- C:\Windows\System32\wpd_ci.dll 2014-08-16 10:40:18 C220FC95DA7AD00AB03C184AFDDC5314 196608 ----a-w- C:\Windows\System32\PortableDeviceWMDRM.dll 2014-08-16 10:40:18 B2B117BD8D1EA80536CDD91797EF4A0A 100864 ----a-w- C:\Windows\System32\PortableDeviceClassExtension.dll 2014-08-16 10:40:18 A8FB1B20C5ABD1817B7F96251293BFF9 226816 ----a-w- C:\Windows\System32\WpdMtp.dll 2014-08-16 10:40:18 883D02AB5D350BC45E0F60E8CFA97FDC 160256 ----a-w- C:\Windows\System32\PortableDeviceTypes.dll 2014-08-16 10:40:18 6B5C53E0932C510606D700B7A896EF73 87552 ----a-w- C:\Windows\System32\WPDShServiceObj.dll 2014-08-16 10:40:18 49456BFE373D90B895795C5A1A13A7C8 350208 ----a-w- C:\Windows\System32\WPDSp.dll 2014-08-16 10:40:18 2205A220A264E8C8B86492BF3D112907 334848 ----a-w- C:\Windows\System32\PortableDeviceApi.dll 2014-08-16 09:48:20 8FAD1550A16432D56CF6F40953797345 332800 ----a-w- C:\Windows\System32\msihnd.dll 2014-08-16 09:48:20 8F7D200717A58E9800D391F4C2101577 33280 ----a-w- C:\Windows\System32\appinfo.dll 2014-08-16 09:48:20 5E50B8E904FCB8DFC7C29BD3FEB7A593 82432 ----a-w- C:\Windows\System32\consent.exe 2014-08-16 09:48:20 1BD89641D9B1012796AFADAB9A659974 1993728 ----a-w- C:\Windows\System32\authui.dll 2014-08-16 09:48:20 11CFE871D27B4C3485E84BE9E48FFF5E 2263552 ----a-w- C:\Windows\System32\msi.dll 2014-08-16 09:43:55 31F57ACBE76A0E17976E18614DE58399 37376 ----a-w- C:\Windows\System32\cdd.dll 2014-08-16 09:43:04 7191E1CBF4A7A1C0EEC08DED6F6A18A3 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-08-16 09:38:51 61D9AD9E55D7A1E10C0EF701ADE1C486 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-08-16 09:38:51 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\System32\msls31.dll 2014-08-16 09:38:51 0510617D8970EFFEAF0925CC578E8A6C 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2014-08-16 09:38:47 83048D7A0993EF8D45D1CACA205F8C5E 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2014-08-16 09:38:46 ACFC12807A5EA0771EE5A602CCDE7E64 1106432 ----a-w- C:\Windows\System32\urlmon.dll 2014-08-16 09:38:46 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\System32\msrating.dll 2014-08-16 09:38:45 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2014-08-16 09:38:45 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2014-08-16 09:38:44 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\System32\iesysprep.dll 2014-08-16 09:38:44 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\System32\mshtmler.dll 2014-08-16 09:38:44 6D85994A1B5B811E19CF761AF42B3453 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-08-16 09:38:44 2A88BA359F10E9957EE08BC01C1DD764 9711616 ----a-w- C:\Windows\System32\ieframe.dll 2014-08-16 09:38:43 76EB0222590D5DCD050CF862237F414A 63488 ----a-w- C:\Windows\System32\tdc.ocx 2014-08-16 09:38:43 47297C4CA64236DA125951A8879D512B 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2014-08-16 09:38:43 3529CC014F68A6807599B0B4E4D79879 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-08-16 09:38:43 09C9E7F477FB225FDB3B6DE8FED0AA9B 367104 ----a-w- C:\Windows\System32\html.iec 2014-08-16 09:38:42 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\System32\iernonce.dll 2014-08-16 09:38:42 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-08-16 09:38:42 CF17BB569F00CBFB31ADD37E6D0CE49F 231936 ----a-w- C:\Windows\System32\url.dll 2014-08-16 09:38:42 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-08-16 09:38:42 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\System32\ieapfltr.dat 2014-08-16 09:38:42 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\System32\iesetup.dll 2014-08-16 09:38:42 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\System32\icardie.dll 2014-08-16 09:38:42 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\System32\ieuinit.inf 2014-08-16 09:38:41 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-08-16 