thierry1
-
Items
359 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door thierry1
-
probleem bij het opstarten na verwijderen virus
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
# AdwCleaner v3.018 - Report created 11/02/2014 at 06:13:55 # Updated 28/01/2014 by Xplode # Operating System : Windows 7 Home Premium (64 bits) # Username : Gebruiker - GEBRUIKER-PC # Running from : C:\Users\Gebruiker\Desktop\AdwCleaner (1).exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v8.0.7600.17267 -\\ Mozilla Firefox v26.0 (nl) [ File : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cobekw6h.default\prefs.js ] -\\ Google Chrome v32.0.1700.107 [ File : C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [39558 octets] - [09/02/2014 09:01:07] AdwCleaner[R1].txt - [963 octets] - [11/02/2014 06:13:08] AdwCleaner[s1].txt - [885 octets] - [11/02/2014 06:13:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [944 octets] ########## -
probleem bij het opstarten na verwijderen virus
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.0 Updated 10-February-2014 Tool run by Gebruiker on zo 05/09/2010 at 0:19:59,87. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [scan current user] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 5/09/2010 0:21:25 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Nero deleted successfully C:\Program Files\Bitdefender deleted successfully C:\Program Files\Google deleted successfully C:\Users\Gebruiker\AppData\Roaming\QuickScan deleted successfully C:\Users\Gebruiker\AppData\Roaming\Windows Live Writer deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cobekw6h.default user.js not found ---- Lines valueApps removed from prefs.js ---- user_pref("valueApps.storage.mam_gk_userId", "38653838323731622D636261352D343539612D393031632D656633376262313238613065"); ---- FireFox user.js and prefs.js backups ---- prefs_20100509_0030_.backup ==== Deleting Files \ Folders ====================== C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers not found C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\windows\SysNative\Tasks\BackgroundContainer Startup Task deleted C:\Users\Gebruiker\Downloads\FreeYouTubetoMP3Converter(1).exe deleted C:\Users\Gebruiker\Downloads\FreeYouTubeToMP3Converter(2).exe deleted C:\Users\Gebruiker\Downloads\FreeYouTubeToMP3Converter(3).exe deleted C:\Users\Gebruiker\Downloads\FreeYouTubeToMP3Converter.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2012-08-15 07:04:17 24AA25089217AF1B5289534824CAC69F 67584 ----a-w- C:\Windows\splwow64.exe 2012-03-08 16:37:20 4860944ABF2F8EAB74039A3A132B9995 302448 ----a-w- C:\Windows\WLXPGSS.SCR 2011-05-17 10:34:00 0862495E0C825893DB75EF44FAEA8E93 2870272 ----a-w- C:\Windows\explorer.exe 2010-10-27 20:55:54 4D66FFAEDF266EFEFF9B613F48AAF6FB 32348 ----a-w- C:\Windows\AsChkDev.txt 2010-10-27 20:54:21 5C396DDE6AAFFB64ABC0E0FD88F53553 3054136 ----a-w- C:\Windows\AsScrPro.exe 2010-10-27 20:36:19 BAFFF729523DABA3673D474D0ECD53A3 10 ----a-w- C:\Windows\csup.txt 2010-10-27 19:56:41 E0E0F7AEAB145B901EF45F058162790A 19 ----a-w- C:\Windows\AsToolCD.txt 2010-08-30 16:34:40 9130CCE19B5DB3D2E31F9F789263FC4A 511328 ----a-w- C:\Windows\capicom.dll ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-02-09 08:13:22 C332DB81197E6E5D4A67D3789DBEB02A 1061376 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\msvcp80.dll 2014-02-09 08:13:22 60A6DE55AA50D57A01B7148B0A7EA139 516096 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\msvcm80.dll 2014-02-09 08:13:22 4D89F6191DB56CFA659388378F3DD688 796672 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\msvcr80.dll 2014-02-09 08:13:22 47ACD0AEA4A32EF2B446B01076C62D28 64000 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\mfcm80u.dll 2014-02-09 08:13:21 9173F70AF60C0A864EECDFB3342DC789 1656320 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\mfc80.dll 2014-02-09 08:13:21 4FF468C640DEBC678D6E57617D523806 65536 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\mfcm80.dll 2014-02-09 08:13:21 21EE912784A013DC44071ECC4F932388 1652736 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\mfc80u.dll 2014-02-09 08:13:20 D7F38104C4B31C0B4405FCDA927B52D4 147904 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TmDbg64.dll 2014-02-09 08:13:20 8AD2485047CC64CB04B66040E62FE5FD 113152 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\atl80.dll 2014-02-09 08:13:20 6EAEABE4977A71C60AE539469EC1FBD0 126208 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\TmDbg32.dll 2013-10-23 04:39:48 47025DD5CBA8B43E9D26C960FF5B32A7 344355 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\Quarantine.exe 2013-03-11 18:21:03 C9E569480875089A7814C8784144A3AF 20406840 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\Messenger_20.0.0001_0\SkypeSetupFull(6.3.73.105)(Trackable457)trackable.exe 2012-07-05 14:27:25 1C1D673FB3EFC0643271226EA42A25D9 4398376 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\tbDVDV.dll ====== C:\Windows\SysWOW64 ===== 2013-04-10 10:01:27 DE8EF41911A07E14EB8C89599743FB81 2691072 ----a-w- C:\Windows\SysWOW64\mstscax.dll 2013-04-10 10:01:26 E6CBA5A625E1AC65261D97809CE03B51 36864 ----a-w- C:\Windows\SysWOW64\tsgqec.dll 2013-04-10 10:01:26 BE6866F36C4BF3296FC117F56376F031 131072 ----a-w- C:\Windows\SysWOW64\aaclient.dll 2013-04-10 10:01:11 A5A2C690C2B9417D79998EBB1C782564 11019776 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-04-10 10:01:09 5ABB67F8CA088F32F8BF1A81F1C82EA9 6032384 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-04-10 10:01:07 6257FAEB361E9069AEBCBB87CB8811AA 627200 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-04-10 10:01:06 4B11E69A3AD8CA55193565F824FC3747 1230848 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-04-10 10:01:05 FD2069827C3DBB1F16A313A2F0EBC2C2 606208 ----a-w- C:\Windows\SysWOW64\mstime.dll 2013-04-10 10:01:05 D314EACECB5C89C834DC071AD5C0CC6D 132096 ----a-w- C:\Windows\SysWOW64\url.dll 2013-04-10 10:01:05 BFB6DB1B3E161C83258DB02A86B709DC 185856 ----a-w- C:\Windows\SysWOW64\iepeers.dll 2013-04-10 10:01:05 B90716F11E4AE892E19C2A68CB764404 44544 ----a-w- C:\Windows\SysWOW64\licmgr10.dll 2013-04-10 10:01:05 99103984D22678A16D8A53B7CCA0958E 381440 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2013-04-10 10:01:05 9215A667742ADACAA656EBEF06F7EDA3 386048 ----a-w- C:\Windows\SysWOW64\html.iec 2013-04-10 10:01:05 8A2C077BEF0D7EDF8B47A81C209C439F 67584 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-04-10 10:01:05 6A02CB2EDC24630845D11B507952141A 981504 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-04-10 10:01:05 61B689EF11BC48F230C69A4BC49C57DA 2077184 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-04-10 10:01:05 616F3B69DE4E2F70A45437A85E9D7DD2 64512 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll 2013-04-10 10:01:05 611AFD393D035580C015065D990C8740 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-04-10 10:01:05 3BB1D5DFC245245F4C60A9574F66C303 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-04-10 10:01:05 0F6DDF69657EAA26A8A533B5227BF8F7 48128 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-04-10 10:01:04 4E201C980E43A49224123D42BACFC595 1638912 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-04-10 10:00:56 D1751CB2E03D7F57AC04C702D02974AC 3902312 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-10 10:00:56 B02D4E4A4EBEF9E33488969DF6E9BC22 3958120 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-04-10 10:00:56 8BCE0FBF28C2C6AEE2BB58505D345373 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll 2013-02-14 16:55:02 6E26AABE8342B18A9215CC71039AD7B4 274944 ----a-w- C:\Windows\SysWOW64\KernelBase.dll 2013-02-14 16:55:02 385BE92E3106491BBB542F8F1C06C606 1114112 ----a-w- C:\Windows\SysWOW64\kernel32.dll 2013-02-14 16:55:01 8C4917F8945D888E54542B720CD929F7 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-14 16:55:01 7E4E5B7B5015BE9963E92E1D7325F4A2 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-02-14 16:55:01 68E0354B7CFEA7D617B17F4473723260 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-02-14 16:55:01 11BFDDA19C92775C515F61353180E027 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-14 16:55:00 FE2EA676F981AAEB1E552557B56635D7 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-01-12 09:32:14 DD670B01D42CCC61232320E120B62033 492032 ----a-w- C:\Windows\SysWOW64\win32spl.dll 2013-01-10 16:46:17 011B7A81E28C748D7631CF3D72323DD2 627712 ----a-w- C:\Windows\SysWOW64\usp10.dll 2013-01-10 16:46:10 5BBF32865EB3D66988C6E06834EC2675 219136 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2013-01-10 16:45:52 462400256655B8DAE8DD8E33720481AF 1236992 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2013-01-10 16:45:52 2A089E7AB1C81D9D2EF5CE9554DB97BB 1388544 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2013-01-10 16:45:23 F172CBC9CA6C8EF360019FAE1070DC76 15360 ----a-w- C:\Windows\SysWOW64\djctq.rs 2013-01-10 16:45:23 E9A504F7BDAFDD2D158ABDC2AB320513 43520 ----a-w- C:\Windows\SysWOW64\csrr.rs 2013-01-10 16:45:23 D738761869873D9DE0274B912C3324D0 46592 ----a-w- C:\Windows\SysWOW64\fpb.rs 2013-01-10 16:45:23 9B1A0EB5F77468EBBBE5058EC8399854 45568 ----a-w- C:\Windows\SysWOW64\oflc-nz.rs 2013-01-10 16:45:23 8EABBA28545713D95BBE97339A8E0930 30720 ----a-w- C:\Windows\SysWOW64\usk.rs 2013-01-10 16:45:23 87E3DC1CA13FB122E3A5A4E82C9D47FD 40960 ----a-w- C:\Windows\SysWOW64\cob-au.rs 2013-01-10 16:45:23 66072B0976629D3E758F94AB0A90A671 21504 ----a-w- C:\Windows\SysWOW64\grb.rs 2013-01-10 16:45:23 3AB81B08648B512C0ACC883A704594F2 44544 ----a-w- C:\Windows\SysWOW64\pegibbfc.rs 2013-01-10 16:45:22 6041C612541AFE5458481A20ABA65A59 20480 ----a-w- C:\Windows\SysWOW64\pegi.rs 2013-01-10 16:45:21 9BCB54208A456D67FB1B11CF0B428130 308736 ----a-w- C:\Windows\SysWOW64\Wpc.dll 2013-01-10 16:45:21 7620C603C8CA823C565AE9DA89CDB96E 20480 ----a-w- C:\Windows\SysWOW64\pegi-pt.rs 2013-01-10 16:45:21 072C64FE4977D1D7FECDB03AE7DFF45D 2576384 ----a-w- C:\Windows\SysWOW64\gameux.dll 2013-01-10 16:45:20 FE323883D442B9928BE8C7C9FA5475A1 20480 ----a-w- C:\Windows\SysWOW64\pegi-fi.rs 2013-01-10 16:45:20 2FDCB73E9B2549572F11370A15F54308 51712 ----a-w- C:\Windows\SysWOW64\esrb.rs 2013-01-10 16:45:19 CC7381FBD36D527BF86308C1CB89D40C 23552 ----a-w- C:\Windows\SysWOW64\oflc.rs 2013-01-10 16:45:19 06E7FF7D8B276967FC244998AEE870D7 55296 ----a-w- C:\Windows\SysWOW64\cero.rs 2013-01-10 16:44:55 2E5F7B5D25063C07A39A87D1B1295E35 420032 ----a-w- C:\Windows\SysWOW64\locale.nls 2012-12-21 20:03:55 FC26D3B40C5E612FE925CDEE31ECED09 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll 2012-12-21 20:03:55 4716E04E53A988B9745B227B51CBF134 295424 ----a-w- C:\Windows\SysWOW64\atmfd.dll 2012-12-12 17:24:20 662398B18EE2A910265630893AD09B1B 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2012-12-12 17:22:30 35C0FF8D1999D1B32F6FEB2FBC976F18 376832 ----a-w- C:\Windows\SysWOW64\dpnet.dll 2012-11-14 20:07:58 30EFF24123E5A2A24F2308DDBCFB633C 78336 ----a-w- C:\Windows\SysWOW64\synceng.dll 2012-11-08 10:29:12 FB35DC61EB4ECC8148A307DEA7202669 1402312 ----a-w- C:\Windows\SysWOW64\msxml4.dll 2012-10-10 15:58:01 334A663962618F7A136FA1F80F773C5F 172544 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2012-10-10 15:57:54 056B0E466AD1C99D9892F9C7DD4A8449 541184 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2012-10-10 15:57:48 F2FDE6C8DBAAD44CC58D1E07E4AF4EED 139264 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2012-10-10 15:57:48 7DA089C75B1E92032D0CBE4ADE7C32BC 1157632 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2012-10-10 15:57:48 1F778C34C751E1B585E4FC66659BA904 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2012-09-13 16:38:42 0DFD0ADD7FF9C48938757220F1CEBE95 490496 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll 2012-08-15 07:04:21 AEA538848F2D3A7C7CF5DAF1967AB2C2 428032 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2012-08-15 07:04:21 3CC1D7DB1DAA666215BC3E5AA02C213C 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2012-08-15 07:04:20 A81AF063D965A321D577AE3C24ADA449 41472 ----a-w- C:\Windows\SysWOW64\browcli.dll 2012-08-15 07:04:20 5DE691884C240227B733CC18BBFCA3D8 57344 ----a-w- C:\Windows\SysWOW64\netapi32.dll 2012-08-15 07:04:19 D71267C3EE4DCA543D3913FF211DF586 43008 ----a-w- C:\Windows\SysWOW64\srclient.dll 2012-07-12 17:09:37 2CBC35E872BA9B46474890135B56DD66 12868608 ----a-w- C:\Windows\SysWOW64\shell32.dll 2012-07-12 17:09:35 76C48F0CD8A526858AB9A4886586942A 225280 ----a-w- C:\Windows\SysWOW64\schannel.dll 2012-07-12 17:09:35 6CC10D9FD128069DBFE476222F097616 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2012-07-12 17:09:35 351F62085F1D007533B4BB159C9EFDE3 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2012-07-05 14:31:42 85BE7C03FAAA62EB112D72AD494D670B 405144 ----a-w- C:\Windows\SysWOW64\Newtonsoft.Json.Net20.dll 2012-07-05 14:13:26 498BD12B38B549887D9E856EB734354E 106928 ----a-w- C:\Windows\SysWOW64\GEARAspi.dll 2012-06-14 13:37:56 F1317678AC2FBA9F640279290B2E2988 2342400 ----a-w- C:\Windows\SysWOW64\msi.dll 2012-06-06 18:59:42 E52859FCB7A827CACFCE7963184C7D24 1070152 ----a-w- C:\Windows\SysWOW64\MSCOMCTL.OCX 2012-05-29 15:43:41 ED1543644C11CD56F374F3CDCD5A685F 692616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-05-29 15:43:41 675BCED636193DA8BCCDF2D9594EF4E8 71048 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2012-05-12 15:22:28 9FDF43178419CB0D4B50373C50396BDF 739840 ----a-w- C:\Windows\SysWOW64\d2d1.dll 2012-05-12 15:22:27 BEADABADC909D2C7F59CD3DEA77EE67E 1170944 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll 2012-05-12 15:22:27 9F9B0AD8804ECFF8CBD279992DCF7210 1074176 ----a-w- C:\Windows\SysWOW64\DWrite.dll 2012-05-12 15:22:27 9103E020906FC7A166F380EF2D2516B2 218624 ----a-w- C:\Windows\SysWOW64\d3d10_1core.dll 2012-05-12 15:22:26 AD8F6914F7A9AC28047389BE7AF56EBF 161792 ----a-w- C:\Windows\SysWOW64\d3d10_1.dll 2012-04-14 17:15:24 AFF03EAADAB9BE41A98B76332B980283 5120 ----a-w- C:\Windows\SysWOW64\wmi.dll 2012-04-14 17:15:24 97CCB4D737B426B200E5EF90C877DF32 158720 ----a-w- C:\Windows\SysWOW64\imagehlp.dll 2012-03-13 17:11:35 50DA20DD18A8FEFEE57942188BFF06F4 826368 ----a-w- C:\Windows\SysWOW64\rdpcore.dll 2012-03-08 16:50:28 F2BE8BAF8E8FFBA6969B9CF92367283A 49016 ----a-w- C:\Windows\SysWOW64\sirenacm.dll 2012-02-16 15:58:17 9141FE8D904CE682A3BDCFAE96BB04EF 442880 ----a-w- C:\Windows\SysWOW64\ntshrui.dll 2012-02-16 15:58:16 C338915320CBEBFDB6DA3F0E6B069754 478208 ----a-w- C:\Windows\SysWOW64\timedate.cpl 2012-02-16 15:58:07 F8A61B2E713309B4616D107919BDAB6E 690688 ----a-w- C:\Windows\SysWOW64\msvcrt.dll 2012-01-26 15:55:47 A86A1C5DF1C662D1C75815BF4794F16D 314368 ----a-w- C:\Windows\SysWOW64\webio.dll 2012-01-11 15:53:58 B9980FCD160D1EC1422B111C74B56DB2 1328640 ----a-w- C:\Windows\SysWOW64\quartz.dll 2012-01-11 15:53:58 9D4F78F0F9EEF90C2B9E3A2D1E767EB5 514560 ----a-w- C:\Windows\SysWOW64\qdvd.dll 2012-01-11 15:53:55 FD817ED8F2C055BE6F3E19D7BA3050F8 67072 ----a-w- C:\Windows\SysWOW64\packager.dll 2012-01-11 15:53:55 DB6DD54A93522CA3572D04B56C5DB890 1292592 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2011-12-19 18:01:42 78156CD5846A841DBED2410FADC2B6DF 534528 ----a-w- C:\Windows\SysWOW64\EncDec.dll 2011-10-13 17:28:35 8588A439E0468E7DD6E429BB99EA5F1B 465408 ----a-w- C:\Windows\SysWOW64\psisdecd.dll 2011-10-13 17:28:35 8202DAB508199A2EA1F6EEBC24C8A730 75776 ----a-w- C:\Windows\SysWOW64\psisrndr.ax 2011-10-13 17:28:34 EACE6A11AC7446346F81EF786631F2BA 59904 ----a-w- C:\Windows\SysWOW64\MSDvbNP.ax 2011-10-13 17:28:34 B08C19CA407C5F132CEF2872616D7337 72704 ----a-w- C:\Windows\SysWOW64\Mpeg2Data.ax 2011-10-13 17:28:34 705C210EFC5564BE49EB026BD7AFF27A 571904 ----a-w- C:\Windows\SysWOW64\oleaut32.dll 2011-10-13 17:28:34 4D59A5B6EF0AF6F9FDF3D157534380AF 233472 ----a-w- C:\Windows\SysWOW64\oleacc.dll 2011-10-13 17:28:34 3F911EB42A1E04346970BCA189E620EA 204288 ----a-w- C:\Windows\SysWOW64\MSNP.ax 2011-08-15 16:47:54 0C2AE180D8C35F723BA13A16AA9AC453 180224 ----a-w- C:\Windows\SysWOW64\xmllite.dll 2011-08-15 16:47:52 EB571B2DC46B8FA5CEA64E7612A34AB4 163840 ----a-w- C:\Windows\SysWOW64\odbctrac.dll 2011-08-15 16:47:52 D92CA04CD1E304D45AEB3FFE7E9436A7 319488 ----a-w- C:\Windows\SysWOW64\odbcjt32.dll 2011-08-15 16:47:52 A62419A9E5AD424AD4E36FA661FB1F1F 81920 ----a-w- C:\Windows\SysWOW64\odbccr32.dll 2011-08-15 16:47:52 3FFB24B49E2C8BC1AEDE2976B2804E0A 86016 ----a-w- C:\Windows\SysWOW64\odbccu32.dll 2011-08-15 16:47:52 1434CD59B7A020B0F3EAEF61953D4965 122880 ----a-w- C:\Windows\SysWOW64\odbccp32.dll 2011-08-07 16:42:47 D720800C2AA3C6889B538011ED6C6B1B 1686016 ----a-w- C:\Windows\SysWOW64\esent.dll 2011-08-07 16:42:47 0C034F3D8FC0FAADA943244205BE70C6 74240 ----a-w- C:\Windows\SysWOW64\fsutil.exe 2011-07-11 15:12:01 C6595B078842E187C6587A285B43A565 740864 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2011-07-10 14:59:30 E702ED19C332C1F12C1403D100E2F4F3 145920 ----a-w- C:\Windows\SysWOW64\cfgmgr32.dll 2011-07-10 14:59:30 6C9C05D5344B9AB80E9180FC859BC45A 64512 ----a-w- C:\Windows\SysWOW64\devobj.dll 2011-07-10 14:59:30 3386FE9F8634FE3F523858F25B1A928A 252928 ----a-w- C:\Windows\SysWOW64\drvinst.exe 2011-07-10 14:59:30 11CDF138552BFEC115B60ED6DC3ACEB6 44544 ----a-w- C:\Windows\SysWOW64\devrtl.dll 2011-07-10 14:59:28 AF7B90272B5A4E4B3D347B39702435CC 1401856 ----a-w- C:\Windows\SysWOW64\mssrch.dll 2011-07-10 14:59:27 7271B48B193C9624416BD5006CD8B92F 1553920 ----a-w- C:\Windows\SysWOW64\tquery.dll 2011-07-10 14:59:27 71402C7923F6B7F8ACB48E50F35463E7 428032 ----a-w- C:\Windows\SysWOW64\SearchIndexer.exe 2011-07-10 14:59:26 801E6278CC73A693E83EC1CA6C87C57B 59392 ----a-w- C:\Windows\SysWOW64\msscntrs.dll 2011-07-10 14:59:26 7FFE38A9BCE22AED21A0CEA1E6EAD1B5 86528 ----a-w- C:\Windows\SysWOW64\SearchFilterHost.exe 2011-07-10 14:59:26 6FC137CFD70DDEFD2DBD5906EF487564 666624 ----a-w- C:\Windows\SysWOW64\mssvp.dll 2011-07-10 14:59:26 5D66CBCDA60ECCE893B8E69BD5F23F92 164352 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe 2011-07-10 14:59:26 3DD5EB724DF7287B5DEEEC33B13A23BF 337408 ----a-w- C:\Windows\SysWOW64\mssph.dll 2011-07-10 14:59:26 31864EEDFC8AFC7247EC8DFF77AC7C75 197120 ----a-w- C:\Windows\SysWOW64\mssphtb.dll 2011-07-07 01:28:22 09B2ED06BB44815B2B5803F5C67E00E3 1193320 ----a-w- C:\Windows\SysWOW64\FM20.DLL 2011-07-03 18:28:51 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\SysWOW64\XAudio2_5.dll 2011-07-03 18:28:51 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\SysWOW64\XAPOFX1_3.dll 2011-07-03 18:28:50 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\SysWOW64\d3dx10_42.dll 2011-07-03 18:26:19 C1EFDB767CF3A4FBA71267651E433D9B 2983424 ----a-w- C:\Windows\SysWOW64\UIRibbon.dll 2011-07-03 18:26:19 2475DCBA2F9C7843719128E8B61B6302 1164800 ----a-w- C:\Windows\SysWOW64\UIRibbonRes.dll 2011-06-23 19:32:31 8898C95862D03D16B2A06DB4DB6BB6B2 1495040 ----a-w- C:\Windows\SysWOW64\ExplorerFrame.dll 2011-06-23 19:32:31 6EEA2666D6A557AD69417796EE543A3D 135168 ----a-w- C:\Windows\SysWOW64\XpsRasterService.dll 2011-05-19 18:31:44 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2011-05-17 10:53:43 6D9B75275C3E3A5F51AEF81AFFADB2B6 276992 ----a-w- C:\Windows\SysWOW64\wcncsvc.dll 2011-05-17 10:43:02 90B43F1C4795CE53CCBCD53348713504 196608 ----a-w- C:\Windows\SysWOW64\mfreadwrite.dll 2011-05-17 10:43:02 81960ABCF95E41DCD7BF164499765228 1619456 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL 2011-05-17 10:43:01 0F0EE7DE3436E6F8F0E19DACAC7B5730 3181568 ----a-w- C:\Windows\SysWOW64\mf.dll 2011-05-17 10:39:33 FA4B5940B31853ADE67A73026884C8C9 1130824 ----a-w- C:\Windows\SysWOW64\dfshim.dll 2011-05-17 10:39:33 DFF617498211FBB3D8D3FCC51A37B777 99176 ----a-w- C:\Windows\SysWOW64\PresentationHostProxy.dll 2011-05-17 10:39:33 302964DCAC79D618CC7B72C778DA9FD2 295264 ----a-w- C:\Windows\SysWOW64\PresentationHost.exe 2011-05-17 10:39:33 15515AE1540B4EE2B75DF63FC15129DF 49472 ----a-w- C:\Windows\SysWOW64\netfxperf.dll 2011-05-17 10:39:33 128DD9AF8640DBCC711940903C8B554F 297808 ----a-w- C:\Windows\SysWOW64\mscoree.dll 2011-05-17 10:34:45 7B1B69554D86DC0A237642A01246663B 738816 ----a-w- C:\Windows\SysWOW64\wmpmde.dll 2011-05-17 10:34:15 7DAFF8A980B089465B41288F36080DE1 442880 ----a-w- C:\Windows\SysWOW64\XpsPrint.dll 2011-05-17 10:34:06 6814300419C92B2B99CE4AAE4D1BA17A 204288 ----a-w- C:\Windows\SysWOW64\upnp.dll 2011-05-17 10:34:05 CC9BBCFC715FBEDF7AE476106FE653E9 350720 ----a-w- C:\Windows\SysWOW64\winhttp.dll 2011-05-17 10:34:05 BB5EC38F8D4600119B4720BC5D4211F1 204800 ----a-w- C:\Windows\SysWOW64\WebClnt.dll 2011-05-17 10:34:05 7FB5696EBCB8131AD2E2DEFE5F19C4B5 80384 ----a-w- C:\Windows\SysWOW64\davclnt.dll 2011-05-17 10:34:05 374B26395852A9092BDE2E4C8D4D0C8D 51200 ----a-w- C:\Windows\SysWOW64\wscapi.dll 2011-05-17 10:34:05 2008845B41D561FB77B77BBE0045099E 14336 ----a-w- C:\Windows\SysWOW64\slwga.dll 2011-05-17 10:34:03 62390F4ACE9E2B63E3CA26B7F7497897 269824 ----a-w- C:\Windows\SysWOW64\dnsapi.dll 2011-05-17 10:34:03 1E7DF409043A4340B44D9F4A7F7300D7 28672 ----a-w- C:\Windows\SysWOW64\dnscacheugc.exe 2011-05-17 10:34:01 F8952E80B7F778DA2F7AA8393CA2D30E 192000 ----a-w- C:\Windows\SysWOW64\taskeng.exe 2011-05-17 10:34:01 EF8808FEA65723214D79734BDB79EBF6 305152 ----a-w- C:\Windows\SysWOW64\taskcomp.dll 2011-05-17 10:34:01 BA17F6EBA7152354FE67ADE9BDCDA60E 179712 ----a-w- C:\Windows\SysWOW64\schtasks.exe 2011-05-17 10:34:01 21012407E8C74AA72BBB485B0FC197FE 496128 ----a-w- C:\Windows\SysWOW64\taskschd.dll 2011-05-17 10:33:59 2AF58D15EDC06EC6FDACCE1F19482BBF 2614784 ----a-w- C:\Windows\SysWOW64\explorer.exe 2011-05-17 10:33:58 BE80CC56D2BAEDBFEAD101B75E76AC33 642048 ----a-w- C:\Windows\SysWOW64\CPFilters.dll 2011-05-17 10:33:56 85A022F2175D74105E9E2D60FA7CC182 199680 ----a-w- C:\Windows\SysWOW64\mpg2splt.ax 2011-05-17 10:33:56 1E1297472E0FA4DF5A52DAC1192CDB73 850432 ----a-w- C:\Windows\SysWOW64\sbe.dll 2011-05-17 10:33:53 E2C2D8C982316C8ABF800C6CE3F28FAB 1413632 ----a-w- C:\Windows\SysWOW64\ole32.dll 2011-05-17 10:33:47 88FBE86112DB7E4FEB77A4A15C95EBEF 1164288 ----a-w- C:\Windows\SysWOW64\mfc42u.dll 2011-05-17 10:33:47 74C76BB54B26CE50C4BC755F92687C63 1137664 ----a-w- C:\Windows\SysWOW64\mfc42.dll 2011-05-17 10:33:24 2FD462BEE3F69C7D290AABAE4FB949E3 288256 ----a-w- C:\Windows\SysWOW64\XpsGdiConverter.dll 2011-05-17 10:33:23 D3EAD1CF16BA729A7F7C9A5D94AA7C05 530432 ----a-w- C:\Windows\SysWOW64\comctl32.dll 2011-05-17 10:33:21 25819A6361F10C30905B5D0FDB8DCA42 109056 ----a-w- C:\Windows\SysWOW64\t2embed.dll 2011-05-17 10:33:17 36AAD6213B2EEB06A453625C75683FA3 31232 ----a-w- C:\Windows\SysWOW64\prevhost.exe 2011-05-17 10:33:16 8D908F346EEDD752005A32787A6DCAFA 363520 ----a-w- C:\Windows\SysWOW64\StructuredQuery.dll 2011-05-17 10:33:11 5764C381949147EBCFB9A7134E2ABF06 573440 ----a-w- C:\Windows\SysWOW64\odbc32.dll 2011-05-17 10:33:08 E2617B3C93FFE274CA199D51D0B84C1A 954752 ----a-w- C:\Windows\SysWOW64\mfc40.dll 2011-05-17 10:33:08 1B3A500340AC40F08D03A2C45213A17D 954288 ----a-w- C:\Windows\SysWOW64\mfc40u.dll 2011-05-17 10:33:04 9967BCE6CF289223ADC2FBF311C6A78F 11406848 ----a-w- C:\Windows\SysWOW64\wmp.dll 2011-05-17 10:33:03 FA05241C7BC7EBCC36AF78299D0D37FE 12625408 ----a-w- C:\Windows\SysWOW64\wmploc.DLL 2011-05-17 10:18:33 2553AD01F1ED5CDD939F5D12303E9709 1034240 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2011-05-17 10:18:32 CC22DA73DA45F82FE98DB1AAECF1794F 9728 ----a-w- C:\Windows\SysWOW64\sscore.dll 2011-05-17 09:46:19 26AF232140C88B42D92A88F2198EDF6A 3426072 ----a-w- C:\Windows\SysWOW64\d3dx9_32.dll 2011-03-28 18:31:14 9EDE13F62E7BE92DBA561218EDDC4E21 209280 ----a-w- C:\Windows\SysWOW64\LIVESSP.DLL 2011-02-19 21:03:12 F908FE45F8FE9E0D4CBE65F9FF5DF6DA 55120 ----a-w- C:\Windows\SysWOW64\mfc100enu.dll 2011-02-19 21:03:12 F7E75862299194C1B9103F7742EA7B25 36176 ----a-w- C:\Windows\SysWOW64\mfc100chs.dll 2011-02-19 21:03:12 F32077DF74EFD435A1DCDF415E189DF1 4422992 ----a-w- C:\Windows\SysWOW64\mfc100u.dll 2011-02-19 21:03:12 ECAF994DBDDE7409A4C2270CDA8177A6 64336 ----a-w- C:\Windows\SysWOW64\mfc100fra.dll 2011-02-19 21:03:12 E3C817F7FE44CC870ECDBCBC3EA36132 421200 ----a-w- C:\Windows\SysWOW64\msvcp100.dll 2011-02-19 21:03:12 E25790E6E0612B621C8EA80206036672 60752 ----a-w- C:\Windows\SysWOW64\mfc100rus.dll 2011-02-19 21:03:12 DFAE4207CE3F2B3B88DABC6A7C73C450 81744 ----a-w- C:\Windows\SysWOW64\mfcm100.dll 2011-02-19 21:03:12 D460F47453E2E186A981E1EB0DC7F6C9 62288 ----a-w- C:\Windows\SysWOW64\mfc100ita.dll 2011-02-19 21:03:12 BF7B39A609B1C84A888158BBE6CADC3B 43856 ----a-w- C:\Windows\SysWOW64\mfc100jpn.dll 2011-02-19 21:03:12 A807596CB3CB377A1A687C9734D67A37 4397384 ----a-w- C:\Windows\SysWOW64\mfc100.dll 2011-02-19 21:03:12 A7E63D69F1D55A3662907ECD48B345CA 51024 ----a-w- C:\Windows\SysWOW64\vcomp100.dll 2011-02-19 21:03:12 9328256796EFAD2AC9632FD9A76EED95 63824 ----a-w- C:\Windows\SysWOW64\mfc100esn.dll 2011-02-19 21:03:12 8280A96D8B44ABBFE8A22F19EAF9EC0D 36176 ----a-w- C:\Windows\SysWOW64\mfc100cht.dll 2011-02-19 21:03:12 4AF4B6E8A4D185B75122773562D25975 64336 ----a-w- C:\Windows\SysWOW64\mfc100deu.dll 2011-02-19 21:03:12 17F28E88C2006EB6447FB31F25D7D937 43344 ----a-w- C:\Windows\SysWOW64\mfc100kor.dll 2011-02-19 21:03:12 0B6C9E162B102F7B819E61A80257CA92 81744 ----a-w- C:\Windows\SysWOW64\mfcm100u.dll 2011-02-19 21:03:12 00D2C06A552F782C1F16ACF77DB765A5 138056 ----a-w- C:\Windows\SysWOW64\atl100.dll 2011-02-18 22:40:50 BF38660A9125935658CFA3E53FDC7D65 773968 ----a-w- C:\Windows\SysWOW64\msvcr100.dll 2010-10-27 21:01:37 406F7B9C71B99872670EE9A8D52E2FE5 37376 ----a-w- C:\Windows\SysWOW64\rtutils.dll 2010-10-27 21:00:42 17A4BE67FB6B9219A802F39C263AC8AC 82944 ----a-w- C:\Windows\SysWOW64\iccvid.dll 2010-10-27 20:54:25 E4787D99FC0EDD5B8842478A56BB835A 520192 ----a-w- C:\Windows\SysWOW64\K_Series_ScreenSaver_EN.scr 2010-10-27 20:53:26 41A5048E49372F091B2AE5A5B705B72D 183296 ----a-w- C:\Windows\SysWOW64\ACEngSvr.exe 2010-10-27 20:43:11 5B575CE99AA28C0D011918127E94EC88 67584 ----a-w- C:\Windows\SysWOW64\asycfilt.dll 2010-10-27 20:38:13 2AB1B18CC889677DF25177AEA6225D1F 53248 ----a-w- C:\Windows\SysWOW64\CSVer.dll 2010-10-27 20:34:50 8D5258D6680FC9C30D5FC2BABEF8CF4B 132608 ----a-w- C:\Windows\SysWOW64\cabview.dll 2010-10-27 20:28:14 A821F481032483266984E5B18A160CB1 29480 ----a-w- C:\Windows\SysWOW64\msxml3a.dll 2010-10-27 20:28:13 7333E3C6FB7F18E5663B53E1F6DBF4C6 505128 ----a-w- C:\Windows\SysWOW64\msvcp71.dll 2010-10-27 20:28:13 1020C0C4BAC624DAF56712EA6D5865CE 353576 ----a-w- C:\Windows\SysWOW64\msvcr71.dll 2010-10-27 20:26:35 D6FD152AB062C813FD5DDB47BB876F56 91648 ----a-w- C:\Windows\SysWOW64\avifil32.dll 2010-10-27 20:26:35 D61D785EB47F754E521D214676A84258 84480 ----a-w- C:\Windows\SysWOW64\mciavi32.dll 2010-10-27 20:26:35 B7D86D2D88ADA774D1FFA07B6670202D 31744 ----a-w- C:\Windows\SysWOW64\msvidc32.dll 2010-10-27 20:26:35 9D7910AD1D0F69657BC775A0BDB15506 50176 ----a-w- C:\Windows\SysWOW64\iyuv_32.dll 2010-10-27 20:26:35 5CB1CD7BFB0CDE68EFF3F37341D606B6 12288 ----a-w- C:\Windows\SysWOW64\tsbyuv.dll 2010-10-27 20:26:35 4D9B229FB4BFA251A568A88D22B881FB 22016 ----a-w- C:\Windows\SysWOW64\msyuv.dll 2010-10-27 20:26:35 0C3BE509B75E1710CB8A433822809123 13312 ----a-w- C:\Windows\SysWOW64\msrle32.dll 2010-10-27 20:20:37 F50814F3FE0B75A786DEE08FD27D8AC1 280064 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2010-10-27 20:20:37 F463E3C7925A8C16DFC502C9C59AF6EA 277504 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2010-10-27 20:20:37 77EE5FD84A8A2548A2670D5845BC97DF 324608 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2010-10-27 20:20:37 720D938888367CC6E01CCAFA94FF8D85 365568 ----a-w- C:\Windows\SysWOW64\secproc_isv.dll 2010-10-27 20:20:37 596F545E1E65E7647E3F306F32B16499 320512 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2010-10-27 20:20:37 2DA7629FFCC16F65D6CCF968362CD80B 85504 ----a-w- C:\Windows\SysWOW64\secproc_ssp_isv.dll 2010-10-27 20:20:37 29F52745B29555B8ED7BC7FBD8032086 369152 ----a-w- C:\Windows\SysWOW64\secproc.dll 2010-10-27 20:20:37 05FDFDEECA9033162E8B70C1FADD9DEB 85504 ----a-w- C:\Windows\SysWOW64\secproc_ssp.dll 2010-10-27 20:19:33 7F68E4752E3B9A41D75A556A7A24201A 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll 2010-10-27 20:13:02 90691014D96030B69D7B8D6A0967FC67 257024 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2010-10-27 20:12:01 4C04900AA8C323F5D4C316A89E976849 34816 ----a-w- C:\Windows\SysWOW64\msasn1.dll 2010-10-27 20:09:51 9D37CF187096B79ACD1C343F7C382352 1320960 ----a-w- C:\Windows\SysWOW64\CertEnroll.dll ====== C:\Windows\SysWOW64\drivers ===== 2010-10-27 21:06:08 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\drivers\1043_ASUSTeK_K52F.alu 2010-10-27 20:55:54 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\SysWOW64\drivers\1043_ASUSTEK_K52F_K62F_V70_WIN7.MRK ====== C:\Windows\Sysnative ===== 2013-04-10 10:01:27 4D76442C1A0D4396DE472D7D51264A31 3138048 ----a-w- C:\Windows\Sysnative\mstscax.dll 2013-04-10 10:01:26 D89910C60DC519E5E9905131E2D4249C 158208 ----a-w- C:\Windows\Sysnative\aaclient.dll 2013-04-10 10:01:26 CB3271A6DC3A5EAD97052133FA4D5CD3 44032 ----a-w- C:\Windows\Sysnative\tsgqec.dll 2013-04-10 10:01:21 15CFE2E15703D323D2FE2F0CF6F0C99E 3150848 ----a-w- C:\Windows\Sysnative\win32k.sys 2013-04-10 10:01:18 C640993D91902D7E05037A134409C205 12405760 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-04-10 10:01:16 633B37E7AB84DF5E0A95173A9C33938F 9377280 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-04-10 10:01:07 01B0D00A22BDE028490686E562EE66FA 735744 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-04-10 10:01:06 2874307E9E3BCFDED87A000D30B0E59C 1499648 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-04-10 10:01:05 DE9E43A8CC5A0831059D17499D593A33 482816 ----a-w- C:\Windows\Sysnative\html.iec 2013-04-10 10:01:05 DE84BB2286490E260C2294D56C41B80A 2463744 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-04-10 10:01:05 C6D1280AE74CE2E4C30A775429DC655E 1026560 ----a-w- C:\Windows\Sysnative\mstime.dll 2013-04-10 10:01:05 9E9292E72C43EE4BC98E2EB2D244C7A2 57856 ----a-w- C:\Windows\Sysnative\licmgr10.dll 2013-04-10 10:01:05 8523338F749AC8C5300C125BC4B08275 1198080 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-04-10 10:01:05 71EE6C5D68E0E07BDB3D5C04F36645DF 12288 ----a-w- C:\Windows\Sysnative\msfeedssync.exe 2013-04-10 10:01:05 48692821373CBA186635EEADA4F4C8C7 97792 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-04-10 10:01:05 40DA358B673B476E2F741D5606F3EB80 82944 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll 2013-04-10 10:01:05 3651766F456E5707C3239DEC35ED1DC8 247808 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-04-10 10:01:05 352BA603FBF4720287C5DA8E83EE2830 134144 ----a-w- C:\Windows\Sysnative\url.dll 2013-04-10 10:01:05 34C095BAC39B3F20DEC8E329C03A1A23 256000 ----a-w- C:\Windows\Sysnative\iepeers.dll 2013-04-10 10:01:05 2D75189BFB44F201AF815F9B707A186D 64512 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-04-10 10:01:05 0C8C6E188253785B0F8FDFA9FD2CAE4F 445952 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2013-04-10 10:01:04 1EBB980D67EFF953B9A230EDB3FFA615 1638912 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-04-10 10:00:59 EF1D47835019186DB5E34C52571A6539 5497688 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-04-10 10:00:56 FA64733BD65F52712F0545F56FDB4BE6 112640 ----a-w- C:\Windows\Sysnative\smss.exe 2013-04-10 10:00:56 48C41EE4E694E72235CBC57551A239EF 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll 2013-02-14 16:55:02 C5097B45DE21ADF2469B69DFC64DCE55 424960 ----a-w- C:\Windows\Sysnative\KernelBase.dll 2013-02-14 16:55:02 865C5A432F2855F0669DCE66547CC237 362496 ----a-w- C:\Windows\Sysnative\wow64win.dll 2013-02-14 16:55:02 7EB88F63D424832B774E24458DCE2049 338432 ----a-w- C:\Windows\Sysnative\conhost.exe 2013-02-14 16:55:02 43DB3433F141F01E53D1C5AA0F434098 1161216 ----a-w- C:\Windows\Sysnative\kernel32.dll 