09:38:41 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\System32\licmgr10.dll 2014-08-16 09:38:41 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\System32\inseng.dll 2014-08-16 09:38:41 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\System32\webcheck.dll 2014-08-16 09:38:41 1FC96DDA638BD3BEFD8065515F2AF4C4 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-08-16 09:38:40 87061403346685B82D9E1300EBD0D84C 73728 ----a-w- C:\Windows\System32\mshtmled.dll 2014-08-16 09:38:40 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\System32\wextract.exe 2014-08-16 09:38:40 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\System32\iexpress.exe 2014-08-16 09:38:39 1194A8254BCB718632C9FD59B536E59D 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-08-16 09:38:38 BEFE2A3B0FD950E895A623DF4238247E 12353024 ----a-w- C:\Windows\System32\mshtml.dll 2014-08-16 09:38:38 7C5308EF989ED1D58FF104D6685EC19F 421376 ----a-w- C:\Windows\System32\vbscript.dll 2014-08-16 09:38:38 50A9D2A6D74339C927B73F1DEA396380 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-08-16 09:38:37 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\System32\ieakui.dll 2014-08-16 09:38:37 9CE5BD4C26F8DE6FB34AF91F9A5EF30F 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-08-16 09:38:37 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\System32\occache.dll 2014-08-16 09:38:37 520F221209823156E53F5022C7106BC9 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-08-16 09:38:37 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\System32\ieaksie.dll 2014-08-16 09:38:37 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\System32\admparse.dll 2014-08-16 09:38:37 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\System32\pngfilt.dll 2014-08-16 09:38:36 A4636CC74620EC3EE05131655E36FBFB 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-08-16 09:38:36 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\System32\iepeers.dll 2014-08-16 09:38:36 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\System32\imgutil.dll 2014-08-16 09:38:36 07AA09C276D0A9AAF215C5831FC5A068 1810432 ----a-w- C:\Windows\System32\jscript9.dll 2014-08-16 09:38:36 031DA76A5A7DC13F015DD3491394865E 114176 ----a-w- C:\Windows\System32\advpack.dll 2014-08-16 09:38:35 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\System32\IEAdvpack.dll 2014-08-16 09:38:35 6B65935D3CC6067A21CF2A546FF0E860 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-08-16 09:38:35 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\System32\ieakeng.dll 2014-08-16 09:38:35 01DF51C566DBD1FD2EB71FC1F7ED0163 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-08-16 09:33:57 BC5E45CB2304AFB4D2EF2FD9C41299AF 979456 ----a-w- C:\Windows\System32\MFH264Dec.dll 2014-08-16 09:33:57 44CEE5264282105A89B650FDB07E40FF 357376 ----a-w- C:\Windows\System32\MFHEAACdec.dll 2014-08-16 09:33:56 BF142D4F8C61ED3629A9CDD7BA867900 209920 ----a-w- C:\Windows\System32\mfplat.dll 2014-08-16 09:33:56 B9103A56ACABDED3E87C2A8777B6456C 98816 ----a-w- C:\Windows\System32\mfps.dll 2014-08-16 09:33:56 7BE8835CA7E2975F2E865CEEE8821EB6 261632 ----a-w- C:\Windows\System32\mfreadwrite.dll 2014-08-16 09:33:56 743B1957729DE905DC44782A957FD284 302592 ----a-w- C:\Windows\System32\mfmp4src.dll 2014-08-16 09:33:56 67D16247C56C26A4F0D79D1A7F272B8F 2873344 ----a-w- C:\Windows\System32\mf.dll 2014-08-16 09:33:55 B5950DF243837D8217F4E597919B224A 586240 ----a-w- C:\Windows\System32\stobject.dll 2014-08-16 09:33:55 167AC31450C0C53A01FA1491E94D7678 1075712 ----a-w- C:\Windows\System32\shdocvw.dll 2014-08-16 09:33:54 3DFEEC45E5F22993216083FB777719D5 683008 ----a-w- C:\Windows\System32\d2d1.dll 2014-08-16 09:33:54 3439DFAD865BF24C3E3DE3BCB2F9C39F 135680 ----a-w- C:\Windows\System32\XpsRasterService.dll 2014-08-16 09:33:53 