2013-02-14 16:55:02 3FB74FF230B5D240A57AE1C4A3D0459D 215040 ----a-w- C:\Windows\Sysnative\winsrv.dll 2013-02-14 16:55:01 3CEE7783176FA7BED592E4C14BDE241E 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2013-02-14 16:55:01 28C7B5FB4C0E8F8289B6490C90B73256 16384 ----a-w- C:\Windows\Sysnative\ntvdm64.dll 2013-02-14 16:55:01 0060718115F3590EACEB860DFFE95A0C 243200 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-01-12 09:32:14 ABB515748212F8B5D3A9B07041E97B32 751104 ----a-w- C:\Windows\Sysnative\win32spl.dll 2013-01-10 16:46:17 BD5153969C41F697E23B9A43EF9228CE 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2013-01-10 16:46:11 E2D60E901428A72BB47931C938A1ED95 307200 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2013-01-10 16:45:53 7C02AD2F4BEF1D5C51CB9B402AB3603F 2001408 ----a-w- C:\Windows\Sysnative\msxml6.dll 2013-01-10 16:45:52 61B2873C02ECBF86CD6455A40F24CE33 1880064 ----a-w- C:\Windows\Sysnative\msxml3.dll 2013-01-10 16:45:23 F75B4EBB49D8A96706E8A4E8CE8F1B65 46592 ----a-w- C:\Windows\Sysnative\fpb.rs 2013-01-10 16:45:23 B674CE568FCA178E8A2E101969C0E369 43520 ----a-w- C:\Windows\Sysnative\csrr.rs 2013-01-10 16:45:23 B3EE986BDDE4146CB08BB636F82AF934 30720 ----a-w- C:\Windows\Sysnative\usk.rs 2013-01-10 16:45:23 5EEEB924A58BAA2E45737B5391DD1BDB 21504 ----a-w- C:\Windows\Sysnative\grb.rs 2013-01-10 16:45:23 5101B65E49D0A1C84FAF87B40E148BA7 15360 ----a-w- C:\Windows\Sysnative\djctq.rs 2013-01-10 16:45:23 4447ED2DC09666C53F850F7DA78FCDC5 45568 ----a-w- C:\Windows\Sysnative\oflc-nz.rs 2013-01-10 16:45:23 037ED169ED7FE62E7071D5A923FC545A 44544 ----a-w- C:\Windows\Sysnative\pegibbfc.rs 2013-01-10 16:45:23 029A882C47B428AD51874706C04F3BAA 40960 ----a-w- C:\Windows\Sysnative\cob-au.rs 2013-01-10 16:45:22 22ADB8C1A4ED2EAF1265A220D9125E98 20480 ----a-w- C:\Windows\Sysnative\pegi.rs 2013-01-10 16:45:21 C91FABAA63C489C874B97A19906E901C 2745856 ----a-w- C:\Windows\Sysnative\gameux.dll 2013-01-10 16:45:21 B2EFEBFB865CC5821537B02CFBC3CD41 20480 ----a-w- C:\Windows\Sysnative\pegi-pt.rs 2013-01-10 16:45:21 770DF05455820D51C2BF08E92AA1834E 441856 ----a-w- C:\Windows\Sysnative\Wpc.dll 2013-01-10 16:45:20 E7CB3C42BF16BA4C0369997EA1A57C0B 20480 ----a-w- C:\Windows\Sysnative\pegi-fi.rs 2013-01-10 16:45:20 788ABB9626B1D834198CAB7B05E4879D 51712 ----a-w- C:\Windows\Sysnative\esrb.rs 2013-01-10 16:45:19 E97CA61E05CB2AD42B0531DF5D8B2F26 55296 ----a-w- C:\Windows\Sysnative\cero.rs 2013-01-10 16:45:19 B496C1597F765077D3F35BB95594DFE2 23552 ----a-w- C:\Windows\Sysnative\oflc.rs 2013-01-10 16:44:55 2E5F7B5D25063C07A39A87D1B1295E35 420032 ----a-w- C:\Windows\Sysnative\locale.nls 2012-12-21 20:03:55 94094E8FE42319471D3845485EEA66FF 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll 2012-12-21 20:03:55 778D7DFD114A300E79496291FDB9169F 367616 ----a-w- C:\Windows\Sysnative\atmfd.dll 2012-12-13 11:50:38 560A0D9DD7F2A6ADCAA6099D2ED4991E 6112864 ----a-w- C:\Windows\Sysnative\usbaaplrc.dll 2012-12-12 17:24:20 29C9C38E15F775C94FE0D53CBBAE958E 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2012-12-12 17:22:30 20208A6B30D214D94280D189891D2C20 478208 ----a-w- C:\Windows\Sysnative\dpnet.dll 2012-11-15 17:11:02 51DFBD18A435BAEC1F71A692373ECE4F 9728 ----a-w- C:\Windows\Sysnative\Wdfres.dll 2012-11-15 17:03:05 B20F051B03A966392364C83F009F7D17 84992 ----a-w- C:\Windows\Sysnative\WUDFSvc.dll 2012-11-15 17:03:05 B1DF2D87DC8BF6072699AC8301B37796 194048 ----a-w- C:\Windows\Sysnative\WUDFPlatform.dll 2012-11-15 17:03:03 F1617F1014D51987D517A4C37A7C733B 45056 ----a-w- C:\Windows\Sysnative\WUDFCoinstaller.dll 2012-11-15 17:03:03 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\Sysnative\WUDFHost.exe 2012-11-15 17:03:03 25AE683DCB4AE7E6F1B193A0CB9DB35F 744448 ----a-w- C:\Windows\Sysnative\WUDFx.dll 2012-11-14 20:07:58 288D1B3F5D094BBE05F9BD19FAA0C2B9 95744 ----a-w- C:\Windows\Sysnative\synceng.dll 2012-10-10 15:58:02 987508ED06FC097E754A91BA8A8AAD0E 220160 ----a-w- C:\Windows\Sysnative\wintrust.dll 2012-10-10 15:57:54 00B40A10E3DB79E4D3E127B9C2233A6B 714752 ----a-w- C:\Windows\Sysnative\kerberos.dll 2012-10-10 15:57:48 D256EB74BF77026FC9A3D7193861C7AD 1462784 ----a-w- C:\Windows\Sysnative\crypt32.dll 2012-10-10 15:57:48 BAF19B633933A9FB4883D27D66C39E9A 182272 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2012-10-10 15:57:48 4FAC55936209B4F3EB78532181C9ED5E 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2012-09-13 16:38:42 BBBFCAAFF051861376AC0F26BB3A0B10 574464 ----a-w- C:\Windows\Sysnative\d3d10level9.dll 2012-08-15 18:35:34 8CFACC72081C21519676BF4AAA1A88A9 956416 ----a-w- C:\Windows\Sysnative\localspl.dll 2012-08-15 07:04:21 FE500E1CCD1D373153D9009A98A774EE 850944 ----a-w- C:\Windows\Sysnative\jscript.dll 2012-08-15 07:04:21 85978B3BCB808EA9C89AA6D2BEB9E901 609792 ----a-w- C:\Windows\Sysnative\vbscript.dll 2012-08-15 07:04:20 6B054C67AAA87843504E8E3C09102009 136704 ----a-w- C:\Windows\Sysnative\browser.dll 2012-08-15 07:04:20 3C27B50BC43D5FED43081A784DD17190 73216 ----a-w- C:\Windows\Sysnative\netapi32.dll 2012-08-15 07:04:20 14C6A59904D397C6D85DADA9ACBB6FAB 58880 ----a-w- C:\Windows\Sysnative\browcli.dll 2012-08-15 07:04:19 DCEA339392BFE02ADBF61BB0D5877A68 503808 ----a-w- C:\Windows\Sysnative\srcore.dll 2012-08-15 07:04:17 567977DC43CC13C4C35ED7084C0B84D5 559104 ----a-w- C:\Windows\Sysnative\spoolsv.exe 2012-07-12 17:09:39 48CC125A6AB6C72A13E3D3E9C39AD9D9 14165504 ----a-w- C:\Windows\Sysnative\shell32.dll 2012-07-12 17:09:35 90B780886BD813882CB382FF3E90E092 340992 ----a-w- C:\Windows\Sysnative\schannel.dll 2012-07-05 14:13:26 5C7B8533FEC9E65368D14965EC4C9D8A 125872 ----a-w- C:\Windows\Sysnative\GEARAspi64.dll 2012-06-19 14:19:53 D9EF901DCA379CFE914E9FA13B73B4C4 2428952 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2012-06-19 14:19:53 C1C03EA437EDDA8A7D4D8786E5AE6751 57880 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2012-06-19 14:19:53 7FE0D0C8F53735EA17C9AE93EFE7AD5A 44056 ----a-w- C:\Windows\Sysnative\wups2.dll 2012-06-19 14:19:53 50EBD31C3527366FAFA468BD609F7352 2622464 ----a-w- C:\Windows\Sysnative\wucltux.dll 2012-06-19 14:19:32 E746ED90132C6B6313CE9179F56BD31D 38424 ----a-w- C:\Windows\Sysnative\wups.dll 2012-06-19 14:19:32 C47F35CC6FA4F1BDBEF8F87AC1A46537 701976 ----a-w- C:\Windows\Sysnative\wuapi.dll 2012-06-19 14:19:32 4AA6AA52A16EED6481E83D73EED4C8D5 99840 ----a-w- C:\Windows\Sysnative\wudriver.dll 2012-06-19 14:19:17 FF0729002E081668620A681182D63FE6 36864 ----a-w- C:\Windows\Sysnative\wuapp.exe 2012-06-19 14:19:17 3E38C20AC83B01C45723B63B0F7A8FDC 186752 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2012-06-14 13:38:08 9EF7AB9BB355F6D5253A29C91FE31AA0 9216 ----a-w- C:\Windows\Sysnative\rdrmemptylst.exe 2012-06-14 13:38:08 871729545BE131CD049D34D461F25154 149504 ----a-w- C:\Windows\Sysnative\rdpcorekmts.dll 2012-06-14 13:38:08 7F61ED98AD2D06402FD5DE9CF2DF4972 76288 ----a-w- C:\Windows\Sysnative\rdpwsx.dll 2012-06-14 13:38:07 97293447431311C06703368AD0F6C4BE 208896 ----a-w- C:\Windows\Sysnative\profsvc.dll 2012-06-14 13:37:56 599EBE6C7EA52B5FF9603F203E8EC080 3213824 ----a-w- C:\Windows\Sysnative\msi.dll 2012-05-12 15:22:27 E9FD4DA5188391ECD30E6C29213EABF0 1541120 ----a-w- C:\Windows\Sysnative\DWrite.dll 2012-05-12 15:22:27 AFBBC34687FA48A4928B99AF097C1EC0 320512 ----a-w- C:\Windows\Sysnative\d3d10_1core.dll 2012-05-12 15:22:27 0CCA9F023E7DC078D7CFBF024655AB7F 1837568 ----a-w- C:\Windows\Sysnative\d3d10warp.dll 2012-05-12 15:22:26 7FA5CA36B613A000F3A37E6B5170A195 902656 ----a-w- C:\Windows\Sysnative\d2d1.dll 2012-05-12 15:22:26 58A0C212ED2ABE462B3A9626F5B96261 197120 ----a-w- C:\Windows\Sysnative\d3d10_1.dll 2012-04-14 17:15:24 76DC9F4FE66BC3867615F142766B4C50 5120 ----a-w- C:\Windows\Sysnative\wmi.dll 2012-04-14 17:15:24 15A54626213EBF003F7D4C9D8380A656 80896 ----a-w- C:\Windows\Sysnative\imagehlp.dll 2012-03-13 17:11:35 781FB7CEAFD63F05820FE007074743FE 1031680 ----a-w- C:\Windows\Sysnative\rdpcore.dll 2012-02-16 15:58:17 5F917AEEEA363B8A5DC8624795CB1D60 509952 ----a-w- C:\Windows\Sysnative\ntshrui.dll 2012-02-16 15:58:16 18245DC72B65D488A8B2D75A8FE088EA 515584 ----a-w- C:\Windows\Sysnative\timedate.cpl 2012-02-16 15:58:08 579F6AFC6A6561951FA2202EFC3FE485 634368 ----a-w- C:\Windows\Sysnative\msvcrt.dll 2012-01-26 15:55:48 BFA69408620587AFDEC2E8C12CA60492 1446912 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2012-01-26 15:55:47 74A0871810BF0F2AA3EB6681E9BECDD3 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2012-01-26 15:55:47 68EA2513CA68AD8F741FF4F5B8D8590C 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2012-01-26 15:55:47 2196CDBFA4B99BEEDAE300FA21DFE718 395776 ----a-w- C:\Windows\Sysnative\webio.dll 2012-01-26 15:55:47 1F582C6C84D5243692F9C3E04D0A663F 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll 2012-01-26 15:55:47 156F6159457D0AA7E59B62681B56EB90 31232 ----a-w- C:\Windows\Sysnative\lsass.exe 2012-01-11 15:53:58 410F2A22672B81EF45DCB4957876D280 366592 ----a-w- C:\Windows\Sysnative\qdvd.dll 2012-01-11 15:53:58 0D416B3476EC484DB2C0594E80EA7FCE 1572864 ----a-w- C:\Windows\Sysnative\quartz.dll 2012-01-11 15:53:56 68DB778AC4FD7896CE2F153353BA15C8 1739160 ----a-w- C:\Windows\Sysnative\ntdll.dll 2012-01-11 15:53:55 1DB85DC262301775F22F3AE1D5DB4A12 77312 ----a-w- C:\Windows\Sysnative\packager.dll 2011-12-19 18:01:42 19F3C0A5AD1C3577BD02F44F6AA5C0C2 723456 ----a-w- C:\Windows\Sysnative\EncDec.dll 2011-10-13 17:28:35 9FB80AA3B0B89C0CCC47D1E4A8EAA671 613888 ----a-w- C:\Windows\Sysnative\psisdecd.dll 2011-10-13 17:28:35 8D0F6554FBBE5301D1A070155B52CA18 108032 ----a-w- C:\Windows\Sysnative\psisrndr.ax 2011-10-13 17:28:34 AF28348ED585539C4A33A4341FF23696 331776 ----a-w- C:\Windows\Sysnative\oleacc.dll 2011-10-13 17:28:34 8548B6BBB23D09C7F681E5051F462CDC 75776 ----a-w- C:\Windows\Sysnative\MSDvbNP.ax 2011-10-13 17:28:34 80DF4A72955A0ABE9DC933B3A05D3B1E 288256 ----a-w- C:\Windows\Sysnative\MSNP.ax 2011-10-13 17:28:34 527884A572BCA7BEED52DE2895753F8E 104960 ----a-w- C:\Windows\Sysnative\Mpeg2Data.ax 2011-10-13 17:28:34 2A46451EE42BCD2C842D8AA4923FAC16 861184 ----a-w- C:\Windows\Sysnative\oleaut32.dll 2011-08-15 16:47:54 39F91A948E6017B732C4A0B3086A8E32 199680 ----a-w- C:\Windows\Sysnative\xmllite.dll 2011-08-15 16:47:52 EC4EA3127051124EA79940092E52A926 163840 ----a-w- C:\Windows\Sysnative\odbccp32.dll 2011-08-15 16:47:52 90DA062393D382CB886618C5CBF106C6 106496 ----a-w- C:\Windows\Sysnative\odbccr32.dll 2011-08-15 16:47:52 45129BA1D420E9A5E0061B30B3267749 106496 ----a-w- C:\Windows\Sysnative\odbccu32.dll 2011-08-15 16:47:52 1726EDAFB6F7432F48F46EEAAEF37EF2 212992 ----a-w- C:\Windows\Sysnative\odbctrac.dll 2011-08-07 16:42:48 2C64AF297F12582BD95D7D94C18E464C 2566144 ----a-w- C:\Windows\Sysnative\esent.dll 2011-08-07 16:42:47 5A52FC2FD379C9F61CCF3A340E9B9B75 96768 ----a-w- C:\Windows\Sysnative\fsutil.exe 2011-07-11 15:12:02 C324594634A19031932A63FFD8F1267E 976896 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2011-07-10 14:59:30 98B1721B8718164293B9701B98C52D77 404992 ----a-w- C:\Windows\Sysnative\umpnpmgr.dll 2011-07-10 14:59:28 F8F532C7509C3238C9827BAE861A48D7 2326016 ----a-w- C:\Windows\Sysnative\tquery.dll 2011-07-10 14:59:28 BA4A19DE93FBDFE6DB5F0EBC99732A06 2228224 ----a-w- C:\Windows\Sysnative\mssrch.dll 2011-07-10 14:59:27 8CD2A697B18069A62A035E756E51E934 593408 ----a-w- C:\Windows\Sysnative\SearchIndexer.exe 2011-07-10 14:59:27 58FAE29A82984E817BBA70D0144E52ED 491520 ----a-w- C:\Windows\Sysnative\mssph.dll 2011-07-10 14:59:26 F024058C391B99397EC3CCF6F77B7189 113664 ----a-w- C:\Windows\Sysnative\SearchFilterHost.exe 2011-07-10 14:59:26 E664AA9BF3591C6DECD44C8878E56AFB 75264 ----a-w- C:\Windows\Sysnative\msscntrs.dll 2011-07-10 14:59:26 CC8DF7634245FED12F087366B4E39D63 779264 ----a-w- C:\Windows\Sysnative\mssvp.dll 2011-07-10 14:59:26 BDDCD13F341CBA21775FF66A5C27F59E 249856 ----a-w- C:\Windows\Sysnative\SearchProtocolHost.exe 2011-07-10 14:59:26 512D141E8B0652A01B113DBED92D6913 288256 ----a-w- C:\Windows\Sysnative\mssphtb.dll 2011-07-03 18:28:50 B739C423276AE62D7AC91773226EC13B 523088 ----a-w- C:\Windows\Sysnative\d3dx10_42.dll 2011-07-03 18:26:19 4E0D5171F83328986374EEBC975C1F3C 1164800 ----a-w- C:\Windows\Sysnative\UIRibbonRes.dll 2011-07-03 18:26:19 36D9DA8558A2FD9EEADD8F0002BB9251 3860992 ----a-w- C:\Windows\Sysnative\UIRibbon.dll 2011-06-23 19:32:32 BC00505CFDA789ED3BE95D2FF38C4875 1133568 ----a-w- C:\Windows\Sysnative\FntCache.dll 2011-06-23 19:32:31 49C048EE13EE138B71295C4369F4EE97 229888 ----a-w- C:\Windows\Sysnative\XpsRasterService.dll 2011-06-23 19:32:31 1C27E145EC99F20BC1B13FD98165A83F 1863680 ----a-w- C:\Windows\Sysnative\ExplorerFrame.dll 2011-06-23 19:32:30 100BDF2F89D6056CEE900BB6156DA737 144384 ----a-w- C:\Windows\Sysnative\cdd.dll 2011-05-19 18:31:44 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\Sysnative\poqexec.exe 2011-05-17 10:53:43 DD1BAE8EBFC653824D29CCF8C9054D68 367104 ----a-w- C:\Windows\Sysnative\wcncsvc.dll 2011-05-17 10:43:02 6E43D76602F8D254B00451E7674DAE3C 257024 ----a-w- C:\Windows\Sysnative\mfreadwrite.dll 2011-05-17 10:43:02 42CBAAF98D660FA78074382CF5AF3A05 1888256 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2011-05-17 10:43:02 14A10BD45A18C6C71CDD1F38F9061953 206848 ----a-w- C:\Windows\Sysnative\mfps.dll 2011-05-17 10:43:01 7FD58BA8562948EE374E2513C6771EF9 4068864 ----a-w- C:\Windows\Sysnative\mf.dll 2011-05-17 10:40:35 DCA862F9796BBF621DB12768978DBBA6 86054176 ----a-w- C:\Windows\Sysnative\MRT.exe 2011-05-17 10:39:33 E60BB0CDC5EA153F6D24C51AAD4A73FD 320352 ----a-w- C:\Windows\Sysnative\PresentationHost.exe 2011-05-17 10:39:33 CF27F49978FB0B47E6DC0B81651F463C 48960 ----a-w- C:\Windows\Sysnative\netfxperf.dll 2011-05-17 10:39:33 C675076B247D97A427014D461CDA0039 109912 ----a-w- C:\Windows\Sysnative\PresentationHostProxy.dll 2011-05-17 10:39:33 767EE8126468D91C5119F25714D78DAF 1942856 ----a-w- C:\Windows\Sysnative\dfshim.dll 2011-05-17 10:39:33 72AB6633E9B39EC7FEBEDF083A9061E5 444752 ----a-w- C:\Windows\Sysnative\mscoree.dll 2011-05-17 10:39:18 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\Sysnative\browserchoice.exe 2011-05-17 10:34:45 DD37622A478EDFE1D43DF561A19C02DD 1024512 ----a-w- C:\Windows\Sysnative\wmpmde.dll 2011-05-17 10:34:32 D5CF05A4D348257AC60DA02942E6FA2C 552960 ----a-w- C:\Windows\Sysnative\msdri.dll 2011-05-17 10:34:15 2527A7358DFECE25E45894DBAE733B36 662528 ----a-w- C:\Windows\Sysnative\XpsPrint.dll 2011-05-17 10:34:06 9E29BC11A70165635CC10D42E64CFEE1 264192 ----a-w- C:\Windows\Sysnative\upnp.dll 2011-05-17 10:34:05 B7213E92B270761B88B313B62BA0E13B 15360 ----a-w- C:\Windows\Sysnative\slwga.dll 2011-05-17 10:34:05 8F9F3969933C02DA96EB0F84576DB43E 97280 ----a-w- C:\Windows\Sysnative\wscsvc.dll 2011-05-17 10:34:05 85409DCE247D97E4D6958B7C5916BE4A 62976 ----a-w- C:\Windows\Sysnative\wscapi.dll 2011-05-17 10:34:05 73A1430ABA9119A2C25892EF9C3CB7A1 100864 ----a-w- C:\Windows\Sysnative\davclnt.dll 2011-05-17 10:34:05 733006127F235BE7C35354EBEE7B9A7B 258048 ----a-w- C:\Windows\Sysnative\WebClnt.dll 2011-05-17 10:34:05 0BF0C2A72F2CB0BA4382C392D3E331AF 442880 ----a-w- C:\Windows\Sysnative\winhttp.dll 2011-05-17 10:34:03 E247E7DEB20C0CF0801A8AC39E9CE1DF 356352 ----a-w- C:\Windows\Sysnative\dnsapi.dll 2011-05-17 10:34:03 85CF424C74A1D5EC33533E1DBFF9920A 182272 ----a-w- C:\Windows\Sysnative\dnsrslvr.dll 2011-05-17 10:34:03 400C6E84E0E9CD209D32993D599AECC9 30208 ----a-w- C:\Windows\Sysnative\dnscacheugc.exe 2011-05-17 10:34:02 DC57BAF15064ECB79F6D2CCF352E1D88 1169408 ----a-w- C:\Windows\Sysnative\taskschd.dll 2011-05-17 10:34:02 624D0F5FF99428BB90A5B8A4123E918E 1114624 ----a-w- C:\Windows\Sysnative\schedsvc.dll 2011-05-17 10:34:02 60CAE1FA4888ED41B41AEE91C774E4A2 464384 ----a-w- C:\Windows\Sysnative\taskeng.exe 2011-05-17 10:34:01 F16174C9FD5AB31998FDFBE1F5F843CE 285696 ----a-w- C:\Windows\Sysnative\schtasks.exe 2011-05-17 10:34:01 B4ED6376DB9BD6FF8B108F37DDAB1C90 524288 ----a-w- C:\Windows\Sysnative\wmicmiplugin.dll 2011-05-17 10:34:01 1B547066D0A6CD40EB3BAAC6A9C7E7A9 473600 ----a-w- C:\Windows\Sysnative\taskcomp.dll 2011-05-17 10:33:58 22402336BA13926CFC968B99F9FB29E9 961024 ----a-w- C:\Windows\Sysnative\CPFilters.dll 2011-05-17 10:33:57 41E4E0E91C84421891F13BE8D4947ECD 1118720 ----a-w- C:\Windows\Sysnative\sbe.dll 2011-05-17 10:33:57 0F1FA9A4D9E1EDDAAB84EEEEDA193CD0 259072 ----a-w- C:\Windows\Sysnative\mpg2splt.ax 2011-05-17 10:33:53 AC8F79017C5C1FB316930EDEAD0AF517 2085376 ----a-w- C:\Windows\Sysnative\ole32.dll 2011-05-17 10:33:50 38DD38CAB61CC73D1415C4508FDC84BF 518160 ----a-w- C:\Windows\Sysnative\winresume.exe 2011-05-17 10:33:50 09DD82F21499682086554C054676F08C 603976 ----a-w- C:\Windows\Sysnative\winload.exe 2011-05-17 10:33:49 F413DF1D84E4CE2546790D9B9A50ADAB 17792 ----a-w- C:\Windows\Sysnative\kdcom.dll 2011-05-17 10:33:49 6A9591A2E07B7AF1015587592EF27119 19328 ----a-w- C:\Windows\Sysnative\kd1394.dll 2011-05-17 10:33:49 518C752AFDCA13B15B74562E713DD2FF 640896 ----a-w- C:\Windows\Sysnative\winload.efi 2011-05-17 10:33:49 4A17F9694236912ED39B69ED5FB6943E 556928 ----a-w- C:\Windows\Sysnative\winresume.efi 2011-05-17 10:33:49 390078DB867BD5AF896118B6823C4C0C 20352 ----a-w- C:\Windows\Sysnative\kdusb.dll 2011-05-17 10:33:47 B132CA7D385E6D2C08D09DA88AF7CAD5 1395712 ----a-w- C:\Windows\Sysnative\mfc42.dll 2011-05-17 10:33:47 0ABCA5A037A8B4D744991544B286D847 1359872 ----a-w- C:\Windows\Sysnative\mfc42u.dll 2011-05-17 10:33:24 41A174FB5EF67FE0EB6A07E10C46C270 476160 ----a-w- C:\Windows\Sysnative\XpsGdiConverter.dll 2011-05-17 10:33:23 BC052EFAD10ACA1AD69545B629F50D99 633856 ----a-w- C:\Windows\Sysnative\comctl32.dll 2011-05-17 10:33:21 C011B0E948B5583756C7DA27BE44942B 148992 ----a-w- C:\Windows\Sysnative\t2embed.dll 2011-05-17 10:33:17 9C64D5C8A624F506C87E7A4A8682A322 31232 ----a-w- C:\Windows\Sysnative\prevhost.exe 2011-05-17 10:33:16 0464F91951FF74105B13921AFCE40413 483840 ----a-w- C:\Windows\Sysnative\StructuredQuery.dll 2011-05-17 10:33:11 DFF4993094A11275601E7ADBF1D1BD25 720896 ----a-w- C:\Windows\Sysnative\odbc32.dll 2011-05-17 10:33:05 3DEBA83ECDAF6ED2E72430D238803117 14627840 ----a-w- C:\Windows\Sysnative\wmp.dll 2011-05-17 10:33:03 550BF4ACD6FC3F41DC5A83EF31B9F9B4 12625920 ----a-w- C:\Windows\Sysnative\wmploc.DLL 2011-05-17 10:23:27 D32EE82DA63D39D337D5AEEA2928B1DE 112000 ----a-w- C:\Windows\Sysnative\consent.exe 2011-05-17 10:18:33 5E115854DA4767CF8071F76211DDAC06 1097216 ----a-w- C:\Windows\Sysnative\mstsc.exe 2011-05-17 10:18:32 81F1D04D4D0E433099365127375FD501 236032 ----a-w- C:\Windows\Sysnative\srvsvc.dll 2011-05-17 10:18:32 07A1A44102734F8A79A7C7712CD64160 267776 ----a-w- C:\Windows\Sysnative\FXSCOVER.exe 2011-05-17 09:46:19 A4DDFE5DC4E73D1FED9B1B3A3D885612 4398360 ----a-w- C:\Windows\Sysnative\d3dx9_32.dll 2011-03-28 19:11:06 7DBA64AD70C2E2481C68D9E0F7CD7840 252800 ----a-w- C:\Windows\Sysnative\LIVESSP.DLL 2011-02-19 20:51:56 FBC74A6A0F47EE958EB800FF95B5CF44 63824 ----a-w- C:\Windows\Sysnative\mfc100esn.dll 2011-02-19 20:51:56 F07B4E23ACD59EBB95E95D79378FEB5C 36176 ----a-w- C:\Windows\Sysnative\mfc100chs.dll 2011-02-19 20:51:56 E513D681B3E763D0E44653041C129317 93008 ----a-w- C:\Windows\Sysnative\mfcm100u.dll 2011-02-19 20:51:56 94C963DCAA1BF515B57205716E485FD7 64336 ----a-w- C:\Windows\Sysnative\mfc100fra.dll 2011-02-19 20:51:56 9256FEC63B2AC302CFBCA3D186B00807 93008 ----a-w- C:\Windows\Sysnative\mfcm100.dll 2011-02-19 20:51:56 91D051930E1AC33FBD9014FF3CB9B5BD 55120 ----a-w- C:\Windows\Sysnative\mfc100enu.dll 2011-02-19 20:51:56 91377116A916085C1DB20F46A4EBC9D2 60752 ----a-w- C:\Windows\Sysnative\mfc100rus.dll 2011-02-19 20:51:56 76168DD534E0ADF0F30F0CA809525FCE 5601616 ----a-w- C:\Windows\Sysnative\mfc100u.dll 2011-02-19 20:51:56 5F4342C36142C4BC8736776283089A58 5574472 ----a-w- C:\Windows\Sysnative\mfc100.dll 2011-02-19 20:51:56 5A55E3E6F53592F8170623DEFA2B7954 158536 ----a-w- C:\Windows\Sysnative\atl100.dll 2011-02-19 20:51:56 4F096D96285E06CD51AEF7D2D3DE04DA 608080 ----a-w- C:\Windows\Sysnative\msvcp100.dll 2011-02-19 20:51:56 3B66B408FF3AF1CCB25E096ABA23611A 57168 ----a-w- C:\Windows\Sysnative\vcomp100.dll 2011-02-19 20:51:56 317606B89047093DF45A157F254E5560 43344 ----a-w- C:\Windows\Sysnative\mfc100kor.dll 2011-02-19 20:51:56 2DE6ABB69969C76510AEC9C072CFB65F 43856 ----a-w- C:\Windows\Sysnative\mfc100jpn.dll 2011-02-19 20:51:56 051237D05D8979B51CE1B0442CA61020 62288 ----a-w- C:\Windows\Sysnative\mfc100ita.dll 2011-02-19 20:51:56 04F4B38C1DC37003C42D29FE405825B3 36176 ----a-w- C:\Windows\Sysnative\mfc100cht.dll 2011-02-19 20:51:56 008D45F7BD304EEDCB107D4C58FCE959 64336 ----a-w- C:\Windows\Sysnative\mfc100deu.dll 2011-02-18 22:52:32 DF3CA8D16BDED6A54977B30E66864D33 829264 ----a-w- C:\Windows\Sysnative\msvcr100.dll 2010-10-27 21:01:37 F5A61F0A0030C80DF319B0C14A4C8885 52224 ----a-w- C:\Windows\Sysnative\rtutils.dll 2010-10-27 20:53:42 15EE685FB3C75B74B64EDE541BAE3E1F 3116 ----a-w- C:\Windows\Sysnative\wimfltr.inf 2010-10-27 20:53:09 EF70AE20A6D32AB7656ECA3E1CC593DB 1308 ----a-w- C:\Windows\Sysnative\ServiceFilter.ini 2010-10-27 20:53:09 9DA629EB26A43DAA1A3F105ED852B69E 1906 ----a-w- C:\Windows\Sysnative\AutoRunFilter.ini 2010-10-27 20:53:09 8A18A6FA701419BCE2498DAEEEE1E2D5 80 ----a-w- C:\Windows\Sysnative\Defrag.ini 2010-10-27 20:53:09 7574F6C8435D938D76BDFE3265D7CEDD 15 ----a-w- C:\Windows\Sysnative\BootTime.ini 2010-10-27 20:53:09 73A2697CA0CDB9936B5FAAF28BAC975F 105 ----a-w- C:\Windows\Sysnative\FastBoot.ini 2010-10-27 20:53:09 734D1BA96BE6AD8D04E6AFEAD569EA8A 379520 ----a-w- C:\Windows\Sysnative\FBAgent.exe 2010-10-27 20:53:09 52381FDE432424AD640A0CADD6ECF35D 52 ----a-w- C:\Windows\Sysnative\RemoveFont.ini 2010-10-27 20:45:36 1A887201DE3C7FB950F63B14BD71421C 15850 ----a-w- C:\Windows\Sysnative\results.xml 2010-10-27 20:43:11 229350359B08CB1C0F7BE4E80B42AC4C 84992 ----a-w- C:\Windows\Sysnative\asycfilt.dll 2010-10-27 20:34:50 30ED95B657B3C72C0A2A95D2422CCA95 139264 ----a-w- C:\Windows\Sysnative\cabview.dll 2010-10-27 20:26:35 F69E35AF06BA0C06DD80ACA358A16A1C 54272 ----a-w- C:\Windows\Sysnative\iyuv_32.dll 2010-10-27 20:26:35 E15EC9FE76B666197ED53D4CB8E05665 14848 ----a-w- C:\Windows\Sysnative\tsbyuv.dll 2010-10-27 20:26:35 BA3F885C69EA136ADA34E3B3BE71FC9E 38912 ----a-w- C:\Windows\Sysnative\msvidc32.dll 2010-10-27 20:26:35 1EAACB451EA762E54475342F04D56110 16384 ----a-w- C:\Windows\Sysnative\msrle32.dll 2010-10-27 20:26:35 104D9E6A1FD65CE0CD5BF964A87106F2 25088 ----a-w- C:\Windows\Sysnative\msyuv.dll 2010-10-27 20:20:37 CB1C37CFC3AE88569319D3790414E87D 357888 ----a-w- C:\Windows\Sysnative\RMActivate_isv.exe 2010-10-27 20:20:37 A28DB83F71A9E49038F342A79F0437E5 305152 ----a-w- C:\Windows\Sysnative\RMActivate_ssp_isv.exe 2010-10-27 20:20:37 591EFA2E9BDC76881F2B30A22025A140 306688 ----a-w- C:\Windows\Sysnative\RMActivate_ssp.exe 2010-10-27 20:20:37 4FC4794D55CE892DA9479D0B4FFE2C72 424960 ----a-w- C:\Windows\Sysnative\secproc.dll 2010-10-27 20:20:37 4C128CB7DEFC820F8EA53C92A0E7EB14 121856 ----a-w- C:\Windows\Sysnative\secproc_ssp.dll 2010-10-27 20:20:37 48B0579A75D80BFC21FAA38C0048C581 121856 ----a-w- C:\Windows\Sysnative\secproc_ssp_isv.dll 2010-10-27 20:20:37 30B7370636544F4626DF9F58B3AC4FF4 356352 ----a-w- C:\Windows\Sysnative\RMActivate.exe 2010-10-27 20:20:37 08558911C88AD478A54079D4127FA3D9 422912 ----a-w- C:\Windows\Sysnative\secproc_isv.dll 2010-10-27 20:19:33 C542FB06AD6FFE57328E300B8701D99F 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll 2010-10-27 20:13:02 FA4DB05923DDDEDE3196ABD09AE0F1E9 311808 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2010-10-27 20:12:01 98FB7DD3B28A92E3C0E5B4BD9D63EF01 46592 ----a-w- C:\Windows\Sysnative\msasn1.dll 2010-10-27 20:09:51 522BD073F617060AFCB9CC5707778DB1 1975296 ----a-w- C:\Windows\Sysnative\CertEnroll.dll 2010-08-30 16:35:55 4E8F2BB3A5A87E75C35533723B50E685 385 ----a-w- C:\Windows\Sysnative\user_gensett.xml 2010-08-30 16:34:39 4DA5DA193E0E4F86F6F8FD43EF25329A 1721576 ----a-w- C:\Windows\Sysnative\WdfCoInstaller01009.dll ====== C:\Windows\Sysnative\drivers ===== 2014-02-08 17:17:39 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2013-09-04 07:48:30 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys 2013-04-24 15:47:08 9A6089B056EA1B83B36424FC9D0A300E 1653096 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2013-04-10 10:01:00 1F44F8559E61A8306ECC67BB1E168B7C 223752 ----a-w- C:\Windows\Sysnative\drivers\fvevol.sys 2013-03-30 14:06:50 EF45DCE7B2BED36C566EAC743EAE66A4 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys 2013-02-14 16:54:59 5CFB7AB8F9524D1A1E14369DE63B83CC 1893224 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-02-14 16:54:59 2FFDCD3E5ABAC88C3C193F3AC3360ED9 287576 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2012-12-13 11:50:36 C9E9D59C0099A9FF51697E9306A44240 54784 ----a-w- C:\Windows\Sysnative\drivers\usbaapl64.sys 2012-12-12 17:22:29 9E425AC5C9A5A973273D169F43B4F5E1 295792 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2012-11-15 17:11:04 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf 2012-11-15 17:11:02 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\Sysnative\drivers\WdfLdr.sys 2012-11-15 17:11:02 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\Sysnative\drivers\Wdf01000.sys 2012-11-15 17:03:05 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2012-11-15 17:03:05 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2012-11-15 17:03:03 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2012-08-02 15:17:39 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2012-07-12 17:09:35 CA7720B73446FDDEC5C69519C1174C98 459216 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2012-07-12 17:09:35 6F40465A44ECDC1731BEFAFEC5BDD03C 152432 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2012-07-12 17:09:35 4F4B5FDE429416877DE7143044582EB5 95088 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2012-06-20 08:05:41 07DA62C960DDCCC2D35836AEAB4FC578 48488 ----a-w- C:\Windows\Sysnative\drivers\fssfltr.sys 2012-06-14 13:37:57 447DE7E3DEA39D422C1504F245B668B1 204800 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2012-05-12 15:22:03 90061B1ACFE8CCAA5345750FFE08D8B8 75632 ----a-w- C:\Windows\Sysnative\drivers\partmgr.sys 2012-04-14 17:15:24 D3E3F93D67821A2DB2B3D9FAC2DC2064 22896 ----a-w- C:\Windows\Sysnative\drivers\fs_rec.sys 2012-03-13 17:11:35 7518F7BCFD4B308ABC9192BACAF6C970 23552 ----a-w- C:\Windows\Sysnative\drivers\tdtcp.sys 2012-02-16 15:58:11 DB9D6C6B2CD95A9CA414D045B627422E 499200 ----a-w- C:\Windows\Sysnative\drivers\afd.sys 2011-08-15 16:47:50 F0067552F8F9B33D7C59403AB808A3CB 287744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2011-08-07 16:42:58 F1BB1E55F1E7A65C5839CCC7B36D773E 25600 ----a-w- C:\Windows\Sysnative\drivers\usbohci.sys 2011-08-07 16:42:58 E7DF1CFD28CA86B35EF5ADD0735CEEF3 343040 ----a-w- C:\Windows\Sysnative\drivers\usbhub.sys 2011-08-07 16:42:58 BC3070350A491D84B518D7CCA9ABD36F 30720 ----a-w- C:\Windows\Sysnative\drivers\usbuhci.sys 2011-08-07 16:42:58 BBF36EB7117F6B976975C9D8D877DF18 324608 ----a-w- C:\Windows\Sysnative\drivers\usbport.sys 2011-08-07 16:42:58 92969BA5AC44E229C55A332864F79677 52224 ----a-w- C:\Windows\Sysnative\drivers\usbehci.sys 2011-08-07 16:42:58 7B6A127C93EE590E4D79A5F2A76FE46F 98816 ----a-w- C:\Windows\Sysnative\drivers\usbccgp.sys 2011-08-07 16:42:58 70B5A5A7E0DDD5EBAF6E35B7257A6B9D 7936 ----a-w- C:\Windows\Sysnative\drivers\usbd.sys 2011-08-07 16:42:48 EC7EBAB00A4D8448BAB68D1E49B4BEB9 107904 ----a-w- C:\Windows\Sysnative\drivers\amdsata.sys 2011-08-07 16:42:48 A4D9C9A608A97F59307C2F2600EDC6A4 148352 ----a-w- C:\Windows\Sysnative\drivers\nvraid.sys 2011-08-07 16:42:48 6C1D5F70E7A6A3FD1C90D840EDC048B9 166272 ----a-w- C:\Windows\Sysnative\drivers\nvstor.sys 2011-08-07 16:42:47 F39983647BC1F3E6100778DDFE9DCE29 91136 ----a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2011-08-07 16:42:47 DB27766102C7BF7E95140A2AA81D042E 27008 ----a-w- C:\Windows\Sysnative\drivers\amdxata.sys 2011-08-07 16:42:47 CFD8802CAC57D3AFE0C687786E9E55F8 187264 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2011-08-07 16:42:47 B75E45C564E944A2657167D197AB29DA 410496 ----a-w- C:\Windows\Sysnative\drivers\iaStorV.sys 2011-07-11 15:12:04 9C253CE7311CA60FC11C774692A13208 102400 ----a-w- C:\Windows\Sysnative\drivers\dfsc.sys 2011-07-11 15:11:55 76548F7B818881B47D8D1AE1BE9C11F8 399872 ----a-w- C:\Windows\Sysnative\drivers\srv2.sys 2011-07-11 15:11:54 2408C0366D96BCDF63E8F1C78E4A29C5 461312 ----a-w- C:\Windows\Sysnative\drivers\srv.sys 2011-07-11 15:11:54 0AF6E19D39C70844C5CAA8FB0183C36E 161792 ----a-w- C:\Windows\Sysnative\drivers\srvnet.sys 2011-07-04 03:18:06 3C142D31DE9F2F193218A53FE2632051 126464 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2011-07-04 03:18:06 040D62A9D8AD28922632137ACDD984F2 157696 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2011-07-04 03:18:05 20080512F61D3210E449A1256F66A7FD 27008 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2011-06-23 19:32:31 3238B9078E0766AB5E62DC737A809ADB 265088 ----a-w- C:\Windows\Sysnative\drivers\dxgmms1.sys 2011-06-23 19:32:31 1633B9ABF52784A1331476397A48CBEF 982912 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys 2011-05-17 10:35:56 7CB8C573C6E4A2714402CC0A36EAB4FE 184832 ----a-w- C:\Windows\Sysnative\drivers\usbvideo.sys 2011-05-17 10:35:56 5C7AF4A20F5BF67042B2E613D123D111 243712 ----a-w- C:\Windows\Sysnative\drivers\ks.sys 2011-05-17 10:21:49 19D20159708E152267E53B66677A4995 90624 ----a-w- C:\Windows\Sysnative\drivers\bowser.sys 2010-10-27 20:54:14 88FBC8BEBFD38566235EAA5E4DBC4E05 35384 ----a-w- C:\Windows\Sysnative\drivers\AsDsm.sys 2010-10-27 20:53:50 085435AE1A124361304044029B5CC644 15928 ----a-w- C:\Windows\Sysnative\drivers\***laby.sys 2010-10-27 20:50:49 E5DC9BA9E439D6DBDD79F8CAACB5BF01 213888 ----a-w- C:\Windows\Sysnative\drivers\rdyboost.sys 2010-10-27 20:42:01 B6AC71AAA2B10848F57FC49D55A651AF 56344 ----a-w- C:\Windows\Sysnative\drivers\HECIx64.sys 2010-10-27 20:41:01 2C8D162EFAF73ABD36D8BCBB6340CAE7 109056 ----a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2010-10-27 20:41:01 178298F767FE638C9FEDCBDEF58BB5E4 14336 ----a-w- C:\Windows\Sysnative\drivers\sffp_sd.sys 2010-08-30 16:34:51 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_avchv_01009.Wdf 2010-08-23 07:40:15 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Sysnative\drivers\1043_ASUSTEK_K52F_K62F_V70_WIN7.MRK ====== C:\Windows\Tasks ====== 2012-07-05 14:11:58 -------- d-----w- C:\Windows\Sysnative\Tasks\Apple 2012-05-29 15:43:41 BA168E58D834E61F39995C62C9EBE606 3878 ----a-w- C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater 2012-05-29 15:43:41 2BBF862405AF8F3F2D59B7AAFB86D327 940 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job 2011-09-05 10:32:19 EC4338351C90FDD9B50B08E1E8FA0A70 3804 ----a-w- C:\Windows\Sysnative\Tasks\Adobe-online actualiseringsprogramma 2011-05-17 11:05:21 D7DBBF2342B8FCD14DA2FE4D1EEC6ACE 3990 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{D59D6771-23A2-47E6-978F-C14BD510D992} 2011-05-17 10:58:00 CE2B6473D2D9D21AEAB71AD500C74468 3552 ----a-w- C:\Windows\Sysnative\Tasks\CreateChoiceProcessTask 2010-10-27 20:53:50 AE74977C6DDFB81F875650E80AA84265 2872 ----a-w- C:\Windows\Sysnative\Tasks\ASPG 2010-10-27 20:53:32 CD762062CE735CBDECE02F2C99C569B3 3002 ----a-w- C:\Windows\Sysnative\Tasks\ASUS Live Update 2010-10-27 20:53:26 F495850C896BC145F7041A83B4893F49 3068 ----a-w- C:\Windows\Sysnative\Tasks\ACMON 2010-10-27 20:53:12 A36BE3EE960127ECDA4286B59E068A16 3064 ----a-w- C:\Windows\Sysnative\Tasks\ASUSControlDeck 2010-10-27 20:50:21 CAAEA3F06A6323FA6D393F2F0E9B9772 3040 ----a-w- C:\Windows\Sysnative\Tasks\ASUS P4G 2010-10-27 20:48:52 C3284B52E374EAF0307E868FD9D0BDF7 2988 ----a-w- C:\Windows\Sysnative\Tasks\ATKOSD2 2010-10-27 20:33:34 B5AF449C243FC29BE4C5BE68E3828234 4066 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2010-10-27 20:33:34 96DB134FD210255F63103E50070E276C 3814 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2010-10-27 20:33:34 70B83694B2CD44C8F691AD3808FBF99D 1070 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2010-10-27 20:33:33 AED21FC68927C40CB10F91E9FD8874BB 1066 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-09-04 07:48:01 -------- d-----w- C:\Program Files\iPod 2012-07-05 14:12:49 -------- d-----w- C:\Program Files\iTunes 2012-07-05 14:11:39 -------- d-----w- C:\Program Files\Common Files\Apple 2012-05-13 10:08:22 -------- d-----w- C:\Program Files\Microsoft Silverlight 2011-07-30 11:29:07 -------- d-----w- C:\Program Files\Windows Live 2011-05-18 16:45:37 -------- d-----w- C:\Program Files\Microsoft Office 2010-10-27 20:53:08 -------- d-----w- C:\Program Files\ASUS 2010-10-27 20:50:20 -------- d-----w- C:\Program Files\P4G 2010-10-27 20:47:19 -------- d-----w- C:\Program Files\SRS Labs 2010-10-27 20:46:21 -------- d-----w- C:\Program Files\CONEXANT 2010-10-27 20:44:20 -------- d-----w- C:\Program Files\Common Files\Intel 2010-10-27 20:18:42 -------- d-----w- C:\Program Files\Elantech 2010-09-03 18:19:34 -------- d-----w- C:\Program Files\trend micro 2010-08-30 16:29:54 -------- d-----w- C:\Program Files\Common Files\Bitdefender ======= C:\PROGRA~2 ===== 2013-09-04 07:48:00 -------- d-----w- C:\PROGRA~2\iTunes 2013-05-03 09:24:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2013-05-03 09:24:06 -------- d-----r- C:\PROGRA~2\Skype 2012-10-07 15:03:43 -------- d-----w- C:\PROGRA~2\DVDVideoSoft 2012-07-05 14:20:59 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2012-07-05 14:20:24 -------- d-----w- C:\PROGRA~2\COMMON~1\DVDVideoSoft 2012-07-05 14:11:56 -------- d-----w- C:\PROGRA~2\Apple Software Update 2012-07-05 14:11:14 -------- d-----w- C:\PROGRA~2\COMMON~1\Apple 2012-05-29 15:45:51 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2011-07-30 11:32:35 -------- d-----w- C:\PROGRA~2\Microsoft SQL Server Compact Edition 2011-07-03 18:26:45 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2011-06-23 15:42:08 -------- dcsh--w- C:\PROGRA~2\COMMON~1\WindowsLiveInstaller 2011-05-18 16:48:10 -------- d-----w- C:\PROGRA~2\Microsoft Works 2011-05-18 16:47:52 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 2011-05-18 16:47:52 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2011-05-18 16:45:31 -------- d-----w- C:\PROGRA~2\Microsoft Visual Studio 8 2011-05-18 16:44:49 -------- d-----w- C:\PROGRA~2\Microsoft Office 2011-05-18 16:36:15 -------- d-----w- C:\PROGRA~2\WinRAR 2011-05-17 12:15:14 -------- d-----w- C:\PROGRA~2\COMMON~1\CyberLink 2011-05-17 11:30:37 -------- d-----w- C:\PROGRA~2\Microsoft.NET 2011-05-17 09:44:50 -------- d-----w- C:\PROGRA~2\Microsoft 2011-05-17 09:44:12 -------- d-----w- C:\PROGRA~2\Windows Live 2011-05-17 09:42:42 -------- d-----w- C:\PROGRA~2\COMMON~1\Windows Live 2010-10-27 20:53:29 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2010-10-27 20:53:12 -------- d-----w- C:\PROGRA~2\COMMON~1\ControlDeck 2010-10-27 20:47:52 -------- d-----w- C:\PROGRA~2\JMicron 2010-10-27 20:44:20 -------- d-----w- C:\PROGRA~2\COMMON~1\Intel 2010-10-27 20:42:10 -------- d-----w- C:\PROGRA~2\COMMON~1\postureAgent 2010-10-27 20:38:13 -------- d-----w- C:\PROGRA~2\Intel 2010-10-27 20:36:25 -------- d-----w- C:\PROGRA~2\MSXML 4.0 2010-10-27 20:34:19 -------- d-----w- C:\PROGRA~2\syncables 2010-10-27 20:33:53 -------- d-----w- C:\PROGRA~2\ASUS 2010-10-27 20:33:51 -------- d-----w- C:\PROGRA~2\Boingo 2010-10-27 20:33:22 -------- d-----w- C:\PROGRA~2\Google 2010-10-27 20:33:14 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe AIR 2010-10-27 20:31:57 -------- d-----w- C:\PROGRA~2\Adobe 2010-10-27 20:24:06 -------- d--h--w- C:\PROGRA~2\InstallShield Installation Information 2010-10-27 20:22:45 -------- d-----w- C:\PROGRA~2\CyberLink ======= C: ===== 2010-10-27 21:06:09 3A4324489A0CAD8865E72E92393470C1 14278 ----a-w- C:\devlist.txt 2010-10-27 20:58:34 EB5E19C956D924E2570D556740B7FC75 10 ----a-w- C:\dpi.txt 2010-10-27 08:24:29 034F75A28096DD97C2561D49491F541E 233 ----a-w- C:\Pass.txt 2010-08-23 07:40:15 5EDB6E61F53A6E217D09D6218D559FA9 12 ----a-w- C:\RECOVERY.DAT 2010-08-23 07:40:15 52F1B20A45FFF8468FA19DE6EB3C9B0B 19 ----a-w- C:\K52F_K62F_WIN7.70 2010-08-19 12:26:01 38D2AC88F2E1DB250100475C4520C4F4 2097152 ---ha-w- C:\K52F.BIN ====== C:\Users\Gebruiker\AppData\Roaming ====== 2014-02-08 17:17:15 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Programs 2014-02-08 17:08:42 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Google 2013-05-03 09:24:17 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Skype 2012-07-29 18:17:43 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Cyberlink 2012-07-29 18:17:36 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\CyberLink 2012-07-05 14:19:44 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoft 2012-07-05 14:14:02 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Apple Computer 2012-07-05 14:14:02 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Apple Computer 2012-07-05 14:11:57 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Apple 2011-11-15 17:05:43 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Windows Live Writer 2011-09-05 10:26:49 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\TuneUp Software 2011-07-30 15:02:24 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Temp 2011-07-03 18:23:52 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Windows Live 2011-05-21 12:45:11 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Microsoft Games 2011-05-20 15:36:39 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Adobe 2011-05-19 17:57:18 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Diagnostics 2011-05-18 16:44:52 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Microsoft Help 2011-05-18 16:36:44 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\WinRAR 2011-05-18 16:36:44 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2011-05-18 16:33:17 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Adobe 2011-05-18 16:28:30 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Mozilla 2011-05-18 16:28:30 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Mozilla 2011-05-17 11:46:03 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Adobe 2011-05-17 11:04:28 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Google 2011-05-17 11:04:28 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Google 2011-05-17 09:49:46 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Asus WebStorage 2011-05-17 09:49:37 -------- d-----w- C:\Users\Gebruiker\AppData\Local\SRS Labs 2011-05-17 09:49:13 -------- d-----r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2011-05-17 09:49:04 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Identities 2011-05-17 09:42:31 -------- d-s---w- C:\Users\Gebruiker\AppData\Locallow\Microsoft 2011-05-17 09:42:11 F1354E5FB420C5455C686B8A4DEE8D53 114384 ----a-w- C:\Users\Gebruiker\AppData\Local\GDIPFONTCACHEV1.DAT 2011-05-17 09:42:07 -------- d-----r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2011-05-17 09:41:48 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Power2Go 2011-05-17 09:41:44 -------- d-----w- C:\Users\Gebruiker\AppData\Local\VirtualStore 2011-05-17 09:41:34 -------- d-s---w- C:\Users\Gebruiker\AppData\Roaming\Microsoft 2011-05-17 09:41:34 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite 2011-05-17 09:41:34 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2011-05-17 09:41:34 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Media Center Programs 2011-05-17 09:41:34 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Temp 2011-05-17 09:41:34 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Microsoft 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2010-09-03 17:52:05 -------- d-----r- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 ====== C:\Users\Gebruiker ====== 2014-02-09 08:00:45 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Gebruiker\Desktop\AdwCleaner (1).exe 2014-02-09 08:00:36 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Gebruiker\Downloads\AdwCleaner (1).exe 2014-02-09 07:59:38 F2F7162A8A3248C39F7802590CE78906 274288 ----a-w- C:\Users\Gebruiker\Downloads\AdwCleaner.exe 2014-02-08 17:16:49 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300(1).exe 2014-02-08 17:16:39 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-08 17:06:32 755246A3D44BFDB8A66DB8C19122724B 4721920 ----a-w- C:\Users\Gebruiker\Downloads\ccsetup410.exe 2013-09-04 07:48:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2013-06-05 15:02:34 0AD56F1EE1C1A78608DB7570390E81C3 5207952 ----a-w- C:\Users\Gebruiker\Downloads\deww_streaming_NL(1).exe 2013-06-05 15:02:14 37E5B6DAD72F10F8B865EADC2E4E8B4C 5207952 ----a-w- C:\Users\Gebruiker\Downloads\deww_streaming_NL.exe 2013-05-03 09:24:07 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-05-03 09:24:00 -------- d-----w- C:\ProgramData\Skype 2012-07-05 14:31:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2012-07-05 14:21:34 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-07-05 14:21:34 -------- d--h--w- C:\ProgramData\Common Files 2012-07-05 14:21:00 -------- d-----w- C:\ProgramData\Mozilla 2012-07-05 14:12:49 -------- d-----w- C:\ProgramData\Apple Computer 2012-07-05 14:12:49 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-07-05 14:11:14 -------- d-----w- C:\ProgramData\Apple 2012-07-05 14:08:57 9CF0720C6845CC8F978DC0750E009EF4 79225752 ----a-w- C:\Users\Gebruiker\Downloads\iTunes64Setup.exe 2012-05-13 10:09:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2011-09-05 10:25:27 -------- d-----w- C:\ProgramData\TuneUp Software 2011-09-05 10:25:12 -------- d-sh--w- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2011-09-05 10:24:50 0355A6C08ABFBFA6BFE586296D90451A 21214600 ----a-w- C:\Users\Gebruiker\Downloads\TuneUpUtilities2011_nl-NL.exe 2011-07-30 11:23:06 9FA7DFBA8B89FE97C552D58F4AFBC98E 1290088 ----a-w- C:\Users\Gebruiker\Downloads\wlsetup-web(6).exe 2011-07-07 10:52:32 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live 2011-07-07 10:50:01 449BF783ECF3D32652C9FC0205B26705 1146696 ----a-w- C:\Users\Gebruiker\Desktop\wlsetup-custom.exe 2011-07-07 10:13:35 2A7A596EA906C78B354E7FF764D18339 9352392 ----a-w- C:\Users\Gebruiker\Downloads\Install_MSN_Messenger(1).exe 2011-07-07 09:59:30 1534E29809C5C602692D71D47A29C63E 10848608 ----a-w- C:\Users\Gebruiker\Downloads\Install_MSN_Messenger.EXE 2011-06-23 15:41:14 -------- d-----w- C:\ProgramData\WLInstaller 2011-05-19 18:33:07 -------- d-----w- C:\Users\Gebruiker\Tracing 2011-05-18 16:50:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2011-05-18 16:44:48 -------- d-----w- C:\ProgramData\Microsoft Help 2011-05-18 16:36:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2011-05-18 16:31:00 358977A8C250FA134D0734626D531BBF 36502936 ----a-w- C:\Users\Gebruiker\Downloads\AdbeRdr1000_nl_NL.exe 2011-05-17 11:57:44 -------- d-----w- C:\ProgramData\Nero 2011-05-17 09:49:13 -------- d-----r- C:\Users\Gebruiker\Searches 2011-05-17 09:49:01 -------- d-----r- C:\Users\Gebruiker\Contacts 2011-05-17 09:41:35 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Gebruiker\ntuser.ini 2011-05-17 09:41:34 -------- d--h--w- C:\Users\Gebruiker\AppData 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Videos 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Saved Games 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Pictures 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Music 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Links 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Favorites 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Downloads 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Documents 2011-05-17 09:41:34 -------- d-----r- C:\Users\Gebruiker\Desktop 2010-10-27 20:50:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility 2010-10-27 20:50:20 -------- d-----w- C:\ProgramData\P4G 2010-10-27 20:47:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Labs 2010-10-27 20:44:22 -------- d-----r- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2010-10-27 20:34:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\syncables 2010-10-27 20:33:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2010-10-27 20:33:51 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boingo 2010-10-27 20:33:51 -------- d-----w- C:\ProgramData\GoBoingo 2010-10-27 20:33:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2010-10-27 20:32:14 -------- d-----w- C:\ProgramData\Adobe 2010-10-27 20:24:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic 2010-10-27 20:22:41 -------- d-----w- C:\ProgramData\CyberLink 2010-10-27 20:22:39 -------- d-----w- C:\ProgramData\Temp 2010-09-04 22:11:17 DE2A18E908BCF22805B7CF9EB28613BD 229805 ----a-w- C:\ProgramData\1283638173.bdinstall.bin 2010-09-03 18:17:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe 2010-08-30 16:36:04 3D99D39B3CB72F1DEBB3E215A5E52538 552401 ----a-w- C:\ProgramData\1283185801.bdinstall.bin ====== C: exe-files == 2014-02-09 08:13:23 1CC1256491E83953415BCC9B57FAF04F 760688 ----a-w- C:\Windows\Temp\Remove.exe 2014-02-09 08:00:45 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Gebruiker\Desktop\AdwCleaner (1).exe 2014-02-09 08:00:36 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Gebruiker\Downloads\AdwCleaner (1).exe 2014-02-09 07:59:38 F2F7162A8A3248C39F7802590CE78906 274288 ----a-w- C:\Users\Gebruiker\Downloads\AdwCleaner.exe 2014-02-08 17:16:49 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300(1).exe 2014-02-08 17:16:39 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\Gebruiker\Downloads\mbam-setup-1.75.0.1300.exe 2014-02-08 17:06:32 755246A3D44BFDB8A66DB8C19122724B 4721920 ----a-w- C:\Users\Gebruiker\Downloads\ccsetup410.exe 2014-02-08 17:06:09 AFF44F0AE78CE4437E4C5B17F9E76EF4 342960 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe 2014-02-05 17:49:19 BA7524A2D91F895CE7502C78B6A4CBAF 732888 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.107\32.0.1700.107_32.0.1700.102_chrome_updater.exe 2013-12-24 03:54:25 68CC0B4C5024CD3CAA14109E2AF121CC 11467936 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\BingBarSetup-Partner[1].EXE 2013-12-18 18:42:44 D771ACAE96711BB0FABB627B9A7C9C4E 98160 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Eula.exe 2013-12-18 18:42:44 C816AF027B03E2BFD5DDF11034514581 19840 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32Info.exe 2013-12-18 18:42:44 A40C1E6F1DFAA74AE3CB7483B30E4468 40312 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe 2013-12-18 18:42:44 49FF7BDFD578CB57001C3EE90356AAFC 51080 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroTextExtractor.exe 2013-12-18 18:42:36 D318DFC1700449A74C5E28A451DBAD5B 1272704 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe 2013-12-18 18:42:34 CBDEB90288BE06FA883193CE1D18AF15 76152 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\wow_helper.exe 2013-12-18 18:42:34 93B8BB71DA5628A0E314633780BB9531 299896 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroBroker.exe 2013-12-18 18:42:34 445439701D9DF29BA2B63D3762C38A97 1513848 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe 2013-12-18 18:42:32 B362181ED3771DC03B4141927C80F801 65432 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 2013-12-18 09:42:36 4BC13E0298D1ADDBA09A83B0B72C8229 146816 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\64BitMAPIBroker.exe 2013-12-08 12:43:00 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateBroker.exe 2013-12-08 12:43:00 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateSetup.exe 2013-12-08 12:43:00 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe 2013-12-08 12:42:48 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe 2013-12-08 12:42:48 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleUpdate.exe 2013-12-08 12:42:48 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe 2013-12-08 12:42:41 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe 2013-11-17 00:29:18 1203A8E53D4240D2AE96BABE01A0BCCE 409776 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE 2013-10-23 04:39:48 47025DD5CBA8B43E9D26C960FF5B32A7 344355 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\Quarantine.exe 2013-09-13 00:23:44 BBEBE20735AEF70DFC5ABFB4EDA760FD 304824 ----a-w- C:\Program Files\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe 2013-09-13 00:23:44 BBC4E44FF8C6C088FF60976D460DAB68 17552 ----a-w- C:\Program Files\Microsoft Silverlight\5.1.20913.0\agcp.exe 2013-09-13 00:23:44 29B120CA916EBB82700CD440D957AE81 80016 ----a-w- C:\Program Files\Microsoft Silverlight\5.1.20913.0\coregen.exe 2013-09-13 00:23:44 17298D94AC6E338378BFF126B21F025D 523928 ----a-w- C:\Program Files\Microsoft Silverlight\sllauncher.exe 2013-09-12 23:53:56 B1CA8CB8563F3E05ADC08410BED6F5DB 68752 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\coregen.exe 2013-09-12 23:53:56 6E8748301A7894009A9842E0EBA0EC02 387224 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe 2013-09-12 23:53:56 6D3712A6405F868C7902DEC1B52DDCAA 16528 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\agcp.exe 2013-09-12 23:53:56 00C29A335682810D2CC8C8DBC85D6E23 237240 ----a-w- C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\Silverlight.Configuration.exe 2013-09-12 16:56:37 93B3E8D21CA3D3FFAF855583DB27C071 11465376 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\BingBarSetup-Partner[2].EXE 2013-09-04 07:44:13 277DF1C06782563C95661C30AA02CD49 77136 ----a-w- C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.0.5.5\SetupAdmin.exe 2013-08-16 07:08:00 78486992AC657AE5065C4A2135838570 641352 ----a-w- C:\Program Files\iPod\bin\iPodService.exe 2013-08-16 07:07:58 CE42DFE915F78246364D464902E47360 152392 ----a-w- C:\Program Files (x86)\iTunes\iTunesHelper.exe 2013-08-16 07:07:58 5225CE3D627A300E40F5E008C4B3DA8D 9789256 ----a-w- C:\Program Files (x86)\iTunes\iTunes.exe 2013-08-14 14:48:48 864B19A9FF68F5437C6EDDC2F0DDCD2E 18372272 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE 2013-08-13 13:38:14 A7925C63F1198B69F051392722643E07 15149744 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\excelcnv.exe 2013-06-21 02:15:30 6DD6ECC359E09C4D6CE8DC2043C1D55B 13016248 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE 2013-06-05 15:02:34 0AD56F1EE1C1A78608DB7570390E81C3 5207952 ----a-w- C:\Users\Gebruiker\Downloads\deww_streaming_NL(1).exe 2013-06-05 15:02:14 37E5B6DAD72F10F8B865EADC2E4E8B4C 5207952 ----a-w- C:\Users\Gebruiker\Downloads\deww_streaming_NL.exe 2013-05-21 05:10:48 60C974CAB0662721C839F24B8955C21A 8434824 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\BingBarSetup-Partner[1].EXE 2013-04-21 19:44:20 D5CB8F8AB97068B09AD559543DC132BB 14664 ----a-w- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe 2013-04-21 19:44:00 AA2903E3EEE74D5A14846629822AD0AA 14152 ----a-w- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe 2013-04-21 19:43:52 61E4289E91E88C90478D7F4BEB10DCF7 59720 ----a-w- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 2013-04-10 10:01:06 AFB0FE34A9B7F1B7A70276B9C1A78114 696480 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-04-10 10:01:06 58D926F3B2113BF849162C9C26FE21DC 672912 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-04-10 10:01:05 71EE6C5D68E0E07BDB3D5C04F36645DF 12288 ----a-w- C:\Windows\System32\msfeedssync.exe 2013-04-10 10:01:05 3BB1D5DFC245245F4C60A9574F66C303 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe 2013-04-10 10:00:59 EF1D47835019186DB5E34C52571A6539 5497688 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-04-10 10:00:56 FA64733BD65F52712F0545F56FDB4BE6 112640 ----a-w- C:\Windows\System32\smss.exe 2013-04-10 10:00:56 D1751CB2E03D7F57AC04C702D02974AC 3902312 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-04-10 10:00:56 B02D4E4A4EBEF9E33488969DF6E9BC22 3958120 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-03-11 18:21:03 C9E569480875089A7814C8784144A3AF 20406840 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\Messenger_20.0.0001_0\SkypeSetupFull(6.3.73.105)(Trackable457)trackable.exe 2013-03-08 20:56:58 8555FDE7890AF3ADB96BE3939AB26D8B 9570472 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE 2013-03-01 10:16:02 F920FBB43C1CDB905044C91B9A3FD516 18643560 ----a-r- C:\Program Files (x86)\Skype\Phone\Skype.exe 2013-03-01 10:11:32 875B04A71869D34A415CC8B4D4673EC4 161384 ----a-r- C:\Program Files (x86)\Skype\Updater\Updater.exe 2013-02-14 16:55:02 7EB88F63D424832B774E24458DCE2049 338432 ----a-w- C:\Windows\System32\conhost.exe 2013-02-14 16:55:01 8C4917F8945D888E54542B720CD929F7 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-02-14 16:55:01 11BFDDA19C92775C515F61353180E027 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-02-14 16:55:00 FE2EA676F981AAEB1E552557B56635D7 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2012-12-21 14:46:12 EAAD5A274DDB4F4C6F22AA47EE9E9D23 57008 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\ATH.exe 2012-12-21 14:36:16 4BD35BEDC536B164B5F885DCE14A5309 57008 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileSync.exe 2012-12-21 14:36:14 170D6CA6B5619FADCB25B3C3C12B17C3 57008 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe 2012-12-21 14:27:46 4FE5C6D40664AE07BE5105874357D2ED 57008 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 2012-12-21 14:27:04 CCC88C17EDE246A69C8B27FF120BD2AA 57008 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe 2012-12-21 14:27:02 CBAE902B4E97202A2775A3FB017B1B2A 57008 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe 2012-12-18 05:28:20 8C98F04D40D2C2B734895C2E90CCF78E 88272 ----a-w- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\arh.exe 2012-12-06 10:54:28 EFBB9362EEFCDA1A636A962EB8145D8C 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncUIHandler.exe 2012-12-06 10:54:24 A5FE297046456C71E632578E124CFB8C 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.exe 2012-12-06 10:43:02 B220F6B8EC893F0540331572894D04DD 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.exe 2012-12-06 10:41:38 0806D18F6DFCC52246E0BAC560226CDA 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe 2012-12-06 10:41:34 924A5DBDA26F32A8E717772E17F51C52 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe 2012-12-06 10:41:20 C9F6D46FAE43729F42ECD2EF24A09DBD 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.apple.IE.client.exe 2012-12-06 10:41:16 02D747F8CE9D51BEDA35D2F75B6D8705 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\com.google.ContactSync.client.exe 2012-12-06 10:41:12 15073A23410D07E0CFB54E739779022D 126048 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncMapiInterfaceHelper_x64.exe 2012-12-06 10:14:42 E41EAE8F3F08DFF33149B198FEB8791B 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\upgradedb.exe 2012-12-06 10:14:42 C027976360520038D17C64EFFEFA61F4 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe 2012-12-06 10:14:42 AB9EBA13545E2D62FDCCF8447335A45D 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncPlanObserver.exe 2012-12-06 10:14:42 A79E496418A622AC69F0F42C30D0DB44 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\Mingler.exe 2012-12-06 10:14:42 5F4DC5AFD685BCA5A2A17BED93806B20 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\syncli.exe 2012-12-06 10:14:42 59250B4B7CC89F1C57E57FC9854D5064 56416 ----a-w- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncDiagnostics.exe 2012-11-15 17:03:03 8ABFE00F213F2571498F1B8FD7939A98 229888 ----a-w- C:\Windows\System32\WUDFHost.exe 2012-10-07 15:03:51 0B2968C02EDA8F3468DC4183A8467373 2426504 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe 2012-10-07 15:03:48 EF611CF7F462DE4E04A24B4FCB45F12A 211104 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ffmpeg.exe 2012-10-07 15:03:43 EFC970B01E137B11A5F5FF6ACEC23E80 1177453 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe 2012-09-13 17:26:58 81DC92E4618767A73940C71DC11A9DB8 8281168 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\BingBarSetup-Partner[1].EXE 2012-08-15 07:04:17 567977DC43CC13C4C35ED7084C0B84D5 559104 ----a-w- C:\Windows\System32\spoolsv.exe 2012-08-15 07:04:17 24AA25089217AF1B5289534824CAC69F 67584 ----a-w- C:\Windows\splwow64.exe 2012-07-25 19:10:14 8A74061BBE2E6B44C67590EC162E8A71 1491064 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\INFOPATH.EXE 2012-07-25 08:00:43 491B135659EF6053F4C91F64BC0902AE 263440296 ----a-r- C:\Program Files\Common Files\Bitdefender\SetupInformation\{34480DEE-54D6-4985-A817-CA30E9BBC94C}\packagefile_old.exe 2012-07-05 14:31:43 C36923084822C017F69396418A999D39 143240 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnStub.exe 2012-07-05 14:31:43 8EBAD7BCBF3B931252F7AAE7960CF744 3624616 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\AskTB\ApnToolbarInstaller.exe 2012-07-05 14:31:43 051DD9BC7F1FA019A90EF55B9D0D396D 2183352 ----a-w- C:\Program Files\iTunes\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe 2012-07-05 14:31:41 EF611CF7F462DE4E04A24B4FCB45F12A 211104 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\ffmpeg.exe 2012-07-05 14:31:37 5C8389F7FC759216E81B86B1E36266E0 1475736 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe 2012-07-05 14:31:36 05F9409C42774038FE4DBA84F7FC98F1 6440520 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 2012-07-05 14:31:35 EFC970B01E137B11A5F5FF6ACEC23E80 1177453 ----a-w- C:\Program Files\iTunes\Free YouTube to MP3 Converter\unins000.exe 2012-07-05 14:21:00 99F20CB58E61DAAD19935122AEE8B376 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2012-07-05 14:21:00 3B9398E0146855B1DC0E3D9769C80F01 119408 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2012-07-05 14:08:57 9CF0720C6845CC8F978DC0750E009EF4 79225752 ----a-w- C:\Users\Gebruiker\Downloads\iTunes64Setup.exe 2012-06-20 08:03:33 A0EE8879A17B1D4B00B37D294AF106D0 15712 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2fce45541cd4ebb04\MeshBetaRemover.exe 2012-06-20 08:03:32 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\2f7af52a1cd4ebb03\DXSETUP.exe 2012-06-19 14:19:53 C1C03EA437EDDA8A7D4D8786E5AE6751 57880 ----a-w- C:\Windows\System32\wuauclt.exe 2012-06-19 14:19:17 FF0729002E081668620A681182D63FE6 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-14 13:38:08 9EF7AB9BB355F6D5253A29C91FE31AA0 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-05-30 18:06:32 6AEF870B9E9D9CC1726B08FB9806B5C6 20368 ----a-w- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\plutil.exe 2012-05-30 18:06:26 34CFC75D31A117DF027ED71A57D34F88 32144 ----a-w- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\defaults.exe 2012-05-29 15:43:41 ED1543644C11CD56F374F3CDCD5A685F 692616 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2012-03-14 09:07:46 A63B933997D5B93B8D09226445456C17 2534200 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\GRAPH.EXE 2012-03-08 17:28:52 77BD0166102F3B9BB9499B2952C3BCFA 92024 ----a-w- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe 2012-03-08 16:37:22 EC355D725F120FCEA11FF66D7CA9CD31 117616 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXQuickTimeControlHost.exe 2012-03-08 16:37:22 9CB27AE21BF0553BF20F571DD9E2C3A0 131440 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe 2012-03-08 16:37:22 8B98D7AD261185F2FD11C4C8A788C943 68976 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe 2012-03-08 16:37:22 72B66DD61E1F0B4EACDD94C9EEABD576 19312 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGalleryRepair.exe 2012-03-08 16:37:22 61E192507A228E2ED9124111FA6A8904 183152 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXTranscode.exe 2012-03-08 16:37:22 45707F0E9DE261C54312D5D72357B282 684400 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXVideoAcquireWizard.exe 2012-03-08 16:37:20 685B7377B537CCEA1D82E426B534F18D 246640 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe 2012-03-08 16:37:16 FA6204424CE3AA155375B40FC6075436 46960 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXCodecHost.exe 2012-03-08 16:37:16 8669082858669CAE0A86D2DA6068520F 56176 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WindowsLivePhotoViewer.exe 2012-03-08 16:37:16 82E53EC685889AD8CFB3AD812A906489 111472 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe 2012-03-08 16:37:16 30A1BE0940A16DB286F3BF68A88B0D2F 385392 ----a-w- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXAlbumDownloadWizard.exe 2012-03-08 16:32:24 6DCFADDA4F2A6D3396D13F0554D672E8 884584 ----a-w- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe 2012-03-08 16:32:24 28DDEEEC44E988657B732CF404D504CB 1492840 ----a-w- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 2012-03-08 16:21:54 5DF19A45F9BCB2F3C7C14BCA2E931A39 1449824 ----a-w- C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe 2012-03-08 16:17:38 FEFC87D50AF776472CF06279742DE99B 345960 ----a-w- C:\Program Files (x86)\Windows Live\Installer\LangSelector.exe 2012-03-08 16:17:38 DC547E938158C5B1F26322340520E674 1205096 ----a-w- C:\Program Files (x86)\Windows Live\Installer\wlarp.exe 2012-03-08 16:17:38 6DD675661470892FF09D2CE266DF26B2 493416 ----a-w- C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe 2012-03-08 16:17:38 097AE247474811EECF9FF1809059C141 615784 ----a-w- C:\Program Files (x86)\Windows Live\Installer\wlstartup.exe 2012-03-08 16:16:08 6EE227818F6A756126275905CA8C1B70 104288 ----a-w- C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe 2012-03-08 16:14:38 D28CF84A1CD2E6D9BF91C50C589EE437 54656 ----a-w- C:\Program Files (x86)\Windows Live\Companion\companionuser.exe 2012-03-08 15:44:02 A28574E9659180AF96C8178FC1D722D8 25456 ----a-w- C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 2012-02-24 13:01:10 985FA44DED5748469D5AFE36A8C122BD 71520 ----a-w- C:\Program Files (x86)\Windows Live\Mesh\MOE.exe 2012-01-26 15:55:47 156F6159457D0AA7E59B62681B56EB90 31232 ----a-w- C:\Windows\System32\lsass.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8641\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7922\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7562\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4316\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\3915\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\27288\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\21263\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20529\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\17012\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\1676\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\16002\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\14016\AdobeARM.exe 2012-01-03 07:37:53 B8E421C0890356CD4A793D8A346D9096 843712 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10963\AdobeARM.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8641\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8641\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8641\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7922\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7922\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7922\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7562\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7562\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\7562\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4316\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4316\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\4316\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\3915\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\3915\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\3915\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\27288\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\27288\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\27288\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\21263\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\21263\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\21263\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20529\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20529\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\20529\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\17012\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\17012\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\17012\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\1676\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\1676\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\1676\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\16002\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\16002\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\16002\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\14016\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\14016\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\14016\AcrobatUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10963\ReaderUpdater.