AAAE543C535ED596ECAD2AB8761C2C6F 478720 ----a-w- C:\Windows\System32\dxgi.dll 2014-08-16 09:33:53 9C7094F537782A82B6A29B4A7172E180 189952 ----a-w- C:\Windows\System32\d3d10core.dll 2014-08-16 09:33:53 8B02D2ECC7EF6E1F6AF08459E3F741F6 1029120 ----a-w- C:\Windows\System32\d3d10.dll 2014-08-16 09:33:53 556F1CBE9BA19E2CCD6F8D9AF71AF5C7 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll 2014-08-16 09:33:53 33EBF5DCD45F878B3622AD82AB37AF3A 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll 2014-08-16 09:33:53 29E4EA31C6DEBE5EFB384EEFA4F1EF63 160768 ----a-w- C:\Windows\System32\d3d10_1.dll 2014-08-16 09:33:53 04802864F51046E93471083A24469ACE 486400 ----a-w- C:\Windows\System32\d3d10level9.dll 2014-08-16 09:33:52 E821547F853BF67CABE187B6FAA5D212 26112 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll 2014-08-16 09:33:52 E607F9C6A2386647B572580CB147C7B3 1554432 ----a-w- C:\Windows\System32\xpsservices.dll 2014-08-16 09:33:52 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2014-08-16 09:33:52 A15ED03919107C2A6A3395EE02C7DD47 847360 ----a-w- C:\Windows\System32\OpcServices.dll 2014-08-16 09:33:52 759982EBE2B8DE1F4B50D14D0EFD6682 876032 ----a-w- C:\Windows\System32\XpsPrint.dll 2014-08-16 09:33:52 5EC8FB83F31AA2D6F421F02C3F4F4475 258048 ----a-w- C:\Windows\System32\winspool.drv 2014-08-16 09:31:36 D1C47F951EA35073C97EF2E928CF9D6F 195584 ----a-w- C:\Windows\System32\dxdiagn.dll 2014-08-16 09:31:36 8375E2BD58BFB375695135A511EBEE00 369664 ----a-w- C:\Windows\System32\WMPhoto.dll 2014-08-16 09:31:36 6E895BDCB3158E3860A49662332736BA 519680 ----a-w- C:\Windows\System32\d3d11.dll 2014-08-16 09:31:36 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe 2014-08-16 09:31:35 247609D2CD28A57BC1FE37FDA48AC0DB 321024 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll 2014-08-16 09:31:35 012A965F34414458075EF4F0EDC11536 189440 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2014-08-16 09:31:34 6836D001FC733F205ACB80A7986CB6C9 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-08-06 13:50:15 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2014-08-06 13:50:11 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll 2014-08-06 13:50:11 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2014-08-06 13:50:11 76FD230DEAB73D2826458617DBB56A63 16896 ----a-w- C:\Windows\System32\winusb.dll 2014-08-06 13:50:08 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2014-08-06 13:50:08 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll 2014-08-06 13:50:08 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe 2014-08-05 07:37:08 FB3E5FD7F74BFC301AD3FB7DE670EDCB 502784 ----a-w- C:\Windows\System32\usp10.dll 2014-08-05 07:37:04 8C4836F71F2DB629A99CF5A774594C66 11587584 ----a-w- C:\Windows\System32\shell32.dll 2014-08-05 07:36:58 959A4BC486951267EE6343A431A92B12 293376 ----a-w- C:\Windows\System32\psisdecd.dll 2014-08-05 07:36:58 3A78D48221D32BC99C4B11B112D6EADA 217088 ----a-w- C:\Windows\System32\psisrndr.ax 2014-08-05 07:36:58 1B45ED071775A5E8BF51682EC5B61231 69632 ----a-w- C:\Windows\System32\Mpeg2Data.ax 2014-08-05 07:36:57 D1AE4D2D559C23CE9DE4B3B10A90B901 57856 ----a-w- C:\Windows\System32\MSDvbNP.ax 2014-08-05 07:36:56 351FA1DF82CFFDEDA801604246E63E95 15872 ----a-w- C:\Windows\System32\icaapi.dll 2014-08-05 07:36:54 FF8FCDF1913016813AFB966A0F41B299 23552 ----a-w- C:\Windows\System32\mciseq.dll 2014-08-05 07:36:54 14FF750EFE13B0C21E5A06507C3A97B1 189952 ----a-w- C:\Windows\System32\winmm.dll 2014-08-05 07:36:51 63396CBB1365769D520E0FD89C2419F2 623616 ----a-w- C:\Windows\System32\localspl.dll 2014-08-05 07:36:27 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2014-08-05 07:36:03 950343D413EEDC3A24472BB2046CFB59 75776 ----a-w- C:\Windows\System32\synceng.dll 2014-08-05 07:35:43 D0F138624B9B49F349C5D3D2341199A1 429056 ----a-w- C:\Windows\System32\EncDec.dll 