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10963\AdobeARMHelper.exe 2012-01-03 07:37:53 6B5ED259FFCDD40663007B6047E1EFE0 320456 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10963\AcrobatUpdater.exe 2011-10-05 02:53:16 703056CE435B2BC693B6FDBFD606F92D 2014592 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\PPTVIEW.EXE 2011-09-05 10:24:50 0355A6C08ABFBFA6BFE586296D90451A 21214600 ----a-w- C:\Users\Gebruiker\Downloads\TuneUpUtilities2011_nl-NL.exe 2011-08-31 01:52:34 BCDB549C810D23B30062F6CB5A834D2C 55240 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ACECNFLT.EXE 2011-08-30 23:46:14 CC8D52A59E6349B3259E77819237022B 54104 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\SCANOST.EXE 2011-08-30 23:46:14 1C5B1F484476F8FD725DD3E32D3D8728 37272 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\SCANPST.EXE 2011-08-30 23:46:00 D9A127D3DD3A7ECC89235CDC7F6D3008 140120 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\CNFNOT32.EXE 2011-08-26 18:32:28 37440AF3027D19C2378AAB4E84D4E7FE 770480 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\REGFORM.EXE 2011-08-25 17:30:52 DB88C6D33EBAC00464D2F2F225AB057A 49664 ----a-w- C:\Windows\servicing\GC64\tzupd.exe 2011-08-07 16:42:47 5A52FC2FD379C9F61CCF3A340E9B9B75 96768 ----a-w- C:\Windows\System32\fsutil.exe 2011-08-07 16:42:47 0C034F3D8FC0FAADA943244205BE70C6 74240 ----a-w- C:\Windows\SysWOW64\fsutil.exe 2011-08-05 18:38:33 930C5E6B3BEE05DEB0C47434C04ABD3B 589464 ----a-w- C:\Program Files (x86)\Google\Update\Download\{64E7B6E7-00AC-4EC3-8D8C-9CD36A4A0DB3}\GoogleUpdateSetup.exe 2011-07-30 11:23:06 9FA7DFBA8B89FE97C552D58F4AFBC98E 1290088 ----a-w- C:\Users\Gebruiker\Downloads\wlsetup-web(6).exe 2011-07-27 05:13:32 2DD574F00DC391B361FB0BC79C9C63DA 204664 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\CLVIEW.EXE 2011-07-27 05:10:58 743B98526635713FF793165F8BDCED3E 670560 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\MSQRY32.EXE 2011-07-27 04:47:48 7BFCDB133CB2915019074E5BF687A63E 1019760 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTE.EXE 2011-07-27 04:16:56 602F7A721C4E684CA16629CC4587FF9D 273792 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE 2011-07-27 04:13:08 FF8E3E68F2FCC5F515EC1F3D0A546903 434080 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\DW\DWTRIG20.EXE 2011-07-27 04:13:06 165A7E878F7D6C7FBF4B0869D5224FAB 813960 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\DW\DW20.EXE 2011-07-27 03:58:56 DDDE8A72CCECAC1B61F57B04363CE4D8 439160 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\Office Setup Controller\SETUP.EXE 2011-07-27 03:54:00 60987D7DA4E8877CB232546F89D703EB 503184 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\SELFCERT.EXE 2011-07-27 03:53:56 C316A56A8417A38F800482DE46026DBC 105872 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\DSSM.EXE 2011-07-27 03:40:42 C9815BF2727A4C32202347F22B275A7D 9894768 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE 2011-07-20 04:23:04 C46CE3C24EFC2F2BF7DD3044AA35C864 47472 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSE7.EXE 2011-07-20 04:22:32 196506408EEBAAE7A50AEC996BA875FD 144728 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\MSTORE.EXE 2011-07-20 04:22:30 98FF8F02E89A6E8005AB9EB01DC221EA 832360 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\MSTORDB.EXE 2011-07-20 04:18:26 9E7C3FA7B1A462A09D4153CED41FEB61 2872184 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE 2011-07-20 04:18:24 785F487A64950F3CB8E9F16253BA3B7B 440696 ----a-w- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE 2011-07-20 04:17:00 779C69CD81306FD2C7D8D8148A9B688E 33152 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\SETLANG.EXE 2011-07-10 14:59:30 3386FE9F8634FE3F523858F25B1A928A 252928 ----a-w- C:\Windows\SysWOW64\drvinst.exe 2011-07-10 14:59:27 8CD2A697B18069A62A035E756E51E934 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe 2011-07-10 14:59:27 71402C7923F6B7F8ACB48E50F35463E7 428032 ----a-w- C:\Windows\SysWOW64\SearchIndexer.exe 2011-07-10 14:59:26 F024058C391B99397EC3CCF6F77B7189 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2011-07-10 14:59:26 BDDCD13F341CBA21775FF66A5C27F59E 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2011-07-10 14:59:26 7FFE38A9BCE22AED21A0CEA1E6EAD1B5 86528 ----a-w- C:\Windows\SysWOW64\SearchFilterHost.exe 2011-07-10 14:59:26 5D66CBCDA60ECCE893B8E69BD5F23F92 164352 ----a-w- C:\Windows\SysWOW64\SearchProtocolHost.exe 2011-07-07 10:50:01 449BF783ECF3D32652C9FC0205B26705 1146696 ----a-w- C:\Users\Gebruiker\Desktop\wlsetup-custom.exe 2011-07-07 10:13:35 2A7A596EA906C78B354E7FF764D18339 9352392 ----a-w- C:\Users\Gebruiker\Downloads\Install_MSN_Messenger(1).exe 2011-07-07 09:59:30 1534E29809C5C602692D71D47A29C63E 10848608 ----a-w- C:\Users\Gebruiker\Downloads\Install_MSN_Messenger.EXE 2011-07-03 18:24:20 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\6c513dd21cc39ae0a\DXSETUP.exe 2011-06-06 20:59:02 3B836DE52A4126EEB76D838F61453A5A 1560520 ----a-w- C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1043-7B44-AA1000000001}\setup.exe 2011-06-06 10:55:28 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe 2011-06-06 10:55:28 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe 2011-06-06 10:55:28 048EA4B978851788E9F5E8E4F081DF7A 959904 ----a-w- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 2011-06-01 15:57:16 34EBD4FF6A24D86BB4716D6AFCC1A89B 561984 ----a-w- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe 2011-05-31 15:59:54 50BD5E267657BE1090FB667B7A4500CE 337264 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE 2011-05-31 15:31:32 B5028AB607B5206C76C7BD1CDEDBA072 32128 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\VPREVIEW.EXE 2011-05-31 14:58:56 B0DB4C35C028CCC350069AA8297847F2 521080 ----a-w- C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE 2011-05-19 18:31:44 F28D6538F76DC6ECFABF6176DBDD2664 142336 ----a-w- C:\Windows\System32\poqexec.exe 2011-05-19 18:31:44 20104EA66332D24D7C65BBB087C56737 123904 ----a-w- C:\Windows\SysWOW64\poqexec.exe 2011-05-19 18:08:08 3CEC96DE223E49EAAE3651FCF8FAEA6C 1255736 ----a-w- C:\Windows\System32\Wat\WatAdminSvc.exe 2011-05-19 18:08:08 05E9265E2228799B68DC0F58A94E1AB8 249656 ----a-w- C:\Windows\System32\Wat\WatUX.exe 2011-05-18 16:36:15 FD1EFFD45BD615A741227F84FD1AE915 396800 ----a-w- C:\Program Files (x86)\WinRAR\Rar.exe 2011-05-18 16:36:15 ED3EBC672F7C91FCBA0EF6B826EC4775 1093120 ----a-w- C:\Program Files (x86)\WinRAR\WinRAR.exe 2011-05-18 16:36:15 597CDCAD46EFBB2DE5EF7733516D1321 260096 ----a-w- C:\Program Files (x86)\WinRAR\UnRAR.exe 2011-05-18 16:36:15 0AD90FAD888BC8827FE48C9E2B06A96B 121856 ----a-w- C:\Program Files (x86)\WinRAR\Uninstall.exe 2011-05-18 16:31:00 358977A8C250FA134D0734626D531BBF 36502936 ----a-w- C:\Users\Gebruiker\Downloads\AdbeRdr1000_nl_NL.exe 2011-05-17 12:15:28 B196AD6815800558ECBBB8F5DE06FABB 75048 ----a-w- C:\Program Files (x86)\CyberLink\Shared files\brs.exe 2011-05-17 10:40:35 DCA862F9796BBF621DB12768978DBBA6 86054176 ----a-w- C:\Windows\System32\MRT.exe 2011-05-17 10:39:33 E60BB0CDC5EA153F6D24C51AAD4A73FD 320352 ----a-w- C:\Windows\System32\PresentationHost.exe 2011-05-17 10:39:33 302964DCAC79D618CC7B72C778DA9FD2 295264 ----a-w- C:\Windows\SysWOW64\PresentationHost.exe 2011-05-17 10:39:18 85D6E8F735865B502D65D1D91A79E3F3 294912 ----a-w- C:\Windows\System32\browserchoice.exe 2011-05-17 10:34:32 9AAB7AB406D4E7252A7B2506BA081DF2 198656 ----a-w- C:\Windows\ehome\mcupdate.exe 2011-05-17 10:34:32 47C071994C3F649F23D9CD075AC9304A 696320 ----a-w- C:\Windows\ehome\ehrecvr.exe 2011-05-17 10:34:32 1885127F182AE40A0BAB6312EA55A932 295936 ----a-w- C:\Windows\ehome\ehprivjob.exe 2011-05-17 10:34:03 400C6E84E0E9CD209D32993D599AECC9 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe 2011-05-17 10:34:03 1E7DF409043A4340B44D9F4A7F7300D7 28672 ----a-w- C:\Windows\SysWOW64\dnscacheugc.exe 2011-05-17 10:34:02 60CAE1FA4888ED41B41AEE91C774E4A2 464384 ----a-w- C:\Windows\System32\taskeng.exe 2011-05-17 10:34:01 F8952E80B7F778DA2F7AA8393CA2D30E 192000 ----a-w- C:\Windows\SysWOW64\taskeng.exe 2011-05-17 10:34:01 F16174C9FD5AB31998FDFBE1F5F843CE 285696 ----a-w- C:\Windows\System32\schtasks.exe 2011-05-17 10:34:01 BA17F6EBA7152354FE67ADE9BDCDA60E 179712 ----a-w- C:\Windows\SysWOW64\schtasks.exe 2011-05-17 10:34:00 0862495E0C825893DB75EF44FAEA8E93 2870272 ----a-w- C:\Windows\explorer.exe 2011-05-17 10:33:59 2AF58D15EDC06EC6FDACCE1F19482BBF 2614784 ----a-w- C:\Windows\SysWOW64\explorer.exe 2011-05-17 10:33:54 6DEC79D51F08EB735728D428D17AAA85 4582912 ----a-w- C:\Program Files\Windows NT\Accessories\wordpad.exe 2011-05-17 10:33:53 39BFD86634004B7C0D3FD81D2CBB8F92 4247040 ----a-w- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe 2011-05-17 10:33:50 38DD38CAB61CC73D1415C4508FDC84BF 518160 ----a-w- C:\Windows\System32\winresume.exe 2011-05-17 10:33:50 38DD38CAB61CC73D1415C4508FDC84BF 518160 ----a-w- C:\Windows\System32\Boot\winresume.exe 2011-05-17 10:33:50 09DD82F21499682086554C054676F08C 603976 ----a-w- C:\Windows\System32\winload.exe 2011-05-17 10:33:50 09DD82F21499682086554C054676F08C 603976 ----a-w- C:\Windows\System32\Boot\winload.exe 2011-05-17 10:33:17 9C64D5C8A624F506C87E7A4A8682A322 31232 ----a-w- C:\Windows\System32\prevhost.exe 2011-05-17 10:33:17 36AAD6213B2EEB06A453625C75683FA3 31232 ----a-w- C:\Windows\SysWOW64\prevhost.exe 2011-05-17 10:33:14 72CC44039038032C5B19E15D9645EB68 516096 ----a-w- C:\Program Files\Windows Mail\wab.exe 2011-05-17 10:33:14 5992835831A58D35ED60435EA15E51CA 516096 ----a-w- C:\Program Files (x86)\Windows Mail\wab.exe 2011-05-17 10:33:04 CA07A30C2C0F45F4BE22381280A872DD 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe 2011-05-17 10:33:04 A0F1DFC9E47B2524213AFF32E26BE92D 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 2011-05-17 10:23:27 D32EE82DA63D39D337D5AEEA2928B1DE 112000 ----a-w- C:\Windows\System32\consent.exe 2011-05-17 10:18:33 5E115854DA4767CF8071F76211DDAC06 1097216 ----a-w- C:\Windows\System32\mstsc.exe 2011-05-17 10:18:33 2553AD01F1ED5CDD939F5D12303E9709 1034240 ----a-w- C:\Windows\SysWOW64\mstsc.exe 2011-05-17 10:18:32 07A1A44102734F8A79A7C7712CD64160 267776 ----a-w- C:\Windows\System32\FXSCOVER.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\9363\ReaderUpdater.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8139\ReaderUpdater.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\5074\ReaderUpdater.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\22083\ReaderUpdater.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\15901\ReaderUpdater.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\15823\ReaderUpdater.exe 2011-03-30 17:29:02 5ED9B78B308D302C702D44F4505B3F46 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10339\ReaderUpdater.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\9363\AdobeARM.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8139\AdobeARM.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\5074\AdobeARM.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\22083\AdobeARM.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\15901\AdobeARM.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\15823\AdobeARM.exe 2011-03-30 17:29:02 47C1DE0A890613FFCFF1D67648EEDF90 937920 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10339\AdobeARM.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\9363\AcrobatUpdater.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\8139\AcrobatUpdater.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\5074\AcrobatUpdater.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\22083\AcrobatUpdater.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\15901\AcrobatUpdater.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\15823\AcrobatUpdater.exe 2011-03-30 17:29:02 0E9DEE95FDF47D6195DA804A0DEEDA5B 319400 ----a-w- C:\ProgramData\Adobe\ARM\Reader_10.0.0\10339\AcrobatUpdater.exe 2011-03-28 19:11:06 2BACD71123F42CEA603F4E205E1AE337 2292096 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 2011-03-28 19:11:06 2A46FFE841EC43001D5A293A54DB34DE 223104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE 2010-10-27 20:54:21 5C396DDE6AAFFB64ABC0E0FD88F53553 3054136 ----a-w- C:\Windows\AsScrPro.exe 2010-10-27 20:53:54 DD8B6374CDE061E7179619AE0383DAA3 141880 ----a-w- C:\eSupport\Manual\eManual.exe 2010-10-27 20:53:47 ECA7D5DCCF343E03BC76E498A66F1ED7 948864 ----a-w- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame32.exe 2010-10-27 20:53:47 1AEB989E361AF85F5099DE3DA25457F4 56320 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\Setup.exe 2010-10-27 20:53:47 064337998D55AD7D639650F49E0CD3AB 1212032 ----a-w- C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe 2010-10-27 20:53:32 F4DCD4912B185C3AAEB92A7040832AD1 51768 ----a-w- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe 2010-10-27 20:53:32 469065CE0099E73105E7BEE0ABF62FC9 289336 ----a-w- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdt.exe 2010-10-27 20:53:32 1AEB989E361AF85F5099DE3DA25457F4 56320 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe 2010-10-27 20:53:29 B3FD01873BD5FD163AB465779271C58F 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe 2010-10-27 20:53:26 41A5048E49372F091B2AE5A5B705B72D 183296 ----a-w- C:\Windows\SysWOW64\ACEngSvr.exe 2010-10-27 20:53:09 734D1BA96BE6AD8D04E6AFEAD569EA8A 379520 ----a-w- C:\Windows\System32\FBAgent.exe 2010-10-27 20:48:07 5DBFE59346E790E0CB3A49100D38FED2 1104496 ----a-w- C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe 2010-10-27 20:47:52 B1C1E2F604BA51527CB6AFF40CBEA309 1186416 ----a-w- C:\Program Files (x86)\JMicron\JME_DIR\setup.exe 2010-10-27 20:46:31 B72A67DC771B004B58EE39A0D68997FC 1449016 ----a-w- C:\Program Files\CONEXANT\SAII\setup64.exe 2010-10-27 20:46:31 5B3719BDBF1F035558F2D73BA166A99C 307768 ----a-w- C:\Program Files\CONEXANT\SAII\SAIICpl.exe 2010-10-27 20:46:31 2854CF317BAFA06019E76F97E26C0337 715320 ----a-w- C:\Program Files\CONEXANT\SAII\SmartAudio.exe 2010-10-27 20:44:22 D772DDB1BBA948951678D5F307F0E313 813592 ----a-w- C:\Program Files (x86)\Intel\Intel Control Center\Uninstaller\SetupICC.exe 2010-10-27 20:44:22 1EE7BA35A205584DCC9B6511F50150D0 510976 ----a-w- C:\Program Files (x86)\Intel\Intel Control Center\IntelControlCenter.exe 2010-10-27 20:44:20 B4872AE818BD1A53979ADD28510C3742 152600 ----a-w- C:\Program Files (x86)\Intel\Intel® Graphics Media Accelerator Driver\uninstall\x64\Drv64.exe 2010-10-27 20:44:19 05CB63E553254DF9F6765664A34A960E 948760 ----a-w- C:\Program Files (x86)\Intel\Intel® Graphics Media Accelerator Driver\uninstall\Setup.exe 2010-10-27 20:42:11 41118D920B2B268C0ADC36421248CDCF 2314240 ----a-w- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 2010-10-27 20:42:10 A1C148801B4AF64847AEB9F3AD9594EF 262144 ----a-w- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 2010-10-27 20:42:04 F5258B61DD1C3E8F492C4A88BE56C0F1 739864 ----a-w- C:\Program Files (x86)\Intel\Intel® Management Engine Components\uninstall\Setup.exe 2010-10-27 20:42:04 E7FE5BA9D0764245A1A6503229029EBE 152600 ----a-w- C:\Program Files (x86)\Intel\Intel® Management Engine Components\uninstall\x64\Drv64.exe 2010-10-27 20:42:00 FBAB280D0CAC5E21C72F0A1A7B5B9608 455600 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{40FEF622-6E0F-46B6-824B-A40C178FD4CD}\setup.exe 2010-10-27 20:33:58 14F4BD06F88CD3184C3D3C1FCCE8BF09 385990 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\uninst.exe 2010-10-27 20:33:33 8F0DE4FEF8201E306F9938B0905AC96A 135664 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2010-10-27 20:33:19 915B04D9919CC785D43E41F755C7591C 95232 ----a-w- C:\Program Files (x86)\Adobe\Acrobat.com\Acrobat.com.exe 2010-10-27 20:33:10 C1B7C19138171C65CC4F2C730B620A8C 38200 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe 2010-10-27 20:33:10 C0DB5E8E7B9A9D0A4644D016F353EDB6 12288 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe 2010-10-27 20:33:10 4208C7A261278C4D6947157C6B975B4B 41784 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe 2010-10-27 20:33:10 02C76B60936B64F9450414473C81F054 66872 ----a-w- C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe 2010-10-27 20:31:41 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{40BF1E83-20EB-11D8-97C5-0009C5020658}\Setup.exe 2010-10-27 20:31:03 1EF788F187FEC8D4F38D7BF6681B01A8 36864 ----a-w- C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658}\PostBuild.exe 2010-10-27 20:30:58 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\Setup.exe 2010-10-27 20:30:43 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\PostBuild.exe 2010-10-27 20:30:02 DE0C395B7DB33DBE98EF1DAE6E204675 311296 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\setup.exe 2010-10-27 20:30:00 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe 2010-10-27 20:29:55 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{D36DD326-7280-11D8-97C8-000129760CBE}\PostBuild.exe 2010-10-27 20:29:50 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\Setup.exe 2010-10-27 20:29:35 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\PostBuild.exe 2010-10-27 20:29:28 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\Setup.exe 2010-10-27 20:28:12 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}\PostBuild.exe 2010-10-27 20:28:05 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe 2010-10-27 20:27:25 4B33E35252A8891732B29CC786D878ED 525608 ------w- C:\Program Files (x86)\CyberLink\Shared files\EffectExtractor.exe 2010-10-27 20:24:13 1EF788F187FEC8D4F38D7BF6681B01A8 36864 ----a-w- C:\ProgramData\Temp\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe 2010-10-27 20:24:07 07F9B39AB7D6CF3DE214362B126E6149 316712 ----a-w- C:\Program Files (x86)\InstallShield Installation Information\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\Setup.exe 2010-10-27 20:24:02 F7BABDC2E21F3466E66A50BC5484D06F 52320 ------w- C:\Program Files (x86)\CyberLink\Shared files\richvideoinstall.exe 2010-10-27 20:24:02 F12A68ED55053940CADD59CA5E3468DD 244904 ------w- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2010-10-27 20:24:02 BDAEBBCDBDF74E0DCBECBB0DFD24463C 48224 ------w- C:\Program Files (x86)\CyberLink\Shared files\richvideouninstall.exe 2010-10-27 20:22:49 1EF788F187FEC8D4F38D7BF6681B01A8 36864 ----a-w- C:\ProgramData\Temp\{E3739848-5329-48E3-8D28-5BBD6E8BE384}\PostBuild.exe 2010-10-27 20:22:39 92405A3EEB9D74DB7CCFBF32CC720176 53319 ----a-w- C:\ProgramData\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe 2010-10-27 20:20:37 F50814F3FE0B75A786DEE08FD27D8AC1 280064 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp.exe 2010-10-27 20:20:37 F463E3C7925A8C16DFC502C9C59AF6EA 277504 ----a-w- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2010-10-27 20:20:37 CB1C37CFC3AE88569319D3790414E87D 357888 ----a-w- C:\Windows\System32\RMActivate_isv.exe 2010-10-27 20:20:37 A28DB83F71A9E49038F342A79F0437E5 305152 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe 2010-10-27 20:20:37 77EE5FD84A8A2548A2670D5845BC97DF 324608 ----a-w- C:\Windows\SysWOW64\RMActivate_isv.exe 2010-10-27 20:20:37 596F545E1E65E7647E3F306F32B16499 320512 ----a-w- C:\Windows\SysWOW64\RMActivate.exe 2010-10-27 20:20:37 591EFA2E9BDC76881F2B30A22025A140 306688 ----a-w- C:\Windows\System32\RMActivate_ssp.exe 2010-10-27 20:20:37 30B7370636544F4626DF9F58B3AC4FF4 356352 ----a-w- C:\Windows\System32\RMActivate.exe 2010-09-22 16:10:46 680FD03AE6DA6D512BD5CDCBF7D3DD55 66912 ----a-w- C:\Program Files\Windows Live\Mesh\wlcrdpsystem.exe 2010-09-22 16:10:24 69B3DD328BFD5E97929734AC1EE5375E 928608 ----a-w- C:\Program Files\Windows Live\Mesh\WLRemoteClient.exe 2010-09-22 16:10:10 06C8FA1CF39DE6A735B54D906BA791C6 57184 ----a-w- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 2010-09-22 16:10:10 0694C1066A6788904081CB8F466E14EA 18784 ----a-w- C:\Program Files\Windows Live\Mesh\wlcrdpuser.exe 2010-09-22 11:11:04 51ADC5DE31075E2E3804725C78A9987B 825640 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\706639eb1cc39ae0c\OEM\Packages\default\SearchEnhancementPackSetup.EXE 2010-09-13 00:14:18 AF63C789E9157AD1DFC20A93DBF5AA94 697104 ----a-w- C:\Program Files (x86)\Windows Live\Installer\defmgr.exe 2010-09-03 18:20:02 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2010-09-03 18:17:42 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe === C: other files == 2014-02-08 17:17:39 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys 2013-09-04 07:48:30 8E98D21EE06192492A5671A6144D092F 33240 -c--a-w- C:\Windows\System32\DRVSTORE\GEARAspiWD_53DFBC3344EBC2614851E0BF38F60B616DF86778\x64\GEARAspiWDM.sys 2013-09-04 07:48:30 8E98D21EE06192492A5671A6144D092F 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys 2013-04-24 15:47:08 9A6089B056EA1B83B36424FC9D0A300E 1653096 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2013-04-10 10:01:21 15CFE2E15703D323D2FE2F0CF6F0C99E 3150848 ----a-w- C:\Windows\System32\win32k.sys 2013-04-10 10:01:00 1F44F8559E61A8306ECC67BB1E168B7C 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys 2013-03-30 14:06:50 EF45DCE7B2BED36C566EAC743EAE66A4 19968 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2013-02-14 16:54:59 5CFB7AB8F9524D1A1E14369DE63B83CC 1893224 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-02-14 16:54:59 2FFDCD3E5ABAC88C3C193F3AC3360ED9 287576 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2012-12-13 11:50:36 C9E9D59C0099A9FF51697E9306A44240 54784 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys 2012-12-13 11:50:36 C9E9D59C0099A9FF51697E9306A44240 54784 ----a-w- C:\Program Files\Common Files\Apple\Mobile Device Support\Drivers\usbaapl64.sys 2012-12-12 17:22:29 9E425AC5C9A5A973273D169F43B4F5E1 295792 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2012-11-21 05:13:40 9C2A99980EFD4CC1337B4CB29BE150C3 36098 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cobekw6h.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi 2012-11-15 17:11:02 AEA0A67275CFBA0E463E00C6E9A1DDAE 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2012-11-15 17:11:02 442783E2CB0DA19873B7A63833FF4CB4 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2012-11-15 17:03:05 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2012-11-15 17:03:05 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2012-10-07 15:03:54 29C6575A648FCCD27C58A81822250785 440069 ----a-w- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx 2012-07-12 17:09:35 CA7720B73446FDDEC5C69519C1174C98 459216 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-07-12 17:09:35 6F40465A44ECDC1731BEFAFEC5BDD03C 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-07-12 17:09:35 4F4B5FDE429416877DE7143044582EB5 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-07-05 14:13:26 E403AACF8C7BB11375122D2464560311 34152 -c--a-w- C:\Windows\System32\DRVSTORE\GEARAspiWD_B60A2DA9F47E0A7F3329B57AA751F1789961A8BE\x64\GEARAspiWDM.sys 2012-06-20 08:05:41 07DA62C960DDCCC2D35836AEAB4FC578 48488 -c--a-w- C:\Windows\System32\DRVSTORE\fssfltr_F81BFAB31A96EBC51D97A2D005244F41BE442B43\fssfltr.sys 2012-06-20 08:05:41 07DA62C960DDCCC2D35836AEAB4FC578 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2012-06-14 13:37:57 447DE7E3DEA39D422C1504F245B668B1 204800 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-05-12 15:22:03 90061B1ACFE8CCAA5345750FFE08D8B8 75632 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-04-14 17:15:24 D3E3F93D67821A2DB2B3D9FAC2DC2064 22896 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-03-26 12:50:12 6F4607E2333FE21E9E3FF8133A88B35B 22528 ----a-w- C:\Program Files\Common Files\Apple\Mobile Device Support\NetDrivers\netaapl64.sys 2012-03-13 17:11:35 7518F7BCFD4B308ABC9192BACAF6C970 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-08 16:40:52 07DA62C960DDCCC2D35836AEAB4FC578 48488 ----a-w- C:\Program Files\Windows Live\Family Safety\WFP\fssfltr.sys 2012-02-16 15:58:11 DB9D6C6B2CD95A9CA414D045B627422E 499200 ----a-w- C:\Windows\System32\drivers\afd.sys 2011-08-15 16:47:50 F0067552F8F9B33D7C59403AB808A3CB 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-08-07 16:52:03 AAA02C8A3456424D76BAC296B1ABFFB6 24273 ------w- C:\Users\Gebruiker\AppData\Local\Microsoft\Toolbar\IsolatedStorage\SearchApp\6.3.2322.0\Resources\AppResources.zip 2011-08-07 16:52:03 A470C581DF1511B2AE7FC637091D62A1 2090 ------w- C:\Users\Gebruiker\AppData\Local\Microsoft\Toolbar\IsolatedStorage\BlinkyApp\6.3.2322.0\Resources\AppResources.zip 2011-08-07 16:52:03 812E536FDE32EEAD6AF99998603C550D 131695 ------w- C:\Users\Gebruiker\AppData\Local\Microsoft\Toolbar\IsolatedStorage\ObsidianApp\6.3.2322.0\Resources\AppResources.zip 2011-08-07 16:52:01 E72C5470B0881DFAA2EC1A68C6C3052F 40784 ------w- C:\Users\Gebruiker\AppData\Local\Microsoft\Toolbar\IsolatedStorage\Chameleon\6.3.2322.0\Resources\AppResources.zip 2011-08-07 16:42:58 F1BB1E55F1E7A65C5839CCC7B36D773E 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2011-08-07 16:42:58 E7DF1CFD28CA86B35EF5ADD0735CEEF3 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2011-08-07 16:42:58 BC3070350A491D84B518D7CCA9ABD36F 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2011-08-07 16:42:58 BBF36EB7117F6B976975C9D8D877DF18 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys 2011-08-07 16:42:58 92969BA5AC44E229C55A332864F79677 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2011-08-07 16:42:58 7B6A127C93EE590E4D79A5F2A76FE46F 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2011-08-07 16:42:58 70B5A5A7E0DDD5EBAF6E35B7257A6B9D 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys 2011-08-07 16:42:48 EC7EBAB00A4D8448BAB68D1E49B4BEB9 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys 2011-08-07 16:42:48 A4D9C9A608A97F59307C2F2600EDC6A4 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys 2011-08-07 16:42:48 6C1D5F70E7A6A3FD1C90D840EDC048B9 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys 2011-08-07 16:42:47 F39983647BC1F3E6100778DDFE9DCE29 91136 ----a-w- C:\Windows\System32\drivers\USBSTOR.SYS 2011-08-07 16:42:47 DB27766102C7BF7E95140A2AA81D042E 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys 2011-08-07 16:42:47 CFD8802CAC57D3AFE0C687786E9E55F8 187264 ----a-w- C:\Windows\System32\drivers\storport.sys 2011-08-07 16:42:47 B75E45C564E944A2657167D197AB29DA 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys 2011-07-11 15:12:04 9C253CE7311CA60FC11C774692A13208 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys 2011-07-11 15:11:55 76548F7B818881B47D8D1AE1BE9C11F8 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-07-11 15:11:54 2408C0366D96BCDF63E8F1C78E4A29C5 461312 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-07-11 15:11:54 0AF6E19D39C70844C5CAA8FB0183C36E 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-07-04 03:18:06 3C142D31DE9F2F193218A53FE2632051 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-07-04 03:18:06 040D62A9D8AD28922632137ACDD984F2 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-07-04 03:18:05 20080512F61D3210E449A1256F66A7FD 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys 2011-06-23 19:32:31 3238B9078E0766AB5E62DC737A809ADB 265088 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys 2011-06-23 19:32:31 1633B9ABF52784A1331476397A48CBEF 982912 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2011-05-20 15:37:17 80C4C1659E95296066CD0902007B6272 34532 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Adobe\Acrobat\10.0\rdrmessage.zip 2011-05-17 10:35:56 7CB8C573C6E4A2714402CC0A36EAB4FE 184832 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2011-05-17 10:35:56 5C7AF4A20F5BF67042B2E613D123D111 243712 ----a-w- C:\Windows\System32\drivers\ks.sys 2011-05-17 10:21:49 19D20159708E152267E53B66677A4995 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys 2010-10-27 20:54:14 88FBC8BEBFD38566235EAA5E4DBC4E05 35384 ----a-w- C:\Windows\System32\drivers\AsDsm.sys 2010-10-27 20:53:50 085435AE1A124361304044029B5CC644 15928 ----a-w- C:\Windows\System32\drivers\***laby.sys 2010-10-27 20:53:32 FED822E9149E9159251CDC37DEDF3CA8 13776 ----a-w- C:\Program Files (x86)\ASUS\ASUS Live Update\SYS\lvupdtio.sys 2010-10-27 20:53:32 FDC2E61CCD08D468EE729BF5B28201A5 17464 ----a-w- C:\Program Files (x86)\ASUS\ASUS Live Update\SYS64\lvupdtio.sys 2010-10-27 20:50:49 E5DC9BA9E439D6DBDD79F8CAACB5BF01 213888 ----a-w- C:\Windows\System32\drivers\rdyboost.sys 2010-10-27 20:42:16 7FE997106C3E0CFE2E93241A6282727A 187 ----a-w- C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\ME\CreateMENamespace.bat 2010-10-27 20:42:16 15D689B7142164751F297841D45229BB 32 ----a-w- C:\Program Files (x86)\Intel\Intel® Management Engine Components\MEWMIProv\ME\cim_schema\Core\comp.bat 2010-10-27 20:42:01 B6AC71AAA2B10848F57FC49D55A651AF 56344 ----a-w- C:\Windows\System32\drivers\HECIx64.sys 2010-10-27 20:41:01 2C8D162EFAF73ABD36D8BCBB6340CAE7 109056 ----a-w- C:\Windows\System32\drivers\sdbus.sys 2010-10-27 20:41:01 178298F767FE638C9FEDCBDEF58BB5E4 14336 ----a-w- C:\Windows\System32\drivers\sffp_sd.sys 2010-08-31 10:32:44 BDF2DB2F19945AFAF102A2C03062EFB1 10752 ----a-w- C:\Program Files\Windows Live\Mesh\rdpdispm.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3391881936-1608421609-7279916-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "BDRegion"="C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ASUS WebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t" "ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Setwallpaper"="c:\\programdata\\SetWallpaper.cmd" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2014 20:49] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/10/2010 22:33] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/10/2010 22:33] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe] "C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe] "C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe] "C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe] "C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe] "C:\Windows\SysNative\tasks\ATKOSD2" ["C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{D59D6771-23A2-47E6-978F-C14BD510D992}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cobekw6h.default - DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cobekw6h.default FD6ACD9D85177259D442A0C4AC15F7B8 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll - Shockwave Flash ==== Chrome Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[07/10/2012 17:03] Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3391881936-1608421609-7279916-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\cobekw6h.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=102 folders=18 104503691 bytes) ==== Empty Temp Folders ====================== C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 10/02/2014 at 20:58:39,16 ====================== -