2014-08-05 07:35:42 F189F4921D3C24AC96861AA27D329B9B 23040 ----a-w- C:\Windows\System32\dpnsvr.exe 2014-08-05 07:35:42 9258E6D71D65B90A9308978085B934AA 376320 ----a-w- C:\Windows\System32\dpnet.dll 2014-08-05 07:35:39 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll 2014-08-05 07:35:37 E389C328AC7FE5673593ECAD269E7A54 783360 ----a-w- C:\Windows\System32\rpcrt4.dll 2014-08-05 07:35:35 130AD89BC58016AF6C8DCD884946D71B 2051072 ----a-w- C:\Windows\System32\win32k.sys 2014-08-05 07:35:31 98B656EAF128CD06F625B09C84D959E1 467968 ----a-w- C:\Windows\System32\netapi32.dll 2014-08-05 07:35:29 69407A3E716210A27CD1DAC2DBC8D658 506880 ----a-w- C:\Windows\System32\qedit.dll 2014-08-05 07:35:23 8CE364388C8ECA59B14B539179276D44 797696 ----a-w- C:\Windows\System32\FntCache.dll 2014-08-05 07:35:23 6843926AFF733D46A04F9D4E1C1A6B14 1068544 ----a-w- C:\Windows\System32\DWrite.dll 2014-08-05 07:35:23 1217AEB3DBED42C54ADD826EDDC21660 288768 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2014-08-05 07:35:15 A520C77CFFABC96E32818451B60905C7 66560 ----a-w- C:\Windows\System32\packager.dll 2014-08-05 07:34:08 13CC59C1B04E9F20A87987C68CD4BE3F 204288 ----a-w- C:\Windows\System32\ncrypt.dll 2014-08-05 07:33:42 17AF64D727545F2804F6E6D998327E3F 680448 ----a-w- C:\Windows\System32\msvcrt.dll 2014-08-05 07:33:33 D0D44370770D491E6BA472C855883422 1248768 ----a-w- C:\Windows\System32\msxml3.dll 2014-08-05 07:33:33 1E06779EDB55D035DD3F4A2B7432A291 1401344 ----a-w- C:\Windows\System32\msxml6.dll 2014-08-05 07:32:41 420B075CD71AB9E58D15DD258958FBA3 353280 ----a-w- C:\Windows\System32\shlwapi.dll 2014-08-05 07:32:39 A4E7946B71BBDF8708C7AC97FD9E9008 443904 ----a-w- C:\Windows\System32\win32spl.dll 2014-08-05 07:32:39 2D3D47B93E0BE86EEBB261734AB5B6A1 37376 ----a-w- C:\Windows\System32\printcom.dll 2014-08-05 07:32:33 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll 2014-08-05 07:32:31 C43A71C2845C88D7E5A8A26D3850BDFB 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2014-08-05 07:32:29 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll 2014-08-05 07:32:29 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll 2014-08-05 07:32:29 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-08-05 07:32:29 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx 2014-08-05 07:32:29 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-08-05 07:32:27 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2014-08-05 07:32:24 84BDC77A844493FCD76858B52690F31B 812544 ----a-w- C:\Windows\System32\certutil.exe 2014-08-05 07:32:24 5827CF5BBA5AEBDB416556E076A19EAF 41984 ----a-w- C:\Windows\System32\certenc.dll 2014-08-05 07:32:06 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll 2014-08-05 07:31:51 695DB97B018FB06F693F37108322AA1E 894464 ----a-w- C:\Windows\System32\kernel32.dll 2014-08-05 07:31:36 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2014-08-05 07:31:36 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL 2014-08-05 07:31:36 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF 2014-08-05 07:31:33 87CDFFCBD09C1CA03A068343D5D93250 5120 ----a-w- C:\Windows\System32\wmi.dll 2014-08-05 07:31:33 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 ----a-w- C:\Windows\System32\imagehlp.dll 2014-08-05 07:31:30 E1E52D56D266C2741058BA6611970D0C 497152 ----a-w- C:\Windows\System32\qdvd.dll 2014-08-05 07:31:24 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll 2014-08-05 07:31:22 DBD02E3E6F061EBBBF9B99A9D7CBA30B 377344 ----a-w- C:\Windows\System32\winhttp.dll 2014-08-05 07:31:19 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll 2014-08-05 07:31:18 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll 2014-08-05 07:31:15 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe 2014-08-05 07:31:15 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe 2014-08-05 07:31:15 B9FDFF876B0E7B4FECBAA5708C6ED616 1205168 ----a-w- C:\Windows\System32\ntdll.dll 2014-08-05 07:31:15 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2014-08-05 07:31:14 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll 2014-08-05 07:31:11 CCE5E7C0F8AA13207E777C43F4DA80A3 555520 ----a-w- C:\Windows\System32\UIAutomationCore.dll 2014-08-05 07:31:11 7E38DA8C11833B99766A97CEE3F80F07 4096 ----a-w- C:\Windows\System32\oleaccrc.dll 2014-08-05 07:31:10 DC15AB7168C0309D8F04FD95B6240422 238080 ----a-w- C:\Windows\System32\oleacc.dll 2014-08-05 07:31:10 B218342214D9BBA0F54EA12BA2E9278C 563712 ----a-w- C:\Windows\System32\oleaut32.dll 2014-08-05 07:30:06 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll 2014-08-05 07:30:04 1908CC7673F72601AFFDCA022689CEDF 182784 ----a-w- C:\Windows\System32\xmllite.dll 2014-08-05 07:30:02 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll 2014-08-05 07:29:58 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll 2014-08-05 07:29:53 4E07C27B4207ABB35F694E10ED609D2C 24576 ----a-w- C:\Windows\System32\cryptdlg.dll 2014-08-05 07:28:42 50E3E76B0901BB4FC029BB88BFA5CE79 278528 ----a-w- C:\Windows\System32\schannel.dll 2014-08-05 07:28:42 178FAC2B7C66E9A4400CE7AC37623E3F 1259008 ----a-w- C:\Windows\System32\lsasrv.dll 2014-08-05 07:28:41 D602FEDBD9155FC2DED6863FB60C950F 72704 ----a-w- C:\Windows\System32\secur32.dll 2014-08-05 07:28:41 A3E186B4B935905B829219502557314E 9728 ----a-w- C:\Windows\System32\lsass.exe 2014-08-05 07:28:39 FF41E1AC301F51E16F61AD7C0F45467C 231424 ----a-w- C:\Windows\System32\msshsq.dll 2014-08-05 07:28:37 E66587751D859A88FA61149C9CC2C15C 876032 ----a-w- C:\Windows\System32\wer.dll 2014-08-05 06:49:52 D16A740186870C32941C0E61DF4F1298 172544 ----a-w- C:\Windows\System32\wintrust.dll 2014-08-05 06:49:52 71B479749F0F52C4FEC726C6FFA2CE1C 98304 ----a-w- C:\Windows\System32\cryptnet.dll 2014-08-05 06:49:52 684C130BBC6DB681BAD4920A4C944AA5 133120 ----a-w- C:\Windows\System32\cryptsvc.dll 2014-08-05 06:40:47 DE98C769DA2B5F121846C9F3B9493C5A 613376 ----a-w- C:\Windows\System32\rdpencom.dll 2014-08-05 06:11:15 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\Windows\System32\wups2.dll 2014-08-05 06:11:15 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe 2014-08-05 06:11:15 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\Windows\System32\wucltux.dll 2014-08-05 06:11:14 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\Windows\System32\wuaueng.dll 2014-08-05 06:10:40 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\Windows\System32\wudriver.dll 2014-08-05 06:10:40 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\Windows\System32\wups.dll 2014-08-05 06:10:40 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\Windows\System32\wuapi.dll 2014-08-05 06:10:30 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\Windows\System32\wuwebv.dll 2014-08-05 06:10:30 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe ====== C:\Windows\system32\drivers ===== 2014-08-16 11:23:16 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2014-08-16 11:22:37 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2014-08-16 10:40:20 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\drivers\WpdUsb.sys 2014-08-16 09:43:56 5C2C209CDEFBC51D83D66E8A53B2BE89 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-08-06 13:50:28 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-08-06 13:50:12 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2014-08-06 13:50:12 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2014-08-06 13:50:09 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2014-08-05 07:36:56 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2014-08-05 07:36:18 C7B0746FCD576D7EEBA6A2530B0B2966 905664 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-08-05 