probleem bij het opstarten na verwijderen virus
thierry1 plaatste een topic in Archief Bestrijding malware & virussen
Na het verwijderen van virus krijg ik bij het opstarten van de pc telkens volgend foutmelding bij het opstarten. Ik heb al een GSIT logje gemaakt misschien kan het al wat helpen. Logfile of random's system information tool 1.09 (written by random/random) Run by Gebruiker at 2010-09-03 21:00:32 Microsoft Windows 7 Home Premium System drive C: has 66 GB (55%) free of 119 GB Total RAM: 3885 MB (54% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:00:39, on 3/09/2010 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.17267) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe C:\Program Files\trend micro\Gebruiker.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe O4 - HKLM\..\Run: [bDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Unknown owner - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: Bitdefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11161 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch "C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe" /service C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\FBAgent.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe" C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" "C:\Program Files\Elantech\ETDCtrl.exe" "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray "C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" "C:\Windows\System32\igfxtray.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe" /service "C:\Windows\System32\hkcmd.exe" "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Windows\System32\igfxpers.exe" "C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe" "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun WLIDSvcM.exe 2604 "C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Elantech\ETDCtrlHelper.exe" taskeng.exe {BA72FFE4-3780-406D-AC23-5D161D315D93} taskeng.exe {6EEE4760-6362-4A94-8124-CC8C02FEE56A} "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" taskeng.exe {E9886EB8-9EB1-4F40-BFA3-CC5F47668F4E} "C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe" "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" "C:\Program Files\P4G\BatteryLife.exe" "C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe" "C:\Program Files (x86)\ASUS\Splendid\ACMON.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" "C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" "C:\Program Files (x86)\CyberLink\Shared files\brs.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe ATKOSD.exe WDC.exe C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\sppsvc.exe "C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe /QuitInfo:00000000000006F0;0000000000000808; C:\Windows\servicing\TrustedInstaller.exe wmiadap.exe /F /T /R "C:\Windows\system32\SearchFilterHost.exe" 0 528 532 540 65536 536 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3391881936-1608421609-7279916-10002_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3391881936-1608421609-7279916-10002 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Users\Gebruiker\Desktop\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\cobekw6h.default prefs.js - "browser.search.useDBForOrder" - true [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 12.0.0.44 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08 393600] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2010-06-10 649608] "ASUS WebStorage"=C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [2010-03-16 1754448] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-05-11 161304] "HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-05-11 386584] "Persistence"=C:\Windows\system32\igfxpers.exe [2010-05-11 414744] "SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2009-11-19 307768] "Bdagent"=C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe [2013-09-27 1575192] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-03-01 18643560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-08-16 152392] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "Boingo Wi-Fi"=C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk [2010-10-27 2429] "ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-05-03 170624] "HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016] "Wireless Console 3"=C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2010-08-12 1597440] "BDRegion"=C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe [2009-09-01 75048] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2010-04-30 269824] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-02-09 10:01:04 ----D---- C:\AdwCleaner 2014-02-08 19:18:09 ----D---- C:\Users\Gebruiker\AppData\Roaming\Malwarebytes 2014-02-08 19:17:40 ----D---- C:\ProgramData\Malwarebytes 2014-02-08 19:17:39 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-02-08 19:17:39 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-02-08 19:08:42 ----D---- C:\Users\Gebruiker\AppData\Roaming\Google 2014-02-08 19:07:01 ----D---- C:\Program Files\CCleaner 2013-12-21 10:42:30 ----D---- C:\Program Files (x86)\Mozilla Firefox 2013-09-04 09:48:30 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys 2013-09-04 09:48:01 ----D---- C:\Program Files\iPod 2013-09-04 09:48:00 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-09-04 09:48:00 ----D---- C:\Program Files (x86)\iTunes 2013-07-27 17:32:03 ----D---- C:\Windows\system32\MRT 2013-06-05 17:05:30 ----D---- C:\Zylom Games 2013-05-03 11:24:17 ----D---- C:\Users\Gebruiker\AppData\Roaming\Skype 2013-05-03 11:24:06 ----RD---- C:\Program Files (x86)\Skype 2013-05-03 11:24:00 ----D---- C:\ProgramData\Skype 2013-04-24 17:47:08 ----A---- C:\Windows\system32\drivers\ntfs.sys 2013-04-10 12:01:27 ----A---- C:\Windows\SYSWOW64\mstscax.dll 2013-04-10 12:01:27 ----A---- C:\Windows\system32\mstscax.dll 2013-04-10 12:01:26 ----A---- C:\Windows\SYSWOW64\tsgqec.dll 2013-04-10 12:01:26 ----A---- C:\Windows\SYSWOW64\aaclient.dll 2013-04-10 12:01:26 ----A---- C:\Windows\system32\tsgqec.dll 2013-04-10 12:01:26 ----A---- C:\Windows\system32\aaclient.dll 2013-04-10 12:01:21 ----A---- C:\Windows\system32\win32k.sys 2013-04-10 12:01:18 ----A---- C:\Windows\system32\ieframe.dll 2013-04-10 12:01:16 ----A---- C:\Windows\system32\mshtml.dll 2013-04-10 12:01:11 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-04-10 12:01:09 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-04-10 12:01:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-04-10 12:01:07 ----A---- C:\Windows\system32\msfeeds.dll 2013-04-10 12:01:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-04-10 12:01:06 ----A---- C:\Windows\system32\urlmon.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\url.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\mstime.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\licmgr10.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\iepeers.dll 2013-04-10 12:01:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\wininet.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\url.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\mstime.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\mshtmled.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\msfeedssync.exe 2013-04-10 12:01:05 ----A---- C:\Windows\system32\msfeedsbs.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\licmgr10.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\jsproxy.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\ieui.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\iertutil.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\iepeers.dll 2013-04-10 12:01:05 ----A---- C:\Windows\system32\iedkcs32.dll 2013-04-10 12:01:00 ----A---- C:\Windows\system32\drivers\fvevol.sys 2013-04-10 12:00:59 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-04-10 12:00:56 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-04-10 12:00:56 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-04-10 12:00:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll 2013-04-10 12:00:56 ----A---- C:\Windows\system32\smss.exe 2013-04-10 12:00:56 ----A---- C:\Windows\system32\csrsrv.dll 2013-03-30 16:06:50 ----A---- C:\Windows\system32\drivers\usb8023.sys 2013-02-14 18:55:02 ----A---- C:\Windows\SYSWOW64\KernelBase.dll 2013-02-14 18:55:02 ----A---- C:\Windows\SYSWOW64\kernel32.dll 2013-02-14 18:55:02 ----A---- C:\Windows\system32\wow64win.dll 2013-02-14 18:55:02 ----A---- C:\Windows\system32\winsrv.dll 2013-02-14 18:55:02 ----A---- C:\Windows\system32\KernelBase.dll 2013-02-14 18:55:02 ----A---- C:\Windows\system32\kernel32.dll 2013-02-14 18:55:02 ----A---- C:\Windows\system32\conhost.exe 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2013-02-14 18:55:01 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2013-02-14 18:55:01 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-02-14 18:55:01 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-02-14 18:55:01 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-02-14 18:55:01 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-02-14 18:55:01 ----A---- C:\Windows\system32\wow64cpu.dll 2013-02-14 18:55:01 ----A---- C:\Windows\system32\wow64.dll 2013-02-14 18:55:01 ----A---- C:\Windows\system32\ntvdm64.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2013-02-14 18:55:00 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2013-02-14 18:55:00 ----A---- C:\Windows\SYSWOW64\user.exe 2013-02-14 18:54:59 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-02-14 18:54:59 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS 2013-01-12 11:32:14 ----A---- C:\Windows\SYSWOW64\win32spl.dll 2013-01-12 11:32:14 ----A---- C:\Windows\system32\win32spl.dll 2013-01-10 18:46:17 ----A---- C:\Windows\SYSWOW64\usp10.dll 2013-01-10 18:46:17 ----A---- C:\Windows\system32\usp10.dll 2013-01-10 18:46:11 ----A---- C:\Windows\system32\ncrypt.dll 2013-01-10 18:46:10 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2013-01-10 18:45:53 ----A---- C:\Windows\system32\msxml6.dll 2013-01-10 18:45:52 ----A---- C:\Windows\SYSWOW64\msxml6.dll 2013-01-10 18:45:52 ----A---- C:\Windows\SYSWOW64\msxml3.dll 2013-01-10 18:45:52 ----A---- C:\Windows\system32\msxml3.dll 2013-01-10 18:45:21 ----A---- C:\Windows\SYSWOW64\Wpc.dll 2013-01-10 18:45:21 ----A---- C:\Windows\SYSWOW64\gameux.dll 2013-01-10 18:45:21 ----A---- C:\Windows\system32\Wpc.dll 2013-01-10 18:45:21 ----A---- C:\Windows\system32\gameux.dll 2012-12-21 22:03:55 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2012-12-21 22:03:55 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2012-12-21 22:03:55 ----A---- C:\Windows\system32\atmlib.dll 2012-12-21 22:03:55 ----A---- C:\Windows\system32\atmfd.dll 2012-12-13 13:50:38 ----A---- C:\Windows\system32\usbaaplrc.dll 2012-12-13 13:50:36 ----A---- C:\Windows\system32\drivers\usbaapl64.sys 2012-12-12 19:24:20 ----A---- C:\Windows\SYSWOW64\tzres.dll 2012-12-12 19:24:20 ----A---- C:\Windows\system32\tzres.dll 2012-12-12 19:22:30 ----A---- C:\Windows\SYSWOW64\dpnet.dll 2012-12-12 19:22:30 ----A---- C:\Windows\system32\dpnet.dll 2012-12-12 19:22:29 ----A---- C:\Windows\system32\drivers\volsnap.sys 2012-11-15 19:11:02 ----A---- C:\Windows\system32\Wdfres.dll 2012-11-15 19:11:02 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2012-11-15 19:11:02 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2012-11-15 19:03:05 ----A---- C:\Windows\system32\WUDFSvc.dll 2012-11-15 19:03:05 ----A---- C:\Windows\system32\WUDFPlatform.dll 2012-11-15 19:03:05 ----A---- C:\Windows\system32\drivers\WUDFRd.sys 2012-11-15 19:03:05 ----A---- C:\Windows\system32\drivers\WUDFPf.sys 2012-11-15 19:03:03 ----A---- C:\Windows\system32\WUDFx.dll 2012-11-15 19:03:03 ----A---- C:\Windows\system32\WUDFHost.exe 2012-11-15 19:03:03 ----A---- C:\Windows\system32\WUDFCoinstaller.dll 2012-11-14 22:07:58 ----A---- C:\Windows\SYSWOW64\synceng.dll 2012-11-14 22:07:58 ----A---- C:\Windows\system32\synceng.dll 2012-11-08 12:29:12 ----A---- C:\Windows\SYSWOW64\msxml4.dll 2012-10-10 17:58:02 ----A---- C:\Windows\system32\wintrust.dll 2012-10-10 17:58:01 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2012-10-10 17:57:54 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2012-10-10 17:57:54 ----A---- C:\Windows\system32\kerberos.dll 2012-10-10 17:57:48 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll 2012-10-10 17:57:48 ----A---- C:\Windows\SYSWOW64\cryptnet.dll 2012-10-10 17:57:48 ----A---- C:\Windows\SYSWOW64\crypt32.dll 2012-10-10 17:57:48 ----A---- C:\Windows\system32\cryptsvc.dll 2012-10-10 17:57:48 ----A---- C:\Windows\system32\cryptnet.dll 2012-10-10 17:57:48 ----A---- C:\Windows\system32\crypt32.dll 2012-10-07 17:03:43 ----D---- C:\Program Files (x86)\DVDVideoSoft 2012-09-13 18:38:42 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll 2012-09-13 18:38:42 ----A---- C:\Windows\system32\d3d10level9.dll 2012-08-15 20:35:34 ----A---- C:\Windows\system32\localspl.dll 2012-08-15 09:04:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2012-08-15 09:04:21 ----A---- C:\Windows\SYSWOW64\jscript.dll 2012-08-15 09:04:21 ----A---- C:\Windows\system32\vbscript.dll 2012-08-15 09:04:21 ----A---- C:\Windows\system32\jscript.dll 2012-08-15 09:04:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll 2012-08-15 09:04:20 ----A---- C:\Windows\SYSWOW64\browcli.dll 2012-08-15 09:04:20 ----A---- C:\Windows\system32\netapi32.dll 2012-08-15 09:04:20 ----A---- C:\Windows\system32\browser.dll 2012-08-15 09:04:20 ----A---- C:\Windows\system32\browcli.dll 2012-08-15 09:04:19 ----A---- C:\Windows\SYSWOW64\srclient.dll 2012-08-15 09:04:19 ----A---- C:\Windows\system32\srcore.dll 2012-08-15 09:04:17 ----A---- C:\Windows\system32\spoolsv.exe 2012-08-15 09:04:17 ----A---- C:\Windows\splwow64.exe 2012-07-29 20:17:36 ----D---- C:\Users\Gebruiker\AppData\Roaming\CyberLink 2012-07-12 19:09:39 ----A---- C:\Windows\system32\shell32.dll 2012-07-12 19:09:37 ----A---- C:\Windows\SYSWOW64\shell32.dll 2012-07-12 19:09:35 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2012-07-12 19:09:35 ----A---- C:\Windows\SYSWOW64\secur32.dll 2012-07-12 19:09:35 ----A---- C:\Windows\SYSWOW64\schannel.dll 2012-07-12 19:09:35 ----A---- C:\Windows\system32\schannel.dll 2012-07-12 19:09:35 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2012-07-12 19:09:35 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2012-07-12 19:09:35 ----A---- C:\Windows\system32\drivers\cng.sys 2012-07-05 16:31:42 ----A---- C:\Windows\SYSWOW64\Newtonsoft.Json.Net20.dll 2012-07-05 16:21:34 ----SHD---- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-07-05 16:21:34 ----HD---- C:\ProgramData\Common Files 2012-07-05 16:21:00 ----D---- C:\ProgramData\Mozilla 2012-07-05 16:20:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2012-07-05 16:19:44 ----D---- C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoft 2012-07-05 16:14:02 ----D---- C:\Users\Gebruiker\AppData\Roaming\Apple Computer 2012-07-05 16:13:26 ----A---- C:\Windows\SYSWOW64\GEARAspi.dll 2012-07-05 16:13:26 ----A---- C:\Windows\system32\GEARAspi64.dll 2012-07-05 16:12:49 ----D---- C:\ProgramData\Apple Computer 2012-07-05 16:12:49 ----D---- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} 2012-07-05 16:12:49 ----D---- C:\Program Files\iTunes 2012-07-05 16:11:56 ----D---- C:\Program Files (x86)\Apple Software Update 2012-07-05 16:11:39 ----D---- C:\Program Files\Common Files\Apple 2012-07-05 16:11:14 ----D---- C:\ProgramData\Apple 2012-06-20 10:07:20 ----D---- C:\Windows\nl 2012-06-20 10:05:41 ----A---- C:\Windows\system32\drivers\fssfltr.sys 2012-06-19 16:19:53 ----A---- C:\Windows\system32\wups2.dll 2012-06-19 16:19:53 ----A---- C:\Windows\system32\wucltux.dll 2012-06-19 16:19:53 ----A---- C:\Windows\system32\wuaueng.dll 2012-06-19 16:19:53 ----A---- C:\Windows\system32\wuauclt.exe 2012-06-19 16:19:32 ----A---- C:\Windows\system32\wups.dll 2012-06-19 16:19:32 ----A---- C:\Windows\system32\wudriver.dll 2012-06-19 16:19:32 ----A---- C:\Windows\system32\wuapi.dll 2012-06-19 16:19:17 ----A---- C:\Windows\system32\wuwebv.dll 2012-06-19 16:19:17 ----A---- C:\Windows\system32\wuapp.exe 2012-06-14 15:38:08 ----A---- C:\Windows\system32\rdrmemptylst.exe 2012-06-14 15:38:08 ----A---- C:\Windows\system32\rdpwsx.dll 2012-06-14 15:38:08 ----A---- C:\Windows\system32\rdpcorekmts.dll 2012-06-14 15:38:07 ----A---- C:\Windows\system32\profsvc.dll 2012-06-14 15:37:57 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2012-06-14 15:37:56 ----A---- C:\Windows\SYSWOW64\msi.dll 2012-06-14 15:37:56 ----A---- C:\Windows\system32\msi.dll 2012-05-29 17:43:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2012-05-29 17:43:38 ----D---- C:\Windows\system32\Macromed 2012-05-13 12:08:22 ----D---- C:\Program Files\Microsoft Silverlight 2012-05-12 17:22:28 ----A---- C:\Windows\SYSWOW64\d2d1.dll 2012-05-12 17:22:27 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2012-05-12 17:22:27 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll 2012-05-12 17:22:27 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll 2012-05-12 17:22:27 ----A---- C:\Windows\system32\DWrite.dll 2012-05-12 17:22:27 ----A---- C:\Windows\system32\d3d10warp.dll 2012-05-12 17:22:27 ----A---- C:\Windows\system32\d3d10_1core.dll 2012-05-12 17:22:26 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll 2012-05-12 17:22:26 ----A---- C:\Windows\system32\d3d10_1.dll 2012-05-12 17:22:26 ----A---- C:\Windows\system32\d2d1.dll 2012-05-12 17:22:03 ----A---- C:\Windows\system32\drivers\partmgr.sys 2012-04-14 19:15:24 ----A---- C:\Windows\SYSWOW64\wmi.dll 2012-04-14 19:15:24 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2012-04-14 19:15:24 ----A---- C:\Windows\system32\wmi.dll 2012-04-14 19:15:24 ----A---- C:\Windows\system32\imagehlp.dll 2012-04-14 19:15:24 ----A---- C:\Windows\system32\drivers\fs_rec.sys 2012-03-13 19:11:35 ----A---- C:\Windows\SYSWOW64\rdpcore.dll 2012-03-13 19:11:35 ----A---- C:\Windows\system32\rdpcore.dll 2012-03-13 19:11:35 ----A---- C:\Windows\system32\drivers\tdtcp.sys 2012-03-08 18:50:28 ----A---- C:\Windows\SYSWOW64\sirenacm.dll 2012-03-08 18:37:20 ----A---- C:\Windows\WLXPGSS.SCR 2012-02-16 17:58:17 ----A---- C:\Windows\SYSWOW64\ntshrui.dll 2012-02-16 17:58:17 ----A---- C:\Windows\system32\ntshrui.dll 2012-02-16 17:58:11 ----A---- C:\Windows\system32\drivers\afd.sys 2012-02-16 17:58:08 ----A---- C:\Windows\system32\msvcrt.dll 2012-02-16 17:58:07 ----A---- C:\Windows\SYSWOW64\msvcrt.dll 2012-01-26 17:55:48 ----A---- C:\Windows\system32\lsasrv.dll 2012-01-26 17:55:47 ----A---- C:\Windows\SYSWOW64\webio.dll 2012-01-26 17:55:47 ----A---- C:\Windows\system32\webio.dll 2012-01-26 17:55:47 ----A---- C:\Windows\system32\sspisrv.dll 2012-01-26 17:55:47 ----A---- C:\Windows\system32\sspicli.dll 2012-01-26 17:55:47 ----A---- C:\Windows\system32\secur32.dll 2012-01-26 17:55:47 ----A---- C:\Windows\system32\lsass.exe 2012-01-11 17:53:58 ----A---- C:\Windows\SYSWOW64\quartz.dll 2012-01-11 17:53:58 ----A---- C:\Windows\SYSWOW64\qdvd.dll 2012-01-11 17:53:58 ----A---- C:\Windows\system32\quartz.dll 2012-01-11 17:53:58 ----A---- C:\Windows\system32\qdvd.dll 2012-01-11 17:53:56 ----A---- C:\Windows\system32\ntdll.dll 2012-01-11 17:53:55 ----A---- C:\Windows\SYSWOW64\packager.dll 2012-01-11 17:53:55 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2012-01-11 17:53:55 ----A---- C:\Windows\system32\packager.dll 2011-12-19 20:01:42 ----A---- C:\Windows\SYSWOW64\EncDec.dll 2011-12-19 20:01:42 ----A---- C:\Windows\system32\EncDec.dll 2011-11-15 19:05:43 ----D---- C:\Users\Gebruiker\AppData\Roaming\Windows Live Writer 2011-10-13 19:28:35 ----A---- C:\Windows\SYSWOW64\psisdecd.dll 2011-10-13 19:28:35 ----A---- C:\Windows\system32\psisdecd.dll 2011-10-13 19:28:34 ----A---- C:\Windows\SYSWOW64\oleaut32.dll 2011-10-13 19:28:34 ----A---- C:\Windows\SYSWOW64\oleacc.dll 2011-10-13 19:28:34 ----A---- C:\Windows\system32\oleaut32.dll 2011-10-13 19:28:34 ----A---- C:\Windows\system32\oleacc.dll 2011-09-05 12:26:49 ----D---- C:\Users\Gebruiker\AppData\Roaming\TuneUp Software 2011-09-05 12:25:27 ----D---- C:\ProgramData\TuneUp Software 2011-09-05 12:25:12 ----SHD---- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} 2011-08-15 18:47:54 ----A---- C:\Windows\SYSWOW64\xmllite.dll 2011-08-15 18:47:54 ----A---- C:\Windows\system32\xmllite.dll 2011-08-15 18:47:52 ----A---- C:\Windows\SYSWOW64\odbctrac.dll 2011-08-15 18:47:52 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll 2011-08-15 18:47:52 ----A---- C:\Windows\SYSWOW64\odbccu32.dll 2011-08-15 18:47:52 ----A---- C:\Windows\SYSWOW64\odbccr32.dll 2011-08-15 18:47:52 ----A---- C:\Windows\SYSWOW64\odbccp32.dll 2011-08-15 18:47:52 ----A---- C:\Windows\system32\odbctrac.dll 2011-08-15 18:47:52 ----A---- C:\Windows\system32\odbccu32.dll 2011-08-15 18:47:52 ----A---- C:\Windows\system32\odbccr32.dll 2011-08-15 18:47:52 ----A---- C:\Windows\system32\odbccp32.dll 2011-08-15 18:47:50 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbuhci.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbport.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbohci.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbhub.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbehci.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbd.sys 2011-08-07 18:42:58 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2011-08-07 18:42:48 ----A---- C:\Windows\system32\esent.dll 2011-08-07 18:42:48 ----A---- C:\Windows\system32\drivers\nvstor.sys 2011-08-07 18:42:48 ----A---- C:\Windows\system32\drivers\nvraid.sys 2011-08-07 18:42:48 ----A---- C:\Windows\system32\drivers\amdsata.sys 2011-08-07 18:42:47 ----A---- C:\Windows\SYSWOW64\fsutil.exe 2011-08-07 18:42:47 ----A---- C:\Windows\SYSWOW64\esent.dll 2011-08-07 18:42:47 ----A---- C:\Windows\system32\fsutil.exe 2011-08-07 18:42:47 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS 2011-08-07 18:42:47 ----A---- C:\Windows\system32\drivers\storport.sys 2011-08-07 18:42:47 ----A---- C:\Windows\system32\drivers\iaStorV.sys 2011-08-07 18:42:47 ----A---- C:\Windows\system32\drivers\amdxata.sys 2011-07-30 13:32:35 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2011-07-30 13:29:07 ----D---- C:\Program Files\Windows Live 2011-07-11 17:12:04 ----A---- C:\Windows\system32\drivers\dfsc.sys 2011-07-11 17:12:02 ----A---- C:\Windows\system32\inetcomm.dll 2011-07-11 17:12:01 ----A---- C:\Windows\SYSWOW64\inetcomm.dll 2011-07-11 17:11:55 ----A---- C:\Windows\system32\drivers\srv2.sys 2011-07-11 17:11:54 ----A---- C:\Windows\system32\drivers\srvnet.sys 2011-07-11 17:11:54 ----A---- C:\Windows\system32\drivers\srv.sys 2011-07-10 16:59:30 ----A---- C:\Windows\SYSWOW64\drvinst.exe 2011-07-10 16:59:30 ----A---- C:\Windows\SYSWOW64\devrtl.dll 2011-07-10 16:59:30 ----A---- C:\Windows\SYSWOW64\devobj.dll 2011-07-10 16:59:30 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll 2011-07-10 16:59:30 ----A---- C:\Windows\system32\umpnpmgr.dll 2011-07-10 16:59:28 ----A---- C:\Windows\SYSWOW64\mssrch.dll 2011-07-10 16:59:28 ----A---- C:\Windows\system32\tquery.dll 2011-07-10 16:59:28 ----A---- C:\Windows\system32\mssrch.dll 2011-07-10 16:59:27 ----A---- C:\Windows\SYSWOW64\tquery.dll 2011-07-10 16:59:27 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe 2011-07-10 16:59:27 ----A---- C:\Windows\system32\SearchIndexer.exe 2011-07-10 16:59:27 ----A---- C:\Windows\system32\mssph.dll 2011-07-10 16:59:26 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe 2011-07-10 16:59:26 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe 2011-07-10 16:59:26 ----A---- C:\Windows\SYSWOW64\mssvp.dll 2011-07-10 16:59:26 ----A---- C:\Windows\SYSWOW64\mssphtb.dll 2011-07-10 16:59:26 ----A---- C:\Windows\SYSWOW64\mssph.dll 2011-07-10 16:59:26 ----A---- C:\Windows\SYSWOW64\msscntrs.dll 2011-07-10 16:59:26 ----A---- C:\Windows\system32\SearchProtocolHost.exe 2011-07-10 16:59:26 ----A---- C:\Windows\system32\SearchFilterHost.exe 2011-07-10 16:59:26 ----A---- C:\Windows\system32\mssvp.dll 2011-07-10 16:59:26 ----A---- C:\Windows\system32\mssphtb.dll 2011-07-10 16:59:26 ----A---- C:\Windows\system32\msscntrs.dll 2011-07-07 12:52:02 ----D---- C:\Windows\PCHEALTH 2011-07-07 03:28:22 ----A---- C:\Windows\SYSWOW64\FM20.DLL 2011-07-04 05:18:06 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2011-07-04 05:18:06 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2011-07-04 05:18:05 ----A---- C:\Windows\system32\drivers\Diskdump.sys 2011-07-03 20:28:51 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll 2011-07-03 20:28:51 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll 2011-07-03 20:28:50 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll 2011-07-03 20:28:50 ----A---- C:\Windows\system32\d3dx10_42.dll 2011-07-03 20:26:45 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2011-07-03 20:26:19 ----A---- C:\Windows\SYSWOW64\UIRibbonRes.dll 2011-07-03 20:26:19 ----A---- C:\Windows\SYSWOW64\UIRibbon.dll 2011-07-03 20:26:19 ----A---- C:\Windows\system32\UIRibbonRes.dll 2011-07-03 20:26:19 ----A---- C:\Windows\system32\UIRibbon.dll 2011-06-23 21:32:32 ----A---- C:\Windows\system32\FntCache.dll 2011-06-23 21:32:31 ----A---- C:\Windows\SYSWOW64\XpsRasterService.dll 2011-06-23 21:32:31 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll 2011-06-23 21:32:31 ----A---- C:\Windows\system32\XpsRasterService.dll 2011-06-23 21:32:31 ----A---- C:\Windows\system32\ExplorerFrame.dll 2011-06-23 21:32:31 ----A---- C:\Windows\system32\drivers\dxgmms1.sys 2011-06-23 21:32:31 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2011-06-23 21:32:30 ----A---- C:\Windows\system32\cdd.dll 2011-06-23 17:41:14 ----D---- C:\ProgramData\WLInstaller 2011-05-19 20:31:44 ----A---- C:\Windows\SYSWOW64\poqexec.exe 2011-05-19 20:31:44 ----A---- C:\Windows\system32\poqexec.exe 2011-05-19 20:11:26 ----D---- C:\Windows\system32\Service 2011-05-19 20:08:08 ----D---- C:\Windows\SYSWOW64\Wat 2011-05-19 20:08:08 ----D---- C:\Windows\system32\Wat 2011-05-18 18:48:10 ----D---- C:\Program Files (x86)\Microsoft Works 2011-05-18 18:47:52 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 2011-05-18 18:45:37 ----D---- C:\Program Files\Microsoft Office 2011-05-18 18:45:31 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8 2011-05-18 18:44:49 ----D---- C:\Program Files (x86)\Microsoft Office 2011-05-18 18:44:48 ----D---- C:\ProgramData\Microsoft Help 2011-05-18 18:44:27 ----RHD---- C:\MSOCache 2011-05-18 18:36:44 ----D---- C:\Users\Gebruiker\AppData\Roaming\WinRAR 2011-05-18 18:36:15 ----D---- C:\Program Files (x86)\WinRAR 2011-05-18 18:28:30 ----D---- C:\Users\Gebruiker\AppData\Roaming\Mozilla 2011-05-18 02:37:23 ----ASH---- C:\pagefile.sys 2011-05-18 02:37:13 ----ASH---- C:\hiberfil.sys 2011-05-17 13:57:44 ----D---- C:\ProgramData\Nero 2011-05-17 13:46:04 ----D---- C:\Users\Gebruiker\AppData\Roaming\Macromedia 2011-05-17 13:46:03 ----D---- C:\Users\Gebruiker\AppData\Roaming\Adobe 2011-05-17 13:30:37 ----D---- C:\Program Files (x86)\Microsoft.NET 2011-05-17 12:53:43 ----A---- C:\Windows\SYSWOW64\wcncsvc.dll 2011-05-17 12:53:43 ----A---- C:\Windows\system32\wcncsvc.dll 2011-05-17 12:43:02 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL 2011-05-17 12:43:02 ----A---- C:\Windows\SYSWOW64\mfreadwrite.dll 2011-05-17 12:43:02 ----A---- C:\Windows\system32\WMVDECOD.DLL 2011-05-17 12:43:02 ----A---- C:\Windows\system32\mfreadwrite.dll 2011-05-17 12:43:02 ----A---- C:\Windows\system32\mfps.dll 2011-05-17 12:43:01 ----A---- C:\Windows\SYSWOW64\mf.dll 2011-05-17 12:43:01 ----A---- C:\Windows\system32\mf.dll 2011-05-17 12:40:35 ----A---- C:\Windows\system32\MRT.exe 2011-05-17 12:39:33 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll 2011-05-17 12:39:33 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe 2011-05-17 12:39:33 ----A---- C:\Windows\SYSWOW64\netfxperf.dll 2011-05-17 12:39:33 ----A---- C:\Windows\SYSWOW64\mscoree.dll 2011-05-17 12:39:33 ----A---- C:\Windows\SYSWOW64\dfshim.dll 2011-05-17 12:39:33 ----A---- C:\Windows\system32\PresentationHostProxy.dll 2011-05-17 12:39:33 ----A---- C:\Windows\system32\PresentationHost.exe 2011-05-17 12:39:33 ----A---- C:\Windows\system32\netfxperf.dll 2011-05-17 12:39:33 ----A---- C:\Windows\system32\mscoree.dll 2011-05-17 12:39:33 ----A---- C:\Windows\system32\dfshim.dll 2011-05-17 12:39:18 ----A---- C:\Windows\system32\browserchoice.exe 2011-05-17 12:35:56 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2011-05-17 12:35:56 ----A---- C:\Windows\system32\drivers\ks.sys 2011-05-17 12:34:45 ----A---- C:\Windows\SYSWOW64\wmpmde.dll 2011-05-17 12:34:45 ----A---- C:\Windows\system32\wmpmde.dll 2011-05-17 12:34:32 ----A---- C:\Windows\system32\msdri.dll 2011-05-17 12:34:15 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll 2011-05-17 12:34:15 ----A---- C:\Windows\system32\XpsPrint.dll 2011-05-17 12:34:06 ----A---- C:\Windows\SYSWOW64\upnp.dll 2011-05-17 12:34:06 ----A---- C:\Windows\system32\upnp.dll 2011-05-17 12:34:05 ----A---- C:\Windows\SYSWOW64\wscapi.dll 2011-05-17 12:34:05 ----A---- C:\Windows\SYSWOW64\winhttp.dll 2011-05-17 12:34:05 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2011-05-17 12:34:05 ----A---- C:\Windows\SYSWOW64\slwga.dll 2011-05-17 12:34:05 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2011-05-17 12:34:05 ----A---- C:\Windows\system32\wscsvc.dll 2011-05-17 12:34:05 ----A---- C:\Windows\system32\wscapi.dll 2011-05-17 12:34:05 ----A---- C:\Windows\system32\winhttp.dll 2011-05-17 12:34:05 ----A---- C:\Windows\system32\WebClnt.dll 2011-05-17 12:34:05 ----A---- C:\Windows\system32\slwga.dll 2011-05-17 12:34:05 ----A---- C:\Windows\system32\davclnt.dll 2011-05-17 12:34:03 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe 2011-05-17 12:34:03 ----A---- C:\Windows\SYSWOW64\dnsapi.dll 2011-05-17 12:34:03 ----A---- C:\Windows\system32\dnsrslvr.dll 2011-05-17 12:34:03 ----A---- C:\Windows\system32\dnscacheugc.exe 2011-05-17 12:34:03 ----A---- C:\Windows\system32\dnsapi.dll 2011-05-17 12:34:02 ----A---- C:\Windows\system32\taskschd.dll 2011-05-17 12:34:02 ----A---- C:\Windows\system32\taskeng.exe 2011-05-17 12:34:02 ----A---- C:\Windows\system32\schedsvc.dll 2011-05-17 12:34:01 ----A---- C:\Windows\SYSWOW64\taskschd.dll 2011-05-17 12:34:01 ----A---- C:\Windows\SYSWOW64\taskeng.exe 2011-05-17 12:34:01 ----A---- C:\Windows\SYSWOW64\taskcomp.dll 2011-05-17 12:34:01 ----A---- C:\Windows\SYSWOW64\schtasks.exe 2011-05-17 12:34:01 ----A---- C:\Windows\system32\wmicmiplugin.dll 2011-05-17 12:34:01 ----A---- C:\Windows\system32\taskcomp.dll 2011-05-17 12:34:01 ----A---- C:\Windows\system32\schtasks.exe 2011-05-17 12:34:00 ----A---- C:\Windows\explorer.exe 2011-05-17 12:33:59 ----A---- C:\Windows\SYSWOW64\explorer.exe 2011-05-17 12:33:58 ----A---- C:\Windows\SYSWOW64\CPFilters.dll 2011-05-17 12:33:58 ----A---- C:\Windows\system32\CPFilters.dll 2011-05-17 12:33:57 ----A---- C:\Windows\system32\sbe.dll 2011-05-17 12:33:56 ----A---- C:\Windows\SYSWOW64\sbe.dll 2011-05-17 12:33:53 ----A---- C:\Windows\SYSWOW64\ole32.dll 2011-05-17 12:33:53 ----A---- C:\Windows\system32\ole32.dll 2011-05-17 12:33:50 ----A---- C:\Windows\system32\winresume.exe 2011-05-17 12:33:50 ----A---- C:\Windows\system32\winload.exe 2011-05-17 12:33:49 ----A---- C:\Windows\system32\kdusb.dll 2011-05-17 12:33:49 ----A---- C:\Windows\system32\kdcom.dll 2011-05-17 12:33:49 ----A---- C:\Windows\system32\kd1394.dll 2011-05-17 12:33:47 ----A---- C:\Windows\SYSWOW64\mfc42u.dll 2011-05-17 12:33:47 ----A---- C:\Windows\SYSWOW64\mfc42.dll 2011-05-17 12:33:47 ----A---- C:\Windows\system32\mfc42u.dll 2011-05-17 12:33:47 ----A---- C:\Windows\system32\mfc42.dll 2011-05-17 12:33:24 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll 2011-05-17 12:33:24 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2011-05-17 12:33:23 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2011-05-17 12:33:23 ----A---- C:\Windows\system32\comctl32.dll 2011-05-17 12:33:21 ----A---- C:\Windows\SYSWOW64\t2embed.dll 2011-05-17 12:33:21 ----A---- C:\Windows\system32\t2embed.dll 2011-05-17 12:33:17 ----A---- C:\Windows\SYSWOW64\prevhost.exe 2011-05-17 12:33:17 ----A---- C:\Windows\system32\prevhost.exe 2011-05-17 12:33:16 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll 2011-05-17 12:33:16 ----A---- C:\Windows\system32\StructuredQuery.dll 2011-05-17 12:33:11 ----A---- C:\Windows\SYSWOW64\odbc32.dll 2011-05-17 12:33:11 ----A---- C:\Windows\system32\odbc32.dll 2011-05-17 12:33:08 ----A---- C:\Windows\SYSWOW64\mfc40u.dll 2011-05-17 12:33:08 ----A---- C:\Windows\SYSWOW64\mfc40.dll 2011-05-17 12:33:05 ----A---- C:\Windows\system32\wmp.dll 2011-05-17 12:33:04 ----A---- C:\Windows\SYSWOW64\wmp.dll 2011-05-17 12:33:03 ----A---- C:\Windows\SYSWOW64\wmploc.DLL 2011-05-17 12:33:03 ----A---- C:\Windows\system32\wmploc.DLL 2011-05-17 12:23:27 ----A---- C:\Windows\system32\consent.exe 2011-05-17 12:21:49 ----A---- C:\Windows\system32\drivers\bowser.sys 2011-05-17 12:18:33 ----A---- C:\Windows\SYSWOW64\mstsc.exe 2011-05-17 12:18:33 ----A---- C:\Windows\system32\mstsc.exe 2011-05-17 12:18:32 ----A---- C:\Windows\SYSWOW64\sscore.dll 2011-05-17 12:18:32 ----A---- C:\Windows\system32\srvsvc.dll 2011-05-17 12:18:32 ----A---- C:\Windows\system32\FXSCOVER.exe 2011-05-17 11:49:46 ----D---- C:\Users\Gebruiker\AppData\Roaming\Asus WebStorage 2011-05-17 11:49:04 ----D---- C:\Users\Gebruiker\AppData\Roaming\Identities 2011-05-17 11:47:28 ----DC---- C:\Windows\system32\DRVSTORE 2011-05-17 11:46:19 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll 2011-05-17 11:46:19 ----A---- C:\Windows\system32\d3dx9_32.dll 2011-05-17 11:44:50 ----D---- C:\Program Files (x86)\Microsoft 2011-05-17 11:44:12 ----D---- C:\Program Files (x86)\Windows Live 2011-05-17 11:42:08 ----HD---- C:\ASUS.DAT 2011-05-17 11:41:34 ----SD---- C:\Users\Gebruiker\AppData\Roaming\Microsoft 2011-05-17 11:41:34 ----D---- C:\Users\Gebruiker\AppData\Roaming\Media Center Programs 2011-05-17 11:38:38 ----D---- C:\Windows\system32\log 2011-03-28 21:11:06 ----A---- C:\Windows\system32\LIVESSP.DLL 2011-03-28 20:31:14 ----A---- C:\Windows\SYSWOW64\LIVESSP.DLL 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\vcomp100.