07:35:40 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2014-08-05 07:35:38 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-08-05 07:35:38 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-08-05 07:35:33 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2014-08-05 07:33:43 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-08-05 07:33:40 F5272A105F59A7B3B345D9D6D87DA7AD 273408 ----a-w- C:\Windows\System32\drivers\afd.sys 2014-08-05 07:33:39 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-08-05 07:33:38 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-08-05 07:33:38 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-08-05 07:33:38 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-08-05 07:33:38 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-08-05 07:33:38 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-08-05 07:32:49 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-08-05 07:32:48 1114579556DB85E9FAF9590DBC64CD62 73344 ----a-w- C:\Windows\System32\drivers\USBAUDIO.sys 2014-08-05 07:31:41 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2014-08-05 07:31:33 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2014-08-05 07:29:59 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-08-05 07:29:38 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2014-08-05 07:28:42 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2014-08-05 07:28:34 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys ====== C:\Windows\Tasks ====== 2014-08-16 11:42:47 -------- d-----w- C:\Windows\system32\Tasks\WPD 2014-08-16 11:41:47 EAC6D5897778B32BB67E55C69B59A26E 3648 ----a-w- C:\Windows\system32\Tasks\User_Feed_Synchronization-{E9A451A0-E0BF-4D6E-AADD-1E4FB8142B54} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-08-16 11:24:16 -------- d-----w- C:\Program Files\Windows Portable Devices ======= C: ===== ====== C:\Users\lucky\AppData\Roaming ====== 2014-08-17 11:03:59 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-08-17 11:03:59 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-08-17 11:03:59 -------- d-----w- C:\Users\lucky\AppData\Local\Temp 2014-08-17 11:03:59 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-08-17 11:03:59 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\lucky ====== 2014-08-17 09:32:26 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (4).exe 2014-08-17 08:12:08 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (3).exe 2014-08-17 08:12:07 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (2).exe 2014-08-17 08:07:59 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (1).exe 2014-08-17 08:05:53 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT.exe 2014-08-16 11:57:35 4128AE55522EFFB4CE9611E8E62B779A 4813544 ----a-w- C:\Users\lucky\Downloads\ccsetup416 (2).exe 2014-08-16 11:56:56 4128AE55522EFFB4CE9611E8E62B779A 4813544 ----a-w- C:\Users\lucky\Downloads\ccsetup416 (1).exe 2014-08-05 09:16:38 4128AE55522EFFB4CE9611E8E62B779A 4813544 ----a-w- C:\Users\lucky\Downloads\ccsetup416.exe 2014-08-05 06:41:14 6DD947991853486DE376C12FF20A42F7 709564 ----a-w- C:\Users\lucky\Downloads\delfix_10.8.exe ====== C: exe-files == 2014-08-17 09:32:26 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (4).exe 2014-08-17 08:28:43 667A4DAAD3AA57B1051484BAC057CF7C 619664 ----a-w- C:\Windows\System32\icardagt.exe 2014-08-17 08:28:17 E66A29C118DE2FE3E5766E5C7A2E8E2B 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe 2014-08-17 08:12:08 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (3).exe 2014-08-17 08:12:07 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (2).exe 2014-08-17 08:07:59 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT (1).exe 2014-08-17 08:05:53 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\lucky\Downloads\RSIT.exe 2014-08-16 11:57:35 