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\msvcp100.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfcm100u.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfcm100.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100u.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100rus.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100kor.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100jpn.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100ita.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100fra.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100esn.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100enu.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100deu.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100cht.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100chs.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\mfc100.dll 2011-02-19 23:03:12 ----A---- C:\Windows\SYSWOW64\atl100.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\vcomp100.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\msvcp100.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfcm100u.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfcm100.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100u.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100rus.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100kor.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100jpn.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100ita.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100fra.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100esn.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100enu.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100deu.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100cht.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100chs.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\mfc100.dll 2011-02-19 22:51:56 ----A---- C:\Windows\system32\atl100.dll 2011-02-19 00:52:32 ----A---- C:\Windows\system32\msvcr100.dll 2011-02-19 00:40:50 ----A---- C:\Windows\SYSWOW64\msvcr100.dll 2010-10-27 23:06:09 ----A---- C:\devlist.txt 2010-10-27 23:01:37 ----A---- C:\Windows\SYSWOW64\rtutils.dll 2010-10-27 23:01:37 ----A---- C:\Windows\system32\rtutils.dll 2010-10-27 23:00:42 ----A---- C:\Windows\SYSWOW64\iccvid.dll 2010-10-27 22:58:34 ----A---- C:\dpi.txt 2010-10-27 22:55:54 ----A---- C:\Windows\AsChkDev.txt 2010-10-27 22:54:25 ----D---- C:\Windows\SYSWOW64\K_Series_ScreenSaver_EN dir 2010-10-27 22:54:25 ----A---- C:\Windows\SYSWOW64\K_Series_ScreenSaver_EN.scr 2010-10-27 22:54:21 ----A---- C:\Windows\AsScrPro.exe 2010-10-27 22:54:14 ----A---- C:\Windows\system32\drivers\AsDsm.sys 2010-10-27 22:53:50 ----A---- C:\Windows\system32\drivers\***laby.sys 2010-10-27 22:53:26 ----A---- C:\Windows\SYSWOW64\ACEngSvr.exe 2010-10-27 22:53:09 ----A---- C:\Windows\system32\ServiceFilter.ini 2010-10-27 22:53:09 ----A---- C:\Windows\system32\RemoveFont.ini 2010-10-27 22:53:09 ----A---- C:\Windows\system32\FBAgent.exe 2010-10-27 22:53:09 ----A---- C:\Windows\system32\FastBoot.ini 2010-10-27 22:53:09 ----A---- C:\Windows\system32\Defrag.ini 2010-10-27 22:53:09 ----A---- C:\Windows\system32\BootTime.ini 2010-10-27 22:53:09 ----A---- C:\Windows\system32\AutoRunFilter.ini 2010-10-27 22:53:08 ----D---- C:\Program Files\ASUS 2010-10-27 22:50:49 ----A---- C:\Windows\system32\drivers\rdyboost.sys 2010-10-27 22:50:20 ----D---- C:\ProgramData\P4G 2010-10-27 22:50:20 ----D---- C:\Program Files\P4G 2010-10-27 22:47:52 ----D---- C:\Program Files (x86)\JMicron 2010-10-27 22:47:19 ----D---- C:\Program Files\SRS Labs 2010-10-27 22:46:22 ----D---- C:\Windows\system32\SRSLabs 2010-10-27 22:46:21 ----D---- C:\Program Files\CONEXANT 2010-10-27 22:44:20 ----D---- C:\Program Files\Common Files\Intel 2010-10-27 22:43:11 ----A---- C:\Windows\SYSWOW64\asycfilt.dll 2010-10-27 22:43:11 ----A---- C:\Windows\system32\asycfilt.dll 2010-10-27 22:42:19 ----A---- C:\Windows\SYSWOW64\log.txt 2010-10-27 22:42:01 ----A---- C:\Windows\system32\drivers\HECIx64.sys 2010-10-27 22:41:01 ----A---- C:\Windows\system32\drivers\sffp_sd.sys 2010-10-27 22:41:01 ----A---- C:\Windows\system32\drivers\sdbus.sys 2010-10-27 22:38:13 ----D---- C:\Program Files (x86)\Intel 2010-10-27 22:38:13 ----A---- C:\Windows\SYSWOW64\CSVer.dll 2010-10-27 22:37:55 ----D---- C:\Intel 2010-10-27 22:36:25 ----D---- C:\Program Files (x86)\MSXML 4.0 2010-10-27 22:36:19 ----A---- C:\Windows\csup.txt 2010-10-27 22:34:50 ----A---- C:\Windows\SYSWOW64\cabview.dll 2010-10-27 22:34:50 ----A---- C:\Windows\system32\cabview.dll 2010-10-27 22:34:19 ----D---- C:\Program Files (x86)\syncables 2010-10-27 22:34:16 ----D---- C:\Windows\SYSWOW64\Macromed 2010-10-27 22:33:53 ----D---- C:\Program Files (x86)\ASUS 2010-10-27 22:33:51 ----D---- C:\ProgramData\GoBoingo 2010-10-27 22:33:51 ----D---- C:\Program Files (x86)\Boingo 2010-10-27 22:33:26 ----D---- C:\Program Files\Google 2010-10-27 22:33:22 ----D---- C:\Program Files (x86)\Google 2010-10-27 22:32:14 ----D---- C:\ProgramData\Adobe 2010-10-27 22:31:57 ----D---- C:\Program Files (x86)\Adobe 2010-10-27 22:28:14 ----A---- C:\Windows\SYSWOW64\msxml3a.dll 2010-10-27 22:28:13 ----A---- C:\Windows\SYSWOW64\msvcr71.dll 2010-10-27 22:28:13 ----A---- C:\Windows\SYSWOW64\msvcp71.dll 2010-10-27 22:27:30 ----A---- C:\Windows\system32\winlogon.exe 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\msyuv.dll 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\msvidc32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\msrle32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\mciavi32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\SYSWOW64\avifil32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\system32\tsbyuv.dll 2010-10-27 22:26:35 ----A---- C:\Windows\system32\msyuv.dll 2010-10-27 22:26:35 ----A---- C:\Windows\system32\msvidc32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\system32\msrle32.dll 2010-10-27 22:26:35 ----A---- C:\Windows\system32\iyuv_32.dll 2010-10-27 22:24:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2010-10-27 22:22:45 ----D---- C:\Program Files (x86)\CyberLink 2010-10-27 22:22:41 ----D---- C:\ProgramData\CyberLink 2010-10-27 22:22:39 ----D---- C:\ProgramData\Temp 2010-10-27 22:21:01 ----SHD---- C:\Windows\Installer 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\secproc_ssp_isv.dll 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\secproc_ssp.dll 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\secproc_isv.dll 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\secproc.dll 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp_isv.exe 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\RMActivate_ssp.exe 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\RMActivate_isv.exe 2010-10-27 22:20:37 ----A---- C:\Windows\SYSWOW64\RMActivate.exe 2010-10-27 22:20:37 ----A---- C:\Windows\system32\secproc_ssp_isv.dll 2010-10-27 22:20:37 ----A---- C:\Windows\system32\secproc_ssp.dll 2010-10-27 22:20:37 ----A---- C:\Windows\system32\secproc_isv.dll 2010-10-27 22:20:37 ----A---- C:\Windows\system32\secproc.dll 2010-10-27 22:20:37 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe 2010-10-27 22:20:37 ----A---- C:\Windows\system32\RMActivate_ssp.exe 2010-10-27 22:20:37 ----A---- C:\Windows\system32\RMActivate_isv.exe 2010-10-27 22:20:37 ----A---- C:\Windows\system32\RMActivate.exe 2010-10-27 22:19:33 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2010-10-27 22:19:33 ----A---- C:\Windows\system32\fontsub.dll 2010-10-27 22:18:42 ----D---- C:\Program Files\Elantech 2010-10-27 22:14:42 ----D---- C:\Windows\SoftwareDistribution 2010-10-27 22:13:02 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2010-10-27 22:13:02 ----A---- C:\Windows\system32\msv1_0.dll 2010-10-27 22:12:01 ----A---- C:\Windows\SYSWOW64\msasn1.dll 2010-10-27 22:12:01 ----A---- C:\Windows\system32\msasn1.dll 2010-10-27 22:09:51 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll 2010-10-27 22:09:51 ----A---- C:\Windows\system32\CertEnroll.dll 2010-10-27 21:56:52 ----D---- C:\eSupport 2010-10-27 21:56:41 ----A---- C:\Windows\AsToolCD.txt 2010-10-27 10:25:34 ----SHD---- C:\System Volume Information 2010-10-27 10:24:29 ----A---- C:\Pass.txt 2010-09-03 20:30:06 ----SHD---- C:\Config.Msi 2010-09-03 20:19:34 ----D---- C:\rsit 2010-09-03 20:19:34 ----D---- C:\Program Files\trend micro 2010-09-02 02:49:19 ----A---- C:\bdlog.txt 2010-09-01 18:13:35 ----A---- C:\Windows\system32\drivers\bdvedisk.sys 2010-08-30 18:34:46 ----D---- C:\ProgramData\BDLogging 2010-08-30 18:34:40 ----A---- C:\Windows\system32\drivers\bdsandbox.sys 2010-08-30 18:34:40 ----A---- C:\Windows\system32\drivers\BdfNdisf6.sys 2010-08-30 18:34:40 ----A---- C:\Windows\capicom.dll 2010-08-30 18:34:39 ----A---- C:\Windows\system32\WdfCoInstaller01009.dll 2010-08-30 18:34:26 ----A---- C:\Windows\system32\drivers\avckf.sys 2010-08-30 18:34:25 ----A---- C:\Windows\system32\drivers\avchv.sys 2010-08-30 18:34:25 ----A---- C:\Windows\system32\drivers\avc3.sys 2010-08-30 18:33:54 ----D---- C:\Users\Gebruiker\AppData\Roaming\Bitdefender 2010-08-30 18:33:46 ----D---- C:\ProgramData\Bitdefender 2010-08-30 18:32:15 ----D---- C:\Users\Gebruiker\AppData\Roaming\QuickScan 2010-08-30 18:32:00 ----A---- C:\Windows\system32\drivers\gzflt.sys 2010-08-30 18:31:58 ----D---- C:\Program Files\Bitdefender 2010-08-30 18:31:58 ----A---- C:\Windows\system32\drivers\trufos.sys 2010-08-30 18:29:54 ----D---- C:\Program Files\Common Files\Bitdefender 2010-08-23 09:40:15 ----A---- C:\RECOVERY.DAT ======List of files/folders modified in the last 1 month====== 2014-02-08 19:08:46 ----SD---- C:\ProgramData\Microsoft 2014-02-05 18:29:06 ----D---- C:\Windows\system32\catroot2 2014-02-03 04:19:51 ----D---- C:\Windows\system32\LogFiles 2013-09-14 16:15:13 ----D---- C:\Windows\Prefetch 2013-08-02 21:52:52 ----D---- C:\Windows\rescache 2013-05-03 11:24:06 ----D---- C:\Program Files (x86)\Common Files 2013-04-25 07:00:54 ----D---- C:\Windows\winsxs 2013-04-10 16:46:49 ----D---- C:\Program Files (x86)\Internet Explorer 2013-04-10 16:46:47 ----D---- C:\Windows\SYSWOW64\migration 2013-04-10 16:46:45 ----D---- C:\Windows\system32\migration 2013-04-10 16:46:45 ----D---- C:\Program Files\Internet Explorer 2013-02-18 19:17:48 ----RSD---- C:\Windows\assembly 2013-02-18 19:17:48 ----D---- C:\Windows\Microsoft.NET 2013-02-15 08:10:39 ----D---- C:\Windows\AppPatch 2013-02-03 12:34:13 ----D---- C:\Windows\system32\NDF 2013-01-12 11:23:13 ----D---- C:\Windows\SYSWOW64\nl-NL 2013-01-12 11:23:12 ----D---- C:\Windows\system32\nl-NL 2012-11-15 20:07:33 ----D---- C:\Windows\system32\wbem 2012-11-15 20:07:33 ----D---- C:\Windows\system32\drivers\nl-NL 2012-11-15 20:07:32 ----RSD---- C:\Windows\Fonts 2012-11-15 19:02:17 ----A---- C:\Windows\win.ini 2012-09-15 16:43:46 ----SHD---- C:\$Recycle.Bin 2012-08-02 17:17:37 ----D---- C:\Windows\system32\drivers\UMDF 2012-05-29 17:43:41 ----D---- C:\Windows\Tasks 2012-05-13 10:21:27 ----D---- C:\Program Files\Windows Journal 2012-01-12 07:14:42 ----D---- C:\Windows\ehome 2011-12-24 19:51:25 ----D---- C:\Program Files (x86)\Windows Sidebar 2011-12-24 19:51:25 ----D---- C:\Program Files (x86)\Windows Mail 2011-12-24 19:51:24 ----D---- C:\Program Files\Windows Sidebar 2011-12-24 19:51:24 ----D---- C:\Program Files\Windows Mail 2011-12-24 19:51:24 ----D---- C:\Program Files (x86)\Windows Photo Viewer 2011-12-24 19:51:24 ----D---- C:\Program Files (x86)\Windows Media Player 2011-12-24 19:51:24 ----D---- C:\Program Files (x86)\Windows Defender 2011-12-24 19:51:23 ----D---- C:\Windows\servicing 2011-12-24 19:51:23 ----D---- C:\Program Files\Windows Photo Viewer 2011-12-24 19:51:23 ----D---- C:\Program Files\Windows Media Player 2011-12-24 19:51:23 ----D---- C:\Program Files\Windows Defender 2011-12-24 19:51:23 ----D---- C:\Program Files\Common Files\System 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\XPSViewer 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\winrm 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\WCN 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\sysprep 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\slmgr 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\Setup 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\oobe 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\MUI 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\migwiz 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\DriverStore 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\drivers\UMDF 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\drivers 2011-12-24 19:51:21 ----D---- C:\Windows\SYSWOW64\Dism 2011-12-24 19:51:20 ----D---- C:\Windows\SYSWOW64\wbem 2011-12-24 19:51:20 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts 2011-12-24 19:51:20 ----D---- C:\Windows\SYSWOW64\es-ES 2011-12-24 19:51:12 ----D---- C:\Windows\SYSWOW64\com 2011-12-24 19:51:12 ----D---- C:\Windows\system32\winrm 2011-12-24 19:51:12 ----D---- C:\Windows\system32\slmgr 2011-12-24 19:51:12 ----D---- C:\Windows\system32\oobe 2011-12-24 19:51:12 ----D---- C:\Windows\system32\migwiz 2011-12-24 19:51:12 ----D---- C:\Windows\system32\Boot 2011-12-24 19:51:11 ----D---- C:\Windows\system32\WCN 2011-12-24 19:51:11 ----D---- C:\Windows\system32\sysprep 2011-12-24 19:51:11 ----D---- C:\Windows\system32\Setup 2011-12-24 19:51:11 ----D---- C:\Windows\system32\MUI 2011-12-24 19:51:11 ----D---- C:\Windows\system32\Dism 2011-12-24 19:51:08 ----D---- C:\Windows\system32\Printing_Admin_Scripts 2011-12-24 19:51:06 ----D---- C:\Windows\system32\es-ES 2011-12-24 19:50:56 ----D---- C:\Windows\system32\com 2011-12-24 19:50:56 ----D---- C:\Windows\Speech 2011-12-24 19:50:56 ----D---- C:\Windows\es-ES 2011-12-24 19:50:41 ----D---- C:\Windows\SYSWOW64\pt-PT 2011-12-24 19:50:34 ----D---- C:\Windows\SYSWOW64\en-US 2011-12-24 19:50:33 ----D---- C:\Windows\IME 2011-12-24 19:50:32 ----D---- C:\Windows\system32\pt-PT 2011-12-24 19:50:32 ----D---- C:\Windows\PolicyDefinitions 2011-12-24 19:50:22 ----D---- C:\Windows\system32\en-US 2011-12-24 19:50:00 ----D---- C:\Windows\it-IT 2011-12-24 19:49:59 ----D---- C:\Windows\SYSWOW64\it-IT 2011-12-24 19:49:50 ----D---- C:\Windows\system32\it-IT 2011-12-24 19:49:16 ----D---- C:\Windows\SYSWOW64\he-IL 2011-12-24 19:49:08 ----D---- C:\Windows\en-US 2011-12-24 19:49:03 ----D---- C:\Windows\system32\he-IL 2011-12-24 19:48:39 ----D---- C:\Windows\SYSWOW64\el-GR 2011-12-24 19:48:29 ----D---- C:\Windows\system32\el-GR 2011-12-24 19:48:02 ----D---- C:\Windows\fr-FR 2011-12-24 19:48:01 ----D---- C:\Windows\SYSWOW64\fr-FR 2011-12-24 19:47:48 ----D---- C:\Windows\system32\fr-FR 2011-12-24 19:47:18 ----D---- C:\Program Files\DVD Maker 2011-12-24 19:46:32 ----D---- C:\Windows\SYSWOW64\de-DE 2011-12-24 19:46:32 ----D---- C:\Windows\de-DE 2011-12-24 19:46:22 ----D---- C:\Windows\system32\de-DE 2011-12-24 19:45:37 ----D---- C:\Windows\SYSWOW64\zh-TW 2011-12-24 19:45:23 ----D---- C:\Windows\system32\zh-TW 2011-12-24 19:45:23 ----D---- C:\Windows\Globalization 2011-08-13 20:26:18 ----D---- C:\Windows\system32\wdi 2011-05-18 18:48:03 ----D---- C:\Program Files (x86)\MSBuild 2011-05-18 18:47:51 ----D---- C:\Windows\ShellNew 2011-05-17 11:41:34 ----RD---- C:\Users 2011-05-17 11:39:35 ----SHD---- C:\Recovery 2011-05-17 11:39:35 ----D---- C:\Windows\system32\Recovery 2010-10-27 22:48:35 ----D---- C:\Windows\twain_32 2010-10-27 22:34:27 ----D---- C:\Windows\system32\OEM 2010-10-27 22:21:03 ----D---- C:\Windows\system32\restore 2010-10-27 22:06:53 ----D---- C:\Windows\Setup 2010-10-27 22:02:35 ----D---- C:\Windows\ASUS 2010-10-27 09:07:19 ----D---- C:\Windows\Log 2010-09-03 20:59:30 ----D---- C:\Windows\system32\config 2010-09-03 20:59:21 ----D---- C:\Windows\Temp 2010-09-03 20:56:07 ----D---- C:\Windows\system32\Tasks 2010-09-03 20:55:55 ----D---- C:\Windows\inf 2010-09-03 20:55:43 ----D---- C:\Windows\system32\drivers\etc 2010-09-03 20:55:34 ----D---- C:\Windows 2010-09-03 20:29:39 ----RD---- C:\Program Files (x86) 2010-09-03 20:19:34 ----RD---- C:\Program Files 2010-09-03 20:09:04 ----D---- C:\Windows\Panther 2010-09-03 20:09:03 ----D---- C:\Windows\Logs 2010-09-03 20:09:03 ----D---- C:\Windows\debug 2010-09-03 19:57:50 ----D---- C:\Windows\System32 2010-09-03 19:57:50 ----A---- C:\Windows\system32\PerfStringBackup.INI 2010-09-01 18:13:37 ----D---- C:\Windows\system32\drivers 2010-08-30 18:36:04 ----HD---- C:\ProgramData 2010-08-30 18:34:57 ----D---- C:\Windows\system32\DriverStore 2010-08-30 18:34:57 ----D---- C:\Windows\system32\catroot 2010-08-30 18:34:07 ----D---- C:\Program Files\Common Files\Microsoft Shared 2010-08-30 18:34:01 ----D---- C:\Windows\SysWOW64 2010-08-30 18:29:54 ----D---- C:\Program Files\Common Files ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AsDsm;AsDsm; C:\Windows\system32\drivers\AsDsm.sys [2010-10-27 35384] R0 avc3;avc3; C:\Windows\system32\DRIVERS\avc3.sys [2013-07-19 727592] R0 gzflt;gzflt; C:\Windows\system32\DRIVERS\gzflt.sys [2013-08-23 150256] R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-08-06 408600] R0 ***laby;***laby; C:\Windows\system32\DRIVERS\***laby.sys [2009-06-18 15928] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-10-27 213888] R0 trufos;trufos; C:\Windows\system32\DRIVERS\trufos.sys [2013-08-07 389240] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [2013-02-22 93600] R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-14 103504] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2011/05/17 14:15:27]; \??\C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [2009-09-01 146928] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368] R3 avchv;avchv Function Driver; C:\Windows\system32\DRIVERS\avchv.sys [2012-11-02 261056] R3 avckf;avckf; C:\Windows\system32\DRIVERS\avckf.sys [2013-07-19 601360] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2010-01-18 717368] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-07-21 129024] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-04-30 10331840] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-02-03 271872] R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472] R3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits); C:\Windows\system32\DRIVERS\JME.sys [2010-02-25 115312] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 25928] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-08-20 1800192] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] S3 BDSandBox;BDSandBox; \??\C:\Windows\system32\drivers\bdsandbox.sys [2013-07-23 82824] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-03-08 48488] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-10-27 109056] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432] R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2010-06-22 379520] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008] R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-10-01 262144] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] R2 UPDATESRV;Bitdefender Desktop Update Service; C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe [2013-08-07 67320] R2 VSSERV;Bitdefender Virus Shield; C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe [2013-09-30 1645256] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280] R3 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2010-04-06 244904] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27 135664] S2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-03-01 161384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-03-08 1492840] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27 135664] S3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-08-16 641352] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-21 119408] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-19 1255736] S4 BdDesktopParental;Bitdefender Desktop Parental Control; C:\Program Files\Bitdefender\Bitdefender 2013\bdparentalservice.exe [2013-08-07 69392] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF-----------------
-
tr/bho.zwangi.4890.a virus
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Neen hij geeft niets meer terug bij scannen. -
tr/bho.zwangi.4890.a virus
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.0 Updated 29-January-2014 Tool run by cynthia on ven. 31/01/2014 at 6:07:23,60. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\cynthia\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 31/01/2014 6:09:17 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Users\cynthia\AppData\Local\Acer ePower Management V4 deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1339676201-288736409-248646057-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\SLsvc.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\taskeng.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Microsoft Security Client\NisSrv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\cynthia\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerEvent.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Users\cynthia\Desktop\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] ==== Deleting Files \ Folders ====================== C:\Windows\wininit.ini deleted C:\Windows\system32\tasks\RunAsStdUser Task deleted "C:\ProgramData\eb8ea2215036958e903194f3ebbd00e9_c" deleted ==== System Specs ====================== Windows: Windows Vista Home Basic Edition Service Pack 2 (Build 6002) Memory (RAM): 2942 MB CPU Info: AMD Athlon X2 Dual-Core QL-65 CPU Speed: 2097,9 MHz Sound Card: Speakers (Realtek High Definiti | Realtek Digital Output (Realtek | Display Adapters: ATI Radeon HD 3200 Graphics | ATI Radeon HD 3200 Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Atheros AR5B91 Wireless Network Adapter | Broadcom NetLink Gigabit Ethernet CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-7580S Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 285,1GB | D: 298,1GB Hard Disks - Free: C: 209,5GB | D: 298,0GB Manufacturer *: Packard Bell BIOS Info: AT/AT COMPATIBLE | 04/02/09 | ACRSYS - 6040000 Time Zone: Romance Standard Time Motherboard *: Packard Bell SJV70-PU Country: Belgium Language: FRB ==== System Specs (Software) ====================== Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated) Anti-Virus: Avira Desktop On-access scanning disabled (Outdated) Anti-Spyware: Avira Desktop disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Microsoft Security Essentials disabled (Outdated) Default Browser: Google Chrome 32.0.1700.76 Internet Explorer Version: 9.0.8112.16421 Google Chrome version: 32.0.1700.76 Adobe Reader version: 9.0.0.2008061200 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-01-27 20:40:19 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Irremote.ini 2014-01-27 18:54:53 2A66E81AE941E54A237490FC35D387C8 1945 ----a-w- C:\Windows\epplauncher.mif ====== C:\Users\cynthia\AppData\Local\Temp ==== 2014-01-30 21:33:41 205BD86027A0A1C74EA2092395BE5BD3 3939840 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302233-000006b4-oifyllu3am\fssclient_x86.msi 2014-01-30 21:32:39 960BA1A7DFC8C7D4E6A611770CBF9C2A 6799872 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302232-000006b4-9om9kxrfhv\MovieMaker.msi 2014-01-30 21:31:58 762E01A46B2492D1AF14EDE863FB1758 18757632 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302231-000006b4-5tqxp5jucj\PhotoLibrary.msi 2014-01-30 21:30:29 F3E19FE4FB22AEAE56F8E9A575F26FA8 15521280 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302230-000006b4-bul3jf439y\Mail.msi 2014-01-30 21:30:17 40A69A0FFEF2E5332F7FD2340B3B0CB1 3279872 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302230-000006b4-wv9fociql0\SpamFilterData.msi 2014-01-30 21:29:49 CBF59DF6858D53B65CD9DB34D6966DF9 25276928 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302229-000006b4-vxcjwwnwzg\Messenger.msi 2014-01-30 21:29:18 4982E5BA667961095F3F7D5EF08FE2E5 964608 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302229-000006b4-j0mpgwj4o5\Contacts.msi 2014-01-30 21:28:25 F4E1D68B81FD9509E5B6CBCD1FF5070F 739328 ----a-w- C:\Users\cynthia\AppData\Local\Temp\01302228-000006b4-cx46cbu73o\WLXSuite.msi 2014-01-27 20:28:59 FCF35E1C0A7DDC52FE2A738600773C68 12344 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.Communicator.Interface.dll 2014-01-27 20:28:55 8166E0A1348922A61AF1765755061A00 285240 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.NativeCore.dll 2014-01-27 20:28:54 610C86FBC0483579DC35AA73DDADCE66 42040 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.Interface.dll 2014-01-27 20:28:52 74B324BDE763615318490FE1DF9DC32A 119352 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.Wincore.dll 2014-01-27 20:28:25 9B88C214FC43E13D627862F8B0E8F89F 39480 ----a-w- C:\Users\cynthia\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll 2014-01-27 19:21:20 919160525DA7A3D5D09E0DD5A6B16454 264008 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes.dll 2014-01-27 19:21:19 8D15BBCBA2B1A6096C0D15E3D1893B5F 153280 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McInstallerRes_LD.dll 2014-01-27 19:21:18 EA77325B4FAF6EBC8ACEB42011747DA1 571472 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McInstallerStartup.dll 2014-01-27 19:21:14 206A83BDC11D09FB1B3740236ED5E9EE 418568 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\mcbrwsr2.dll 2014-01-27 19:21:13 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe ====== C:\Windows\system32 ===== 2014-01-30 21:25:17 8B01FB723F3B30AB3DEBDDBF97CFE577 515416 ----a-w- C:\Windows\System32\XAudio2_5.dll 2014-01-30 21:25:17 30686ECE80545E06D78D156EB9F7D463 69464 ----a-w- C:\Windows\System32\XAPOFX1_3.dll 2014-01-30 21:25:16 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\Windows\System32\d3dx10_42.dll 2014-01-30 21:22:38 E4783742790B2084EFCBF6AE8968A73D 754688 ----a-w- C:\Windows\System32\webservices.dll 2014-01-30 18:40:05 F64812456BD11244322F0B0F1B236841 486400 ----a-w- C:\Windows\System32\d3d10level9.dll 2014-01-30 18:40:05 52673DCDFA7687EABC0C779894D0F4FF 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll 2014-01-30 18:40:05 2434237DFBC70483B63A667B9573891E 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll 2014-01-30 18:40:04 E0F15C8A63D2FCC40D0A6F9354DF0118 1029120 ----a-w- C:\Windows\System32\d3d10.dll 2014-01-30 18:40:04 2067598D57CCD988A88BBBDDD6EAE13D 189952 ----a-w- C:\Windows\System32\d3d10core.dll 2014-01-30 18:40:04 1D1C3BBA2191F0F5B14555757DDB729A 160768 ----a-w- C:\Windows\System32\d3d10_1.dll 2014-01-30 18:40:03 E828C391BB999BD85C15DA20B51CDF9C 683008 ----a-w- C:\Windows\System32\d2d1.dll 2014-01-30 18:40:03 9BD443B52350D2784544B637F103EBCF 1069056 ----a-w- C:\Windows\System32\DWrite.dll 2014-01-30 18:40:03 2AFA3A46986AE935DAECEBC7E66314CF 798208 ----a-w- C:\Windows\System32\FntCache.dll 2014-01-30 18:39:56 9F3A1B7FB81A41C7C7AC82B3D07A1091 876032 ----a-w- C:\Windows\System32\XpsPrint.dll 2014-01-28 22:43:10 D6BACADF83661F08F9E1515AAE74B03E 92672 ----a-w- C:\Windows\System32\UIAnimation.dll 2014-01-28 22:43:09 8C459CFAC2FB3DFB693BCFEC32F25407 3023360 ----a-w- C:\Windows\System32\UIRibbon.dll 2014-01-28 22:43:09 22C2646DD3ED24004F994D0DA9755955 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll 2014-01-28 22:41:23 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe 2014-01-28 22:41:22 9B9108D3019C18BD6D38B860813E6E52 31232 ----a-w- C:\Windows\System32\BthMtpContextHandler.dll 2014-01-28 22:41:22 801FBDB89D472B3C467EB112A0FC9246 81920 ----a-w- C:\Windows\System32\wpdbusenum.dll 2014-01-28 22:41:18 B53BD9E63867CD9FD853F666CA172713 60928 ----a-w- C:\Windows\System32\PortableDeviceConnectApi.dll 2014-01-28 22:41:15 E92143D1B2E32FAF6CC56FD97B908F6A 2537472 ----a-w- C:\Windows\System32\wpdshext.dll 2014-01-28 22:41:14 C220FC95DA7AD00AB03C184AFDDC5314 196608 ----a-w- C:\Windows\System32\PortableDeviceWMDRM.dll 2014-01-28 22:41:14 B2B117BD8D1EA80536CDD91797EF4A0A 100864 ----a-w- C:\Windows\System32\PortableDeviceClassExtension.dll 2014-01-28 22:41:14 883D02AB5D350BC45E0F60E8CFA97FDC 160256 ----a-w- C:\Windows\System32\PortableDeviceTypes.dll 2014-01-28 22:41:14 81072240917688254A55C1C568B2377B 546816 ----a-w- C:\Windows\System32\wpd_ci.dll 2014-01-28 22:41:14 6B5C53E0932C510606D700B7A896EF73 87552 ----a-w- C:\Windows\System32\WPDShServiceObj.dll 2014-01-28 22:41:14 49456BFE373D90B895795C5A1A13A7C8 350208 ----a-w- C:\Windows\System32\WPDSp.dll 2014-01-28 22:41:14 2205A220A264E8C8B86492BF3D112907 334848 ----a-w- C:\Windows\System32\PortableDeviceApi.dll 2014-01-28 22:16:10 B787EE3F327ABAC1EC47313B3A673598 1796096 ----a-w- C:\Windows\System32\iertutil.dll 2014-01-28 22:16:10 822E4743E61687933629AE3A8DECABC2 65024 ----a-w- C:\Windows\System32\jsproxy.dll 2014-01-28 22:16:10 4CC9DF09C3D915BA0A101A11DB684F26 1129472 ----a-w- C:\Windows\System32\wininet.dll 2014-01-28 22:16:10 35AAE2E841AA1A949775168E119482C9 161792 ----a-w- C:\Windows\System32\msls31.dll 2014-01-28 22:16:10 0B8FE658BD033EC8B1F6FBC305CC65E7 162304 ----a-w- C:\Windows\System32\msrating.dll 2014-01-28 22:16:09 EE0AFCEE88098F754212F9069E80A766 86528 ----a-w- C:\Windows\System32\iesysprep.dll 2014-01-28 22:16:09 76E987D8CF0683337CF165363B6FDFD9 48640 ----a-w- C:\Windows\System32\mshtmler.dll 2014-01-28 22:16:09 736D1B28224F9DF8008BE8B0DEDFC9EF 76800 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe 2014-01-28 22:16:09 6B036492120E65C0C367DC31D01088A1 74752 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2014-01-28 22:16:09 5AAFA41F2A09D68F43741EF13937650A 1105408 ----a-w- C:\Windows\System32\urlmon.dll 2014-01-28 22:16:08 E8F37AF4D09972684D9EE1786901F540 176640 ----a-w- C:\Windows\System32\ieui.dll 2014-01-28 22:16:08 B231416DD7569B5C16F2DD2D2D64BB5A 9739264 ----a-w- C:\Windows\System32\ieframe.dll 2014-01-28 22:16:08 76EB0222590D5DCD050CF862237F414A 63488 ----a-w- C:\Windows\System32\tdc.ocx 2014-01-28 22:16:07 F83865A3007357A5E498EB9E3BED273D 31744 ----a-w- C:\Windows\System32\iernonce.dll 2014-01-28 22:16:07 EE9D715AF1B928982F417238B9914484 434176 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-01-28 22:16:07 CA493A92DA9880B6F1A89C3DBD54BA5B 223232 ----a-w- C:\Windows\System32\dxtrans.dll 2014-01-28 22:16:07 C0B8B96D018849FD8CCF15FED84E8782 74240 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-01-28 22:16:07 BDA52464C16707EAA513C8A2920ACE1F 231936 ----a-w- C:\Windows\System32\url.dll 2014-01-28 22:16:07 83F5D4B41BB12CE146786E97F6AAD75E 3695416 ----a-w- C:\Windows\System32\ieapfltr.dat 2014-01-28 22:16:07 802B0229D904E28C1EA9A5274AB457FC 74752 ----a-w- C:\Windows\System32\iesetup.dll 2014-01-28 22:16:07 7AC9B18F1BE210702DA5E586224B1571 66048 ----a-w- C:\Windows\System32\icardie.dll 2014-01-28 22:16:07 4B333D3CC96AE66BD754329FD2989EE2 72822 ----a-w- C:\Windows\System32\ieuinit.inf 2014-01-28 22:16:07 4312DEBDACBE338F0B90E7F08E7672BE 353792 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-01-28 22:16:07 09C9E7F477FB225FDB3B6DE8FED0AA9B 367104 ----a-w- C:\Windows\System32\html.iec 2014-01-28 22:16:06 F0FEFB0B5D25A75D478A4317139D937E 353584 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-01-28 22:16:06 6B4701D3D9724812E8C3801E7BF87157 23552 ----a-w- C:\Windows\System32\licmgr10.dll 2014-01-28 22:16:06 60B4F624BB87A3B21D3EC68F38DA6B61 78848 ----a-w- C:\Windows\System32\inseng.dll 2014-01-28 22:16:06 5193DE33F3284C447E0D31DAFBF92570 203776 ----a-w- C:\Windows\System32\webcheck.dll 2014-01-28 22:16:06 2429485305BCCFB1014B19BFB512E8F9 73216 ----a-w- C:\Windows\System32\mshtmled.dll 2014-01-28 22:16:06 06FDA396980A0157469A334E1BFEAF17 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-01-28 22:16:05 C89906FA43A58FD4CFC7EA06D885A597 12344320 ----a-w- C:\Windows\System32\mshtml.dll 2014-01-28 22:16:05 ADB9477A9C95C79FDF5DC214225603B0 420864 ----a-w- C:\Windows\System32\vbscript.dll 2014-01-28 22:16:05 67BC2BA6F94D2D0C51213691FBFEEBB1 152064 ----a-w- C:\Windows\System32\wextract.exe 2014-01-28 22:16:05 51AF0A12CD86E22E1A027C38CC021AC6 150528 ----a-w- C:\Windows\System32\iexpress.exe 2014-01-28 22:16:05 36E4D129029784EE37A2C14393B6A4E8 607744 ----a-w- C:\Windows\System32\msfeeds.dll 2014-01-28 22:16:04 DB754FF5F6ADBA2A25EC1B6672D1C91E 163840 ----a-w- C:\Windows\System32\ieakui.dll 2014-01-28 22:16:04 C2E35F6FCBD5B4DB2B52B32D1153EC04 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2014-01-28 22:16:04 C05A60DB2ED385E9BB5CF7AE773A3D9B 717824 ----a-w- C:\Windows\System32\jscript.dll 2014-01-28 22:16:04 A0C6AFE2C9C74573F5C0776CDE1128B1 142848 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-28 22:16:04 90A57CA422923286838AAC7DE2D41B92 118784 ----a-w- C:\Windows\System32\iepeers.dll 2014-01-28 22:16:04 795202EFA9ED73F99C96235C1DC6A1AC 1806848 ----a-w- C:\Windows\System32\jscript9.dll 2014-01-28 22:16:04 68563AC389F92EE79F1C714288BA1DCE 35840 ----a-w- C:\Windows\System32\imgutil.dll 2014-01-28 22:16:04 5B37190F79F5D63C1033ED88C006080C 123392 ----a-w- C:\Windows\System32\occache.dll 2014-01-28 22:16:04 49729570B7FD369BBDEC16D7683324A0 227840 ----a-w- C:\Windows\System32\ieaksie.dll 2014-01-28 22:16:04 3F7A8BCF37433A69CEEDE1E6AEE79784 101888 ----a-w- C:\Windows\System32\admparse.dll 2014-01-28 22:16:04 061CBB1058A10C0875D18CAFF835AE97 11776 ----a-w- C:\Windows\System32\mshta.exe 2014-01-28 22:16:04 04A8B2F67825380BC0C7C46D56776133 54272 ----a-w- C:\Windows\System32\pngfilt.dll 2014-01-28 22:16:04 031DA76A5A7DC13F015DD3491394865E 114176 ----a-w- C:\Windows\System32\advpack.dll 2014-01-28 22:16:03 ED6F6FBBCDEC95483B7351E23F4FCDF6 110592 ----a-w- C:\Windows\System32\IEAdvpack.dll 2014-01-28 22:16:03 4B80D1F847C0658977E1E8051A4DE002 41472 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-01-28 22:16:03 1E7094AFAD0C369DD6D400C7047E4AB2 130560 ----a-w- C:\Windows\System32\ieakeng.dll 2014-01-28 22:16:03 1D3EE28BA231CBB9600F5D102EAF4EA7 10752 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-01-28 22:14:27 BC5E45CB2304AFB4D2EF2FD9C41299AF 979456 ----a-w- C:\Windows\System32\MFH264Dec.dll 2014-01-28 22:14:27 7BE8835CA7E2975F2E865CEEE8821EB6 261632 ----a-w- C:\Windows\System32\mfreadwrite.dll 2014-01-28 22:14:27 743B1957729DE905DC44782A957FD284 302592 ----a-w- C:\Windows\System32\mfmp4src.dll 2014-01-28 22:14:27 44CEE5264282105A89B650FDB07E40FF 357376 ----a-w- C:\Windows\System32\MFHEAACdec.dll 2014-01-28 22:14:26 BF142D4F8C61ED3629A9CDD7BA867900 209920 ----a-w- C:\Windows\System32\mfplat.dll 2014-01-28 22:14:26 B9103A56ACABDED3E87C2A8777B6456C 98816 ----a-w- C:\Windows\System32\mfps.dll 2014-01-28 22:14:26 67D16247C56C26A4F0D79D1A7F272B8F 2873344 ----a-w- C:\Windows\System32\mf.dll 2014-01-28 22:14:25 B5950DF243837D8217F4E597919B224A 586240 ----a-w- C:\Windows\System32\stobject.dll 2014-01-28 22:14:25 167AC31450C0C53A01FA1491E94D7678 1075712 ----a-w- C:\Windows\System32\shdocvw.dll 2014-01-28 22:14:22 3439DFAD865BF24C3E3DE3BCB2F9C39F 135680 ----a-w- C:\Windows\System32\XpsRasterService.dll 2014-01-28 22:14:21 AAAE543C535ED596ECAD2AB8761C2C6F 478720 ----a-w- C:\Windows\System32\dxgi.dll 2014-01-28 22:14:20 E821547F853BF67CABE187B6FAA5D212 26112 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll 2014-01-28 22:14:20 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2014-01-28 22:14:20 5EC8FB83F31AA2D6F421F02C3F4F4475 258048 ----a-w- C:\Windows\System32\winspool.drv 2014-01-28 22:14:19 E607F9C6A2386647B572580CB147C7B3 1554432 ----a-w- C:\Windows\System32\xpsservices.dll 2014-01-28 22:14:19 A15ED03919107C2A6A3395EE02C7DD47 847360 ----a-w- C:\Windows\System32\OpcServices.dll 2014-01-28 22:13:30 D1C47F951EA35073C97EF2E928CF9D6F 195584 ----a-w- C:\Windows\System32\dxdiagn.dll 2014-01-28 22:13:30 8375E2BD58BFB375695135A511EBEE00 369664 ----a-w- C:\Windows\System32\WMPhoto.dll 2014-01-28 22:13:30 6E895BDCB3158E3860A49662332736BA 519680 ----a-w- C:\Windows\System32\d3d11.dll 2014-01-28 22:13:30 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe 2014-01-28 22:13:29 6836D001FC733F205ACB80A7986CB6C9 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-01-28 22:13:29 247609D2CD28A57BC1FE37FDA48AC0DB 321024 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll 2014-01-28 22:13:29 012A965F34414458075EF4F0EDC11536 189440 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2014-01-28 21:52:24 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2014-01-28 21:52:17 76FD230DEAB73D2826458617DBB56A63 16896 ----a-w- C:\Windows\System32\winusb.dll 2014-01-28 21:52:16 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll 2014-01-28 21:52:15 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2014-01-28 21:52:13 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2014-01-28 21:52:12 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll 2014-01-28 21:52:12 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe 2014-01-28 20:44:48 420B075CD71AB9E58D15DD258958FBA3 353280 ----a-w- C:\Windows\System32\shlwapi.dll 2014-01-28 20:44:44 F189F4921D3C24AC96861AA27D329B9B 23040 ----a-w- C:\Windows\System32\dpnsvr.exe 2014-01-28 20:44:44 9258E6D71D65B90A9308978085B934AA 376320 ----a-w- C:\Windows\System32\dpnet.dll 2014-01-28 20:44:37 F1DBB1AC69239D292A9035032C5B4F00 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-01-28 20:44:08 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll 2014-01-28 20:44:06 959A4BC486951267EE6343A431A92B12 293376 ----a-w- C:\Windows\System32\psisdecd.dll 2014-01-28 20:44:06 3A78D48221D32BC99C4B11B112D6EADA 217088 ----a-w- C:\Windows\System32\psisrndr.ax 2014-01-28 20:44:06 1B45ED071775A5E8BF51682EC5B61231 69632 ----a-w- C:\Windows\System32\Mpeg2Data.ax 2014-01-28 20:44:05 D1AE4D2D559C23CE9DE4B3B10A90B901 57856 ----a-w- C:\Windows\System32\MSDvbNP.ax 2014-01-28 20:44:03 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-28 20:44:00 351FA1DF82CFFDEDA801604246E63E95 15872 ----a-w- C:\Windows\System32\icaapi.dll 2014-01-28 20:43:55 FF8FCDF1913016813AFB966A0F41B299 23552 ----a-w- C:\Windows\System32\mciseq.dll 2014-01-28 20:43:55 14FF750EFE13B0C21E5A06507C3A97B1 189952 ----a-w- C:\Windows\System32\winmm.dll 2014-01-28 20:43:50 63396CBB1365769D520E0FD89C2419F2 623616 ----a-w- C:\Windows\System32\localspl.dll 2014-01-28 20:42:45 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2014-01-28 20:41:50 950343D413EEDC3A24472BB2046CFB59 75776 ----a-w- C:\Windows\System32\synceng.dll 2014-01-28 20:41:47 AAF101900A23D75AE1AE00840FA6F3B8 11586048 ----a-w- C:\Windows\System32\shell32.dll 2014-01-28 20:40:54 D0F138624B9B49F349C5D3D2341199A1 429056 ----a-w- C:\Windows\System32\EncDec.dll 2014-01-28 20:40:22 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll 2014-01-28 20:40:19 E389C328AC7FE5673593ECAD269E7A54 783360 ----a-w- C:\Windows\System32\rpcrt4.dll 2014-01-28 20:40:14 98B656EAF128CD06F625B09C84D959E1 467968 ----a-w- C:\Windows\System32\netapi32.dll 2014-01-28 20:40:02 1217AEB3DBED42C54ADD826EDDC21660 288768 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2014-01-28 20:39:40 A520C77CFFABC96E32818451B60905C7 66560 ----a-w- C:\Windows\System32\packager.dll 2014-01-28 20:38:03 13CC59C1B04E9F20A87987C68CD4BE3F 204288 ----a-w- C:\Windows\System32\ncrypt.dll 2014-01-28 20:37:41 17AF64D727545F2804F6E6D998327E3F 680448 ----a-w- C:\Windows\System32\msvcrt.dll 2014-01-28 20:37:26 DC3105CC925A0D47F61B54E66AB730FC 892928 ----a-w- C:\Windows\System32\kernel32.dll 2014-01-28 20:37:08 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll 2014-01-28 20:37:05 A4E7946B71BBDF8708C7AC97FD9E9008 443904 ----a-w- C:\Windows\System32\win32spl.dll 2014-01-28 20:37:05 2D3D47B93E0BE86EEBB261734AB5B6A1 37376 ----a-w- C:\Windows\System32\printcom.dll 2014-01-28 20:37:02 C43A71C2845C88D7E5A8A26D3850BDFB 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2014-01-28 20:36:58 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-28 20:36:58 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx 2014-01-28 20:36:58 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-01-28 20:36:57 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll 2014-01-28 20:36:57 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll 2014-01-28 20:36:52 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2014-01-28 20:36:45 84BDC77A844493FCD76858B52690F31B 812544 ----a-w- C:\Windows\System32\certutil.exe 2014-01-28 20:36:44 5827CF5BBA5AEBDB416556E076A19EAF 41984 ----a-w- C:\Windows\System32\certenc.dll 2014-01-28 20:36:08 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll 2014-01-28 20:35:37 0296DAEB5555A248E8ABF7E5012A37A6 1400832 ----a-w- C:\Windows\System32\msxml6.dll 2014-01-28 20:35:16 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL 2014-01-28 20:35:16 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF 2014-01-28 20:35:15 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2014-01-28 20:35:10 87CDFFCBD09C1CA03A068343D5D93250 5120 ----a-w- C:\Windows\System32\wmi.dll 2014-01-28 20:35:10 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 ----a-w- C:\Windows\System32\imagehlp.dll 2014-01-28 20:35:05 E1E52D56D266C2741058BA6611970D0C 497152 ----a-w- C:\Windows\System32\qdvd.dll 2014-01-28 20:35:00 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll 2014-01-28 20:34:55 DBD02E3E6F061EBBBF9B99A9D7CBA30B 377344 ----a-w- C:\Windows\System32\winhttp.dll 2014-01-28 20:34:50 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll 2014-01-28 20:34:50 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll 2014-01-28 20:34:40 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2014-01-28 20:34:39 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe 2014-01-28 20:34:38 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe 2014-01-28 20:34:38 B9FDFF876B0E7B4FECBAA5708C6ED616 1205168 ----a-w- C:\Windows\System32\ntdll.dll 2014-01-28 20:34:38 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll 2014-01-28 20:34:29 CCE5E7C0F8AA13207E777C43F4DA80A3 555520 ----a-w- C:\Windows\System32\UIAutomationCore.dll 2014-01-28 20:34:29 7E38DA8C11833B99766A97CEE3F80F07 4096 ----a-w- C:\Windows\System32\oleaccrc.dll 2014-01-28 20:34:28 DC15AB7168C0309D8F04FD95B6240422 238080 ----a-w- C:\Windows\System32\oleacc.dll 2014-01-28 20:34:28 B218342214D9BBA0F54EA12BA2E9278C 563712 ----a-w- C:\Windows\System32\oleaut32.dll 2014-01-28 20:33:41 26B7512FAF33ECD0356874BBB20A9E20 505344 ----a-w- C:\Windows\System32\qedit.dll 2014-01-28 20:33:37 6ABD253226770EAE1292B4C945ED4B4B 1248768 ----a-w- C:\Windows\System32\msxml3.dll 2014-01-28 20:32:56 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll 2014-01-28 20:32:52 1908CC7673F72601AFFDCA022689CEDF 182784 ----a-w- C:\Windows\System32\xmllite.dll 2014-01-28 20:32:48 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll 2014-01-28 20:32:40 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll 2014-01-28 20:32:31 4E07C27B4207ABB35F694E10ED609D2C 24576 ----a-w- C:\Windows\System32\cryptdlg.dll 2014-01-28 20:29:39 50E3E76B0901BB4FC029BB88BFA5CE79 278528 ----a-w- C:\Windows\System32\schannel.dll 2014-01-28 20:29:39 178FAC2B7C66E9A4400CE7AC37623E3F 1259008 ----a-w- C:\Windows\System32\lsasrv.dll 2014-01-28 20:29:38 D602FEDBD9155FC2DED6863FB60C950F 72704 ----a-w- C:\Windows\System32\secur32.dll 2014-01-28 20:29:38 A3E186B4B935905B829219502557314E 9728 ----a-w- C:\Windows\System32\lsass.exe 2014-01-28 20:29:32 FF41E1AC301F51E16F61AD7C0F45467C 231424 ----a-w- C:\Windows\System32\msshsq.dll 2014-01-28 19:44:25 D16A740186870C32941C0E61DF4F1298 172544 ----a-w- C:\Windows\System32\wintrust.dll 2014-01-28 19:44:25 684C130BBC6DB681BAD4920A4C944AA5 133120 ----a-w- C:\Windows\System32\cryptsvc.dll 2014-01-28 19:44:24 71B479749F0F52C4FEC726C6FFA2CE1C 98304 ----a-w- C:\Windows\System32\cryptnet.dll 2014-01-28 19:40:38 DE98C769DA2B5F121846C9F3B9493C5A 613376 ----a-w- C:\Windows\System32\rdpencom.dll 2014-01-28 19:02:19 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\Windows\System32\wups2.dll 2014-01-28 19:02:19 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe 2014-01-28 19:02:17 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\Windows\System32\wuaueng.dll 2014-01-28 19:02:17 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\Windows\System32\wucltux.dll 2014-01-28 19:01:34 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\Windows\System32\wups.dll 2014-01-28 19:01:33 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\Windows\System32\wudriver.dll 2014-01-28 19:01:33 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\Windows\System32\wuapi.dll 2014-01-28 19:01:15 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\Windows\System32\wuwebv.dll 2014-01-28 19:01:15 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe 2014-01-27 20:40:41 F3A8B98DC6E7F559EE9873EB4F41EB14 773120 ----a-w- C:\Windows\System32\NEROINSTAEC43759.DB 2014-01-27 20:40:41 55DF4A8BD4FFF302DBA88ABE19299719 1414440 ----a-w- C:\Windows\System32\ShellManager310E2D762.dll 2014-01-27 18:00:38 E40B473E54807F35E6F597452C82B63E 71048 ----a-w- C:\Windows\System32\FlashPlayerCPLApp.cpl 2014-01-27 18:00:38 C2D948DB2E7ABC746B4A77B41356BFF3 692616 ----a-w- C:\Windows\System32\FlashPlayerApp.exe ====== C:\Windows\system32\drivers ===== 2014-01-30 21:33:49 D909075FA72C090F27AA926C32CB4612 39272 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2014-01-30 05:06:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2014-01-28 21:52:39 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-01-28 21:52:17 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2014-01-28 21:52:17 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2014-01-28 21:52:15 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2014-01-28 20:44:42 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2014-01-28 20:44:08 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-01-28 20:44:00 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2014-01-28 20:41:29 6D0D344F643E28B31262AC2682109A3C 914880 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-01-28 20:41:29 5877A786EF27E42C4E84D1356F922302 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2014-01-28 20:40:22 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-28 20:40:22 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-28 20:40:16 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2014-01-28 20:38:06 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-01-28 20:37:36 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-28 20:37:36 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-28 20:37:36 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-28 20:37:36 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-28 20:37:35 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-28 20:37:23 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-01-28 20:35:20 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2014-01-28 20:35:10 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2014-01-28 20:32:44 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-01-28 20:31:54 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2014-01-28 20:29:40 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2014-01-28 20:29:27 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2014-01-27 20:59:39 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-27 20:57:17 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys 2014-01-27 20:57:11 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-01-27 20:57:11 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-01-27 20:57:11 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys 2014-01-27 18:19:17 3546C0B6F2D808D4E6294A9D6B25151B 221568 ----a-w- C:\Windows\System32\drivers\netio.sys ====== C:\Windows\Tasks ====== 2014-01-30 05:15:51 -------- d-----w- C:\Windows\system32\Tasks\WPD 2014-01-27 18:00:41 734A08D1DB3443397F22C05D264D5D6F 3684 ----a-w- C:\Windows\system32\Tasks\Adobe Flash Player Updater 2014-01-27 18:00:40 0FF23C6DC2F020262CB89F9D465C3751 830 ----a-w- C:\Windows\Tasks\Adobe Flash Player Updater.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-30 21:26:24 -------- d-----w- C:\Program Files\MSN Toolbar 2014-01-30 21:25:30 -------- d-----w- C:\Program Files\Bing Bar Installer 2014-01-30 21:05:26 -------- d-----w- C:\Program Files\trend micro 2014-01-30 05:08:18 -------- d-----w- C:\Program Files\Windows Portable Devices 2014-01-27 20:57:08 -------- d-----w- C:\Program Files\Avira ======= C: ===== ====== C:\Users\cynthia\AppData\Roaming ====== 2014-01-30 21:23:49 -------- d-----w- C:\Users\cynthia\AppData\Local\Windows Live 2014-01-27 20:59:21 -------- d-----w- C:\Users\cynthia\AppData\Roaming\Avira 2014-01-27 20:44:07 74F2233CE22400BDBA0129798222F44A 386416 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-S-1-5-21-1339676201-288736409-248646057-1000-8192.dat 2014-01-27 20:40:17 -------- d-----w- C:\Users\cynthia\AppData\Roaming\Nero 2014-01-27 20:16:39 74F2233CE22400BDBA0129798222F44A 386416 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\WPFFontCache_v0400-System.dat ====== C:\Users\cynthia ====== 2014-01-30 21:04:57 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\cynthia\Desktop\RSIT.exe 2014-01-27 20:57:45 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-01-27 20:57:08 -------- d-----w- C:\ProgramData\Avira 2014-01-27 20:52:02 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\cynthia\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-27 20:50:52 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\cynthia\Downloads\avira_free_antivirus_nl.exe 2014-01-27 19:38:06 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en (1).exe 2014-01-27 19:36:59 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en.exe 2014-01-27 19:33:25 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\cynthia\Downloads\AdwCleaner.exe 2014-01-27 19:32:19 66FAEC18550B78D10E397B88544A0C21 929928 ----a-w- C:\Users\cynthia\Downloads\cbsidlm-cbsi171-AdwCleaner-ORG-75851221.exe 2014-01-27 18:24:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-01-27 18:07:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in ====== C: exe-files == 2014-01-31 04:58:22 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Install\{8ED0BDAD-1FAD-4460-B426-1F35C25E3F9A}\32.0.1700.102_chrome_installer.exe 2014-01-30 21:25:47 81EBC5DB32DA754CAE9E200B70F06DE2 469256 ----a-w- C:\Program Files\Bing Bar Installer\InstallManager.exe 2014-01-30 21:24:32 81EBC5DB32DA754CAE9E200B70F06DE2 469256 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a8dc9acb1cf1e010b\InstallManager_WLE_WLE.exe 2014-01-30 21:24:26 A0EE8879A17B1D4B00B37D294AF106D0 15712 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a6d34dab1cf1e010a\MeshBetaRemover.exe 2014-01-30 21:24:24 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a46ac98b1cf1e0109\DXSETUP.exe 2014-01-30 21:24:20 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\a0f0874b1cf1e0108\DXSETUP.exe 2014-01-30 21:05:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\cynthia.exe 2014-01-30 21:04:57 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\cynthia\Desktop\RSIT.exe 2014-01-30 18:33:59 75B0D4CC6E1BFD6344EEF198270A773D 36532904 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_chrome_installer.exe 2014-01-30 05:28:48 BD556495B9E1E00A2A55D4E6131C2EA0 981160 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.102\32.0.1700.102_32.0.1700.76_chrome_updater.exe 2014-01-28 22:16:10 825E01EEC25E744FBCFB92F07FF411EE 307200 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe 2014-01-28 22:16:10 73C8D00A87332F2DF0A7CFF87CEE1A82 107008 ----a-w- C:\Program Files\Internet Explorer\iecleanup.exe 2014-01-28 22:16:09 43E6F2A7FB182F2D7CB0CE5B8F1005CF 757488 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-01-28 22:16:07 8911702CC546B76FE8F9C61987C68C43 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-01-28 22:16:07 3348D1B1D702E333CE99F7E0FD313460 468480 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-01-28 22:16:03 512C7881C3F7836455ADC9EBF0A0B167 22016 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe 2014-01-28 20:44:37 A41D107A42B7CFC4FD6C566CC6F37F23 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2014-01-28 20:41:36 3290B7E959071A1C695EEBA90601E257 304128 ----a-w- C:\Program Files\Internet Explorer\ieuser.exe 2014-01-27 20:57:19 5BC02AC86CB9F875BD91A5D009132FDE 645688 ----a-w- C:\Program Files\Avira\AntiVir Desktop\wsctool.exe 2014-01-27 20:57:17 FE79366FECD444A16CCA9979134DBEA8 440376 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sched.exe 2014-01-27 20:57:17 91ECCE87F494816737BD6F1B0B671C2A 934968 ----a-w- C:\Program Files\Avira\AntiVir Desktop\update.exe 2014-01-27 20:57:17 26731C2F4452C1A2DBDBAE8D201E4CE2 399416 ----a-w- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe 2014-01-27 20:57:17 1106B8D42E6614240C03AB76224DAF02 422456 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setuppending.exe 2014-01-27 20:57:17 039ECAE9617FBC500B891256F139FD79 1315384 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setup.exe 2014-01-27 20:57:15 17819ACCC4D21E3C07E80454A40A26EB 466488 ----a-w- C:\Program Files\Avira\AntiVir Desktop\guardgui.exe 2014-01-27 20:57:15 1305B94364F8F8F80DCD0E22E64E267A 467000 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe 2014-01-27 20:57:15 02AC980B23C6539B56DEC7956DE2DA3B 458296 ----a-w- C:\Program Files\Avira\AntiVir Desktop\licmgr.exe 2014-01-27 20:57:14 D49A434E4BF69D23291D54164D5D15D6 796728 ----a-w- C:\Program Files\Avira\AntiVir Desktop\fact.exe 2014-01-27 20:57:14 AFE071E446E1A2ABB75B0B9234AC726E 474680 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ccuac.exe 2014-01-27 20:57:14 849D6BD0357DD1E39B01FFF40659B5ED 401976 ----a-w- C:\Program Files\Avira\AntiVir Desktop\checkt.exe 2014-01-27 20:57:13 42AFC20DB8D9D8651E26140E95B6A902 858720 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwsc.exe 2014-01-27 20:57:12 F88A5D699B6F6AD080ECD58548EF4D7F 511544 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avrestart.exe 2014-01-27 20:57:12 BD64ED04CB32C31F9F6812415405E65E 566328 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebloader.exe 2014-01-27 20:57:12 B1625BA4BB3667C3219F2E2EB34AE0E7 411704 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avupgsvc.exe 2014-01-27 20:57:12 8A2DEC9995EFD16D97A84E3CB7F09812 759864 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe 2014-01-27 20:57:12 782ED0F2DFF01B1556A353E4283F2888 1032760 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avscan.exe 2014-01-27 20:57:12 6F1E9AB820B3DD8BD38C0190A206205D 431672 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe 2014-01-27 20:57:12 29D956C8CB67222D678FAF20D485B25B 1011768 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe 2014-01-27 20:57:11 FDE9C7030FB1E9E2715E113EE6A10F90 440376 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2014-01-27 20:57:11 FDA1329BF7F5F92C71C692798B642BAC 661048 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe 2014-01-27 20:57:11 F143483EF1FD85495AF9EAD190C55983 441400 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avadmin.exe 2014-01-27 20:57:11 DD231039B13EC2ABDE315D76E658EF0E 684600 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2014-01-27 20:57:11 72B909F1594FC52D25FC3622B9D80D45 769592 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avconfig.exe 2014-01-27 20:57:09 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe 2014-01-27 20:52:02 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\cynthia\Downloads\mbam-setup-1.75.0.1300.exe 2014-01-27 20:50:52 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\cynthia\Downloads\avira_free_antivirus_nl.exe 2014-01-27 19:38:06 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en (1).exe 2014-01-27 19:36:59 9A319F0CA0A2F423AC5240CEFFDE5109 3974840 ----a-w- C:\Users\cynthia\Downloads\avira_oe_client_antivirus_en.exe 2014-01-27 19:33:25 246FE58EFFD357B2078842708155E46C 1236282 ----a-w- C:\Users\cynthia\Downloads\AdwCleaner.exe 2014-01-27 19:32:19 66FAEC18550B78D10E397B88544A0C21 929928 ----a-w- C:\Users\cynthia\Downloads\cbsidlm-cbsi171-AdwCleaner-ORG-75851221.exe 2014-01-27 19:21:13 74557BFD04530E512DBB9C151C4DA110 499384 ----a-w- C:\Users\cynthia\AppData\Local\Temp\MSS\3.8.130.10\McUICnt.exe 2014-01-27 18:27:53 BD5A28471F81D492D21A381610672411 531424 ----a-w- C:\Program Files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4805.320\GoogleToolbarInstaller_updater_signed.exe 2014-01-27 18:22:36 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateBroker.exe 2014-01-27 18:22:36 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe 2014-01-27 18:22:32 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdateSetup.exe 2014-01-27 18:12:27 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler64.exe 2014-01-27 18:12:25 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleCrashHandler.exe 2014-01-27 18:12:20 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.22.3\GoogleUpdate.exe 2014-01-27 18:09:55 00C2D68C98FA311C1A80EE33ED846923 36500648 ----a-w- C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\32.0.1700.76\32.0.1700.76_chrome_installer.exe 2014-01-27 18:09:09 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe === C: other files == 2014-01-31 04:59:41 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\youtube.crx 2014-01-31 04:59:41 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\search.crx 2014-01-31 04:59:41 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\drive.crx 2014-01-31 04:59:41 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\gmail.crx 2014-01-31 04:59:41 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files\Google\Chrome\Temp\source4516_6033\Chrome-bin\32.0.1700.102\default_apps\docs.crx 2014-01-30 21:33:49 D909075FA72C090F27AA926C32CB4612 39272 ----a-w- C:\Windows\System32\drivers\fssfltr.sys 2014-01-30 18:39:35 D2F6A1B11344D9AC7BCFB75900D4ADE1 23668 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\youtube.crx 2014-01-30 18:39:31 8AD223868AB9974F7746D0227730A0CC 26392 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\search.crx 2014-01-30 18:39:30 2E2E328E5BF6BE61203164B3E9EA8094 24040 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\gmail.crx 2014-01-30 18:39:27 71E1283B8440F6264CEC99DF9AD81F5B 25561 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\drive.crx 2014-01-30 18:39:20 2C71C49F991095A1848624907BACBB08 4578 ----a-w- C:\Program Files\Google\Chrome\Temp\source5028_28521\Chrome-bin\32.0.1700.102\default_apps\docs.crx 2014-01-28 22:41:15 C034851122F667F26F813ED1E541C191 50688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bthmtpenum.inf_201caa7f\BthMtpEnum.sys 2014-01-28 21:52:17 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2014-01-28 21:52:17 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2014-01-28 21:52:15 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2014-01-28 20:44:42 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2014-01-28 20:44:08 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-01-28 20:44:03 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-28 20:44:00 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2014-01-28 20:43:08 D330803EAB2A15CAEC7F011F1D4CB30E 30208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_426d1460\BTHUSB.SYS 2014-01-28 20:43:08 611FF3F2F095C8D4A6D4CFD9DCC09793 508416 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_426d1460\bthport.sys 2014-01-28 20:41:29 6D0D344F643E28B31262AC2682109A3C 914880 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-01-28 20:41:29 5877A786EF27E42C4E84D1356F922302 31232 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys 2014-01-28 20:40:22 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-28 20:40:22 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-28 20:40:16 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2014-01-28 20:40:11 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys 2014-01-28 20:38:06 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-01-28 20:37:36 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbd.sys 2014-01-28 20:37:36 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-28 20:37:36 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbport.sys 2014-01-28 20:37:36 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-28 20:37:36 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys 2014-01-28 20:37:36 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbhub.sys 2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys 2014-01-28 20:37:36 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-28 20:37:36 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbehci.sys 2014-01-28 20:37:36 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-28 20:37:35 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbohci.sys 2014-01-28 20:37:35 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-28 20:37:35 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbuhci.sys 2014-01-28 20:37:23 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_052c97ea\usbvideo.sys 2014-01-28 20:37:23 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-01-28 20:37:22 49A623C16E482F4D31AD0EBD801DD8EC 68608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_933ee10a\usbcir.sys 2014-01-28 20:35:20 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2014-01-28 20:35:10 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2014-01-28 20:32:44 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-01-28 20:31:54 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_c7f006cc\hidparse.sys 2014-01-28 20:31:54 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2014-01-28 20:31:54 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_45d79eaa\usbscan.sys 2014-01-28 20:29:40 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2014-01-28 20:29:27 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2014-01-28 20:29:27 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_f705a06e\usb8023x.sys 2014-01-27 20:59:39 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-27 20:57:17 D66430ED8DF1E05D0F694B6BE3C1FB48 43040 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sweb.zip 2014-01-27 20:57:17 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys 2014-01-27 20:57:11 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-01-27 20:57:11 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avkmgr.sys 2014-01-27 20:57:11 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-01-27 20:57:11 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgntflt.sys 2014-01-27 20:57:11 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys 2014-01-27 20:57:11 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avipbb.sys 2014-01-27 18:19:17 3546C0B6F2D808D4E6294A9D6B25151B 221568 ----a-w- C:\Windows\System32\drivers\netio.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-1339676201-288736409-248646057-1000\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" "Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe" "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "MSC"="C:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe" "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe Reader Speed Launcher" "hkey"="HKLM" "command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VideoWebCamera" "hkey"="HKLM" "command"="\"C:\\Program Files\\VideoWebCamera\\VideoWebCamera.exe\" -a" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [27/01/2014 19:00] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02/02/2010 16:43] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [02/02/2010 16:43] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Acer\Burn Notification" [C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [18/10/2009 10:16] ==== Chrome Look ====================== Google Docs - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - cynthia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=080c&s=2&o=vb32&d=1009&m=easynote_lj61" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=080c&s=2&o=vb32&d=1009&m=easynote_lj61" "Default_Page_URL"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=080c&s=2&o=vb32&d=1009&m=easynote_lj61" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search/?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {6C6347AA-4F04-40EF-BB42-BECD15104C3A} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACPW_en" ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe ==== Empty IE Cache ====================== C:\Users\cynthia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\cynthia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\cynthia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4 folders=0 3992 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\cynthia\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\cynthia\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\cynthia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on ven. 31/01/2014 at 17:44:31,67 ====================== -