4128AE55522EFFB4CE9611E8E62B779A 4813544 ----a-w- C:\Users\lucky\Downloads\ccsetup416 (2).exe 2014-08-16 11:56:56 4128AE55522EFFB4CE9611E8E62B779A 4813544 ----a-w- C:\Users\lucky\Downloads\ccsetup416 (1).exe 2014-08-16 10:40:23 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe 2014-08-16 09:48:20 5E50B8E904FCB8DFC7C29BD3FEB7A593 82432 ----a-w- C:\Windows\System32\consent.exe 2014-08-16 09:43:04 3716C202039D542081CF1C14A7C767DC 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2014-08-16 09:38:48 73C8D00A87332F2DF0A7CFF87CEE1A82 107008 ----a-w- C:\Program Files\Internet Explorer\iecleanup.exe 2014-08-16 09:38:47 825E01EEC25E744FBCFB92F07FF411EE 307200 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe 2014-08-16 09:38:46 08ED70F000508724BAF881AA07C21BE1 758000 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-08-16 09:38:45 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2014-08-16 09:38:45 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2014-08-16 09:38:43 F1D33F2C0AEDE67F85D9578BA49010DA 223232 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-08-16 09:38:43 AA9B90593C22088BF7B5F729031A1C26 469504 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-08-16 09:38:42 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-08-16 09:38:40 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\System32\wextract.exe 2014-08-16 09:38:40 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\System32\iexpress.exe 2014-08-16 09:38:37 9CE5BD4C26F8DE6FB34AF91F9A5EF30F 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-08-16 09:38:37 520F221209823156E53F5022C7106BC9 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-08-16 09:38:35 8319DBE0C358D9330DB92AD41CD2C469 22528 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2014-08-16 09:38:35 6B65935D3CC6067A21CF2A546FF0E860 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-08-16 09:33:52 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2014-08-16 09:31:36 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe === C: other files == 2014-08-16 10:40:20 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdUsb.sys 2014-08-16 10:40:20 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\drivers\WpdUsb.sys 2014-08-16 10:40:20 C034851122F667F26F813ED1E541C191 50688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bthmtpenum.inf_201caa7f\BthMtpEnum.sys 2014-08-16 09:43:56 5C2C209CDEFBC51D83D66E8A53B2BE89 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [09/07/2014 15:49] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2011 19:58] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2011 19:58] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000Core" [C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000UA" [C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{E9A451A0-E0BF-4D6E-AADD-1E4FB8142B54}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [30/12/2011 09:25] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22/11/2012 11:30] Google Wallet - lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\lucky\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=010613&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7ADFA_nlBE454" ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04CUMNSW will be deleted at reboot C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTC76E1C will be deleted at reboot C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\lucky\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8 folders=2 5003 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\lucky\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\lucky\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\04CUMNSW" not found "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTC76E1C" not found ==== EOF on zo 17/08/2014 at 13:51:15,40 ======================