Mijn antivirus heeft tr/bho.zwangi.4890.a op mijn pc ontdekt maar ik krijg hem er niet echt af. Ik heb al een GSIT logje Logfile of random's system information tool 1.09 (written by random/random) Run by cynthia at 2014-01-30 22:05:26 Microsoft® Windows Vista™ Home Basic Service Pack 2 System drive C: has 217 GB (74%) free of 292 GB Total RAM: 2941 MB (63% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:05:59, on 30/01/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16526) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerTray.exe C:\Users\cynthia\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Avira\AntiVir Desktop\avcenter.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\cynthia\Downloads\RSIT.exe C:\Program Files\trend micro\cynthia.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe -- End of file - 7181 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-12 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184] "RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-24 6789664] "Acer ePower Management"=C:\Program Files\Packard Bell\Packard Bell PowerSave Solution\ePowerTrayLauncher.exe [2009-04-15 440864] "LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2009-02-12 862728] "StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-30 61440] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2013-10-23 948440] "Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-02-24 1833504] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-13 684600] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VideoWebCamera] C:\Program Files\VideoWebCamera\VideoWebCamera.exe [2009-03-12 1552497] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "msacm.siren"=sirenacm.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-30 22:05:26 ----D---- C:\rsit 2014-01-30 22:05:26 ----D---- C:\Program Files\trend micro 2014-01-30 06:08:18 ----D---- C:\Program Files\Windows Portable Devices 2014-01-28 23:43:10 ----A---- C:\Windows\system32\UIAnimation.dll 2014-01-28 23:43:09 ----A---- C:\Windows\system32\UIRibbonRes.dll 2014-01-28 23:43:09 ----A---- C:\Windows\system32\UIRibbon.dll 2014-01-28 23:41:23 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2014-01-28 23:41:22 ----A---- C:\Windows\system32\wpdbusenum.dll 2014-01-28 23:41:22 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2014-01-28 23:41:18 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2014-01-28 23:41:15 ----A---- C:\Windows\system32\wpdshext.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\WPDSp.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\wpd_ci.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2014-01-28 23:41:14 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2014-01-28 23:16:10 ----A---- C:\Windows\system32\wininet.dll 2014-01-28 23:16:10 ----A---- C:\Windows\system32\msrating.dll 2014-01-28 23:16:10 ----A---- C:\Windows\system32\msls31.dll 2014-01-28 23:16:10 ----A---- C:\Windows\system32\jsproxy.dll 2014-01-28 23:16:10 ----A---- C:\Windows\system32\iertutil.dll 2014-01-28 23:16:09 ----A---- C:\Windows\system32\urlmon.dll 2014-01-28 23:16:09 ----A---- C:\Windows\system32\SetIEInstalledDate.exe 2014-01-28 23:16:09 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2014-01-28 23:16:09 ----A---- C:\Windows\system32\mshtmler.dll 2014-01-28 23:16:09 ----A---- C:\Windows\system32\iesysprep.dll 2014-01-28 23:16:08 ----A---- C:\Windows\system32\ieui.dll 2014-01-28 23:16:08 ----A---- C:\Windows\system32\ieframe.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\url.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\iesetup.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\iernonce.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\ieapfltr.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\ieapfltr.dat 2014-01-28 23:16:07 ----A---- C:\Windows\system32\ie4uinit.exe 2014-01-28 23:16:07 ----A---- C:\Windows\system32\icardie.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\dxtrans.dll 2014-01-28 23:16:07 ----A---- C:\Windows\system32\dxtmsft.dll 2014-01-28 23:16:06 ----A---- C:\Windows\system32\webcheck.dll 2014-01-28 23:16:06 ----A---- C:\Windows\system32\mshtmled.dll 2014-01-28 23:16:06 ----A---- C:\Windows\system32\licmgr10.dll 2014-01-28 23:16:06 ----A---- C:\Windows\system32\inseng.dll 2014-01-28 23:16:06 ----A---- C:\Windows\system32\iedkcs32.dll 2014-01-28 23:16:05 ----A---- C:\Windows\system32\wextract.exe 2014-01-28 23:16:05 ----A---- C:\Windows\system32\vbscript.dll 2014-01-28 23:16:05 ----A---- C:\Windows\system32\mshtml.dll 2014-01-28 23:16:05 ----A---- C:\Windows\system32\msfeeds.dll 2014-01-28 23:16:05 ----A---- C:\Windows\system32\iexpress.exe 2014-01-28 23:16:04 ----A---- C:\Windows\system32\pngfilt.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\occache.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\mshta.exe 2014-01-28 23:16:04 ----A---- C:\Windows\system32\jscript9.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\jscript.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\imgutil.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\ieUnatt.exe 2014-01-28 23:16:04 ----A---- C:\Windows\system32\iepeers.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\ieakui.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\ieaksie.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\advpack.dll 2014-01-28 23:16:04 ----A---- C:\Windows\system32\admparse.dll 2014-01-28 23:16:03 ----A---- C:\Windows\system32\msfeedssync.exe 2014-01-28 23:16:03 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-01-28 23:16:03 ----A---- C:\Windows\system32\ieakeng.dll 2014-01-28 23:16:03 ----A---- C:\Windows\system32\IEAdvpack.dll 2014-01-28 23:14:27 ----A---- C:\Windows\system32\mfreadwrite.dll 2014-01-28 23:14:27 ----A---- C:\Windows\system32\mfmp4src.dll 2014-01-28 23:14:27 ----A---- C:\Windows\system32\MFHEAACdec.dll 2014-01-28 23:14:27 ----A---- C:\Windows\system32\MFH264Dec.dll 2014-01-28 23:14:26 ----A---- C:\Windows\system32\mfps.dll 2014-01-28 23:14:26 ----A---- C:\Windows\system32\mfplat.dll 2014-01-28 23:14:26 ----A---- C:\Windows\system32\mf.dll 2014-01-28 23:14:25 ----A---- C:\Windows\system32\stobject.dll 2014-01-28 23:14:25 ----A---- C:\Windows\system32\shdocvw.dll 2014-01-28 23:14:22 ----A---- C:\Windows\system32\XpsRasterService.dll 2014-01-28 23:14:22 ----A---- C:\Windows\system32\d3d10level9.dll 2014-01-28 23:14:22 ----A---- C:\Windows\system32\d2d1.dll 2014-01-28 23:14:21 ----A---- C:\Windows\system32\dxgi.dll 2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10warp.dll 2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10core.dll 2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10_1core.dll 2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10_1.dll 2014-01-28 23:14:21 ----A---- C:\Windows\system32\d3d10.dll 2014-01-28 23:14:20 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2014-01-28 23:14:20 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2014-01-28 23:14:19 ----A---- C:\Windows\system32\xpsservices.dll 2014-01-28 23:14:19 ----A---- C:\Windows\system32\XpsPrint.dll 2014-01-28 23:14:19 ----A---- C:\Windows\system32\OpcServices.dll 2014-01-28 23:13:30 ----A---- C:\Windows\system32\WMPhoto.dll 2014-01-28 23:13:30 ----A---- C:\Windows\system32\dxdiagn.dll 2014-01-28 23:13:30 ----A---- C:\Windows\system32\dxdiag.exe 2014-01-28 23:13:30 ----A---- C:\Windows\system32\d3d11.dll 2014-01-28 23:13:29 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2014-01-28 23:13:29 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-01-28 23:13:29 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2014-01-28 22:52:24 ----A---- C:\Windows\system32\Wdfres.dll 2014-01-28 22:52:17 ----A---- C:\Windows\system32\winusb.dll 2014-01-28 22:52:17 ----A---- C:\Windows\system32\drivers\WUDFRd.sys 2014-01-28 22:52:17 ----A---- C:\Windows\system32\drivers\WUDFPf.sys 2014-01-28 22:52:16 ----A---- C:\Windows\system32\WUDFSvc.dll 2014-01-28 22:52:15 ----A---- C:\Windows\system32\WUDFPlatform.dll 2014-01-28 22:52:15 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2014-01-28 22:52:13 ----A---- C:\Windows\system32\WUDFCoinstaller.dll 2014-01-28 22:52:12 ----A---- C:\Windows\system32\WUDFx.dll 2014-01-28 22:52:12 ----A---- C:\Windows\system32\WUDFHost.exe 2014-01-28 21:44:48 ----A---- C:\Windows\system32\shlwapi.dll 2014-01-28 21:44:44 ----A---- C:\Windows\system32\dpnsvr.exe 2014-01-28 21:44:44 ----A---- C:\Windows\system32\dpnet.dll 2014-01-28 21:44:42 ----A---- C:\Windows\system32\drivers\partmgr.sys 2014-01-28 21:44:37 ----A---- C:\Windows\system32\tzres.dll 2014-01-28 21:44:08 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-01-28 21:44:08 ----A---- C:\Windows\system32\cdd.dll 2014-01-28 21:44:06 ----A---- C:\Windows\system32\psisdecd.dll 2014-01-28 21:44:03 ----A---- C:\Windows\system32\win32k.sys 2014-01-28 21:44:00 ----A---- C:\Windows\system32\icaapi.dll 2014-01-28 21:44:00 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2014-01-28 21:43:55 ----A---- C:\Windows\system32\winmm.dll 2014-01-28 21:43:55 ----A---- C:\Windows\system32\mciseq.dll 2014-01-28 21:43:50 ----A---- C:\Windows\system32\localspl.dll 2014-01-28 21:42:45 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-01-28 21:41:50 ----A---- C:\Windows\system32\synceng.dll 2014-01-28 21:41:47 ----A---- C:\Windows\system32\shell32.dll 2014-01-28 21:41:29 ----A---- C:\Windows\system32\drivers\tcpipreg.sys 2014-01-28 21:41:29 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-01-28 21:40:54 ----A---- C:\Windows\system32\EncDec.dll 2014-01-28 21:40:22 ----A---- C:\Windows\system32\SysFxUI.dll 2014-01-28 21:40:22 ----A---- C:\Windows\system32\drivers\portcls.sys 2014-01-28 21:40:22 ----A---- C:\Windows\system32\drivers\drmk.sys 2014-01-28 21:40:19 ----A---- C:\Windows\system32\rpcrt4.dll 2014-01-28 21:40:16 ----A---- C:\Windows\system32\drivers\volsnap.sys 2014-01-28 21:40:14 ----A---- C:\Windows\system32\netapi32.dll 2014-01-28 21:40:04 ----A---- C:\Windows\system32\FntCache.dll 2014-01-28 21:40:04 ----A---- C:\Windows\system32\DWrite.dll 2014-01-28 21:40:02 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2014-01-28 21:39:40 ----A---- C:\Windows\system32\packager.dll 2014-01-28 21:38:06 ----A---- C:\Windows\system32\drivers\ntfs.sys 2014-01-28 21:38:03 ----A---- C:\Windows\system32\ncrypt.dll 2014-01-28 21:37:41 ----A---- C:\Windows\system32\msvcrt.dll 2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-28 21:37:36 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-28 21:37:35 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-28 21:37:26 ----A---- C:\Windows\system32\kernel32.dll 2014-01-28 21:37:23 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2014-01-28 21:37:08 ----A---- C:\Windows\system32\quartz.dll 2014-01-28 21:37:05 ----A---- C:\Windows\system32\win32spl.dll 2014-01-28 21:37:05 ----A---- C:\Windows\system32\printcom.dll 2014-01-28 21:37:02 ----A---- C:\Windows\system32\WMVDECOD.DLL 2014-01-28 21:36:58 ----A---- C:\Windows\system32\wscript.exe 2014-01-28 21:36:58 ----A---- C:\Windows\system32\cscript.exe 2014-01-28 21:36:57 ----A---- C:\Windows\system32\wshcon.dll 2014-01-28 21:36:57 ----A---- C:\Windows\system32\scrrun.dll 2014-01-28 21:36:52 ----A---- C:\Windows\system32\gdi32.dll 2014-01-28 21:36:45 ----A---- C:\Windows\system32\certutil.exe 2014-01-28 21:36:44 ----A---- C:\Windows\system32\certenc.dll 2014-01-28 21:36:08 ----A---- C:\Windows\system32\crypt32.dll 2014-01-28 21:35:37 ----A---- C:\Windows\system32\msxml6.dll 2014-01-28 21:35:20 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2014-01-28 21:35:16 ----A---- C:\Windows\system32\IKEEXT.DLL 2014-01-28 21:35:15 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2014-01-28 21:35:10 ----A---- C:\Windows\system32\wmi.dll 2014-01-28 21:35:10 ----A---- C:\Windows\system32\imagehlp.dll 2014-01-28 21:35:10 ----A---- C:\Windows\system32\drivers\fs_rec.sys 2014-01-28 21:35:05 ----A---- C:\Windows\system32\qdvd.dll 2014-01-28 21:35:00 ----A---- C:\Windows\system32\themeui.dll 2014-01-28 21:34:55 ----A---- C:\Windows\system32\winhttp.dll 2014-01-28 21:34:50 ----A---- C:\Windows\system32\atmlib.dll 2014-01-28 21:34:50 ----A---- C:\Windows\system32\atmfd.dll 2014-01-28 21:34:40 ----A---- C:\Windows\system32\ntkrnlpa.exe 2014-01-28 21:34:39 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-01-28 21:34:38 ----A---- C:\Windows\system32\smss.exe 2014-01-28 21:34:38 ----A---- C:\Windows\system32\ntdll.dll 2014-01-28 21:34:38 ----A---- C:\Windows\system32\csrsrv.dll 2014-01-28 21:34:29 ----A---- C:\Windows\system32\UIAutomationCore.dll 2014-01-28 21:34:29 ----A---- C:\Windows\system32\oleaccrc.dll 2014-01-28 21:34:28 ----A---- C:\Windows\system32\oleaut32.dll 2014-01-28 21:34:28 ----A---- C:\Windows\system32\oleacc.dll 2014-01-28 21:33:41 ----A---- C:\Windows\system32\qedit.dll 2014-01-28 21:33:37 ----A---- C:\Windows\system32\msxml3.dll 2014-01-28 21:32:56 ----A---- C:\Windows\system32\mstscax.dll 2014-01-28 21:32:52 ----A---- C:\Windows\system32\xmllite.dll 2014-01-28 21:32:48 ----A---- C:\Windows\system32\comctl32.dll 2014-01-28 21:32:44 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2014-01-28 21:32:40 ----A---- C:\Windows\system32\winsrv.dll 2014-01-28 21:32:31 ----A---- C:\Windows\system32\cryptdlg.dll 2014-01-28 21:31:54 ----A---- C:\Windows\system32\drivers\hidparse.sys 2014-01-28 21:29:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2014-01-28 21:29:39 ----A---- C:\Windows\system32\schannel.dll 2014-01-28 21:29:39 ----A---- C:\Windows\system32\lsasrv.dll 2014-01-28 21:29:38 ----A---- C:\Windows\system32\secur32.dll 2014-01-28 21:29:38 ----A---- C:\Windows\system32\lsass.exe 2014-01-28 21:29:32 ----A---- C:\Windows\system32\msshsq.dll 2014-01-28 21:29:27 ----A---- C:\Windows\system32\drivers\usb8023.sys 2014-01-28 20:44:25 ----A---- C:\Windows\system32\wintrust.dll 2014-01-28 20:44:25 ----A---- C:\Windows\system32\cryptsvc.dll 2014-01-28 20:44:24 ----A---- C:\Windows\system32\cryptnet.dll 2014-01-28 20:40:38 ----A---- C:\Windows\system32\rdpencom.dll 2014-01-28 20:02:19 ----A---- C:\Windows\system32\wups2.dll 2014-01-28 20:02:19 ----A---- C:\Windows\system32\wuauclt.exe 2014-01-28 20:02:17 ----A---- C:\Windows\system32\wucltux.dll 2014-01-28 20:02:17 ----A---- C:\Windows\system32\wuaueng.dll 2014-01-28 20:01:34 ----A---- C:\Windows\system32\wups.dll 2014-01-28 20:01:33 ----A---- C:\Windows\system32\wudriver.dll 2014-01-28 20:01:33 ----A---- C:\Windows\system32\wuapi.dll 2014-01-28 20:01:15 ----A---- C:\Windows\system32\wuwebv.dll 2014-01-28 20:01:15 ----A---- C:\Windows\system32\wuapp.exe 2014-01-27 22:00:05 ----D---- C:\Users\cynthia\AppData\Roaming\Malwarebytes 2014-01-27 21:59:42 ----D---- C:\ProgramData\Malwarebytes 2014-01-27 21:59:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2014-01-27 21:59:39 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-01-27 21:59:21 ----D---- C:\Users\cynthia\AppData\Roaming\Avira 2014-01-27 21:57:17 ----A---- C:\Windows\system32\drivers\ssmdrv.sys 2014-01-27 21:57:11 ----A---- C:\Windows\system32\drivers\avkmgr.sys 2014-01-27 21:57:11 ----A---- C:\Windows\system32\drivers\avipbb.sys 2014-01-27 21:57:11 ----A---- C:\Windows\system32\drivers\avgntflt.sys 2014-01-27 21:57:08 ----D---- C:\ProgramData\Avira 2014-01-27 21:57:08 ----D---- C:\Program Files\Avira 2014-01-27 21:40:41 ----A---- C:\Windows\system32\ShellManager310E2D762.dll 2014-01-27 21:40:41 ----A---- C:\Windows\system32\NEROINSTAEC43759.DB 2014-01-27 21:40:19 ----A---- C:\Windows\Irremote.ini 2014-01-27 21:40:17 ----D---- C:\Users\cynthia\AppData\Roaming\Nero 2014-01-27 21:09:49 ----D---- C:\Windows\system32\eu-ES 2014-01-27 21:09:49 ----D---- C:\Windows\system32\ca-ES 2014-01-27 21:09:36 ----D---- C:\Windows\system32\vi-VN 2014-01-27 20:33:56 ----D---- C:\AdwCleaner 2014-01-27 20:19:41 ----D---- C:\Windows\system32\EventProviders 2014-01-27 19:49:26 ----D---- C:\Program Files\Microsoft Security Client 2014-01-27 19:19:17 ----A---- C:\Windows\system32\drivers\netio.sys 2014-01-27 19:14:31 ----D---- C:\Windows\system32\MRT 2014-01-27 19:10:20 ----D---- C:\Program Files\CCleaner 2014-01-27 19:00:38 ----A---- C:\Windows\system32\FlashPlayerApp.exe ======List of files/folders modified in the last 1 month====== 2014-01-30 22:05:32 ----D---- C:\Windows\Temp 2014-01-30 22:05:26 ----RD---- C:\Program Files 2014-01-30 21:37:10 ----D---- C:\Windows\System32 2014-01-30 21:37:10 ----D---- C:\Windows\inf 2014-01-30 21:37:10 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-30 20:40:59 ----SHD---- C:\System Volume Information 2014-01-30 20:04:22 ----D---- C:\Windows\rescache 2014-01-30 20:04:09 ----D---- C:\Windows\winsxs 2014-01-30 19:58:41 ----D---- C:\Windows\Microsoft.NET 2014-01-30 19:57:40 ----RSD---- C:\Windows\assembly 2014-01-30 19:39:46 ----D---- C:\Windows\system32\catroot 2014-01-30 06:15:51 ----D---- C:\Windows\system32\Tasks 2014-01-30 06:15:22 ----D---- C:\Windows\Prefetch 2014-01-30 06:14:37 ----D---- C:\Windows\Panther 2014-01-30 06:09:02 ----D---- C:\Windows 2014-01-30 06:08:28 ----D---- C:\Windows\system32\en-US 2014-01-30 06:08:27 ----D---- C:\Windows\system32\drivers 2014-01-30 06:08:21 ----D---- C:\Windows\AppPatch 2014-01-30 06:08:21 ----D---- C:\Program Files\Internet Explorer 2014-01-30 06:08:18 ----D---- C:\Windows\system32\wbem 2014-01-30 06:08:15 ----D---- C:\Windows\system32\zh-TW 2014-01-30 06:08:15 ----D---- C:\Windows\system32\zh-HK 2014-01-30 06:08:15 ----D---- C:\Windows\system32\zh-CN 2014-01-30 06:08:15 ----D---- C:\Windows\system32\uk-UA 2014-01-30 06:08:15 ----D---- C:\Windows\system32\tr-TR 2014-01-30 06:08:15 ----D---- C:\Windows\system32\th-TH 2014-01-30 06:08:15 ----D---- C:\Windows\system32\sv-SE 2014-01-30 06:08:15 ----D---- C:\Windows\system32\sr-Latn-CS 2014-01-30 06:08:15 ----D---- C:\Windows\system32\sl-SI 2014-01-30 06:08:15 ----D---- C:\Windows\system32\sk-SK 2014-01-30 06:08:15 ----D---- C:\Windows\system32\ru-RU 2014-01-30 06:08:15 ----D---- C:\Windows\system32\ro-RO 2014-01-30 06:08:15 ----D---- C:\Windows\system32\pt-PT 2014-01-30 06:08:15 ----D---- C:\Windows\system32\pt-BR 2014-01-30 06:08:15 ----D---- C:\Windows\system32\pl-PL 2014-01-30 06:08:15 ----D---- C:\Windows\system32\nl-NL 2014-01-30 06:08:15 ----D---- C:\Windows\system32\nb-NO 2014-01-30 06:08:15 ----D---- C:\Windows\system32\lv-LV 2014-01-30 06:08:15 ----D---- C:\Windows\system32\lt-LT 2014-01-30 06:08:15 ----D---- C:\Windows\system32\ko-KR 2014-01-30 06:08:15 ----D---- C:\Windows\system32\ja-JP 2014-01-30 06:08:15 ----D---- C:\Windows\system32\it-IT 2014-01-30 06:08:15 ----D---- C:\Windows\system32\hu-HU 2014-01-30 06:08:15 ----D---- C:\Windows\system32\hr-HR 2014-01-30 06:08:15 ----D---- C:\Windows\system32\he-IL 2014-01-30 06:08:15 ----D---- C:\Windows\system32\fr-FR 2014-01-30 06:08:15 ----D---- C:\Windows\system32\fi-FI 2014-01-30 06:08:15 ----D---- C:\Windows\system32\et-EE 2014-01-30 06:08:15 ----D---- C:\Windows\system32\es-ES 2014-01-30 06:08:15 ----D---- C:\Windows\system32\el-GR 2014-01-30 06:08:15 ----D---- C:\Windows\system32\de-DE 2014-01-30 06:08:15 ----D---- C:\Windows\system32\da-DK 2014-01-30 06:08:15 ----D---- C:\Windows\system32\cs-CZ 2014-01-30 06:08:15 ----D---- C:\Windows\system32\bg-BG 2014-01-30 06:08:15 ----D---- C:\Windows\system32\ar-SA 2014-01-30 06:08:05 ----RSD---- C:\Windows\Fonts 2014-01-30 06:08:00 ----RD---- C:\Windows\Offline Web Pages 2014-01-30 06:08:00 ----D---- C:\Windows\PolicyDefinitions 2014-01-30 06:07:59 ----D---- C:\Windows\system32\migration 2014-01-30 06:07:51 ----SD---- C:\Windows\Downloaded Program Files 2014-01-30 06:07:47 ----D---- C:\Windows\system32\drivers\en-US 2014-01-30 06:07:38 ----D---- C:\Windows\system32\XPSViewer 2014-01-30 06:07:34 ----D---- C:\Program Files\Windows Mail 2014-01-30 06:07:23 ----D---- C:\Program Files\Common Files\System 2014-01-30 06:06:33 ----D---- C:\Windows\system32\drivers\UMDF 2014-01-30 06:06:07 ----D---- C:\Windows\system32\RTCOM 2014-01-30 05:50:13 ----SHD---- C:\Config.Msi 2014-01-30 05:49:37 ----D---- C:\Windows\Help 2014-01-29 00:08:03 ----SHD---- C:\Windows\Installer 2014-01-28 23:41:55 ----D---- C:\Windows\system32\catroot2 2014-01-27 21:59:42 ----HD---- C:\ProgramData 2014-01-27 21:41:48 ----A---- C:\Windows\system32\MsiExec.exe.log 2014-01-27 21:41:15 ----D---- C:\Program Files\Common Files\Nero 2014-01-27 21:41:14 ----D---- C:\ProgramData\Nero 2014-01-27 21:25:06 ----SHD---- C:\Boot 2014-01-27 21:18:24 ----D---- C:\Program Files\Google 2014-01-27 21:14:53 ----D---- C:\Program Files\Windows Calendar 2014-01-27 21:14:52 ----D---- C:\Program Files\Movie Maker 2014-01-27 21:14:50 ----D---- C:\Program Files\Windows Sidebar 2014-01-27 21:14:49 ----D---- C:\Program Files\Windows Media Player 2014-01-27 21:14:48 ----D---- C:\Program Files\Windows Collaboration 2014-01-27 21:14:47 ----D---- C:\Program Files\Windows Photo Gallery 2014-01-27 21:14:31 ----D---- C:\Windows\servicing 2014-01-27 21:14:31 ----D---- C:\Program Files\Windows Defender 2014-01-27 21:13:54 ----D---- C:\Windows\IME 2014-01-27 21:13:43 ----D---- C:\Windows\system32\oobe 2014-01-27 21:13:26 ----D---- C:\Windows\system32\AdvancedInstallers 2014-01-27 21:13:25 ----D---- C:\Windows\system32\setup 2014-01-27 21:13:23 ----D---- C:\Windows\system32\SLUI 2014-01-27 21:13:21 ----D---- C:\Windows\system32\manifeststore 2014-01-27 21:13:21 ----D---- C:\Windows\system32\en 2014-01-27 21:13:06 ----D---- C:\Windows\system32\migwiz 2014-01-27 21:09:36 ----D---- C:\Windows\system32\Boot 2014-01-27 20:52:34 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont 2014-01-27 20:17:30 ----D---- C:\ProgramData\Google 2014-01-27 20:16:50 ----SD---- C:\ProgramData\Microsoft 2014-01-27 20:16:49 ----D---- C:\Program Files\Microsoft 2014-01-27 20:11:06 ----D---- C:\Program Files\Microsoft Silverlight 2014-01-27 20:08:34 ----D---- C:\ProgramData\Microsoft Help 2014-01-27 19:49:24 ----D---- C:\Windows\Debug 2014-01-27 19:48:33 ----SD---- C:\Users\cynthia\AppData\Roaming\Microsoft 2014-01-27 19:06:54 ----D---- C:\Program Files\Microsoft Office 2014-01-27 19:04:29 ----D---- C:\Windows\system32\LogFiles 2014-01-27 19:02:26 ----A---- C:\Windows\NeroDigital.ini 2014-01-27 19:00:40 ----D---- C:\Windows\Tasks 2014-01-19 08:32:23 ----N---- C:\Windows\system32\MpSigStub.exe 2014-01-06 16:20:08 ----A---- C:\Windows\system32\mrt.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-10-03 183312] R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-27 14352] R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-09-27 214696] R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2009-03-24 43528] R0 UBHelper;UBHelper; C:\Windows\system32\drivers\UBHelper.sys [2008-01-30 13824] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-13 135648] R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-13 37352] R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-12-13 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-13 90400] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672] R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2008-11-03 8704] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-06-23 1181184] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-09 4172800] R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-24 2327968] R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2008-09-03 223232] R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2008-01-30 14848] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-12-24 155808] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-10-10 23096] R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-21 10752] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832] R2 AntiVirSchedulerService;Avira Planner; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-13 440376] R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-12-13 440376] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-09 724992] R2 ePowerSvc;Acer ePower Service; C:\Program Files\PACKARD BELL\Packard Bell PowerSave Solution\ePowerSvc.exe [2009-04-15 703008] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-10-23 22208] R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [2009-03-10 44800] R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Service Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664] S2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2008-01-21 21504] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-27 257928] S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-10-15 647680] S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 gupdatem;Service Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-02 135664] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] S4 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-12-13 1011768] -----------------EOF-----------------
-
Lyricscontainer en Fakepic.gen terug gevonden op pc
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Dat heb ik allemaal gedaan en verliep zonder enig probleem. Bedankt -
Lyricscontainer en Fakepic.gen terug gevonden op pc
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Antivirus geeft niets meer aan nu, pc terug clean. -
Lyricscontainer en Fakepic.gen terug gevonden op pc
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.0 Updated 20-Januari-2014 Tool run by steven on ma 20/01/2014 at 19:28:46,59. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\steven\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-01-19-175344.log 48374 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3209317974-2775747799-1048052603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{99529711-D90B-4D5C-B6A0-7CCDFAA01750} deleted successfully HKEY_USERS\S-1-5-21-3209317974-2775747799-1048052603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A1CB7747-8145-4370-83FA-EC2D224F936D} deleted successfully HKEY_USERS\S-1-5-21-3209317974-2775747799-1048052603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Windows\system32\Tasks\4842 deleted C:\Windows\system32\Tasks\0 deleted C:\ProgramData\hpqp.txt deleted C:\Users\steven\AppData\Local\cache deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [05/09/2009 09:53] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pcoohmdcpejoeggdnihdfhohjgdbllgm - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\ToolbarCR.crx[] ==== Chrome Fix ====================== C:\Users\steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP" "Default_Page_URL"="http://www.google.com" "Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=hompag" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Search Page"="http://downloads.phpnuke.org/nl/index.php?rvs=hompag" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://be.msn.com/default.aspx?pc=UP97&ocid=UP97DHP" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {14B87819-0474-4E18-B74A-DA542C24C188} Bing Url="http://www.bing.com/search?FORM=UP21DF&PC=UP21&dt=063013&q={searchTerms}&src=IE-SearchBox" {66C2191C-BA38-4144-B636-69D8319C9B9D} Kelkoo Url="http://nb.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913938" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pcoohmdcpejoeggdnihdfhohjgdbllgm deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\steven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=230 folders=40 19874314 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\steven\AppData\Local\Temp will be emptied at reboot C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\steven\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on ma 20/01/2014 at 19:56:54,04 ====================== -
Lyricscontainer en Fakepic.gen terug gevonden op pc
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Zoek.exe v5.0.0.0 Updated 18-Januari-2014 Tool run by steven on zo 19/01/2014 at 18:44:10,10. Microsoft® Windows Vista™ Home Basic 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\steven\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 19/01/2014 18:45:59 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\Samsung deleted successfully C:\Program Files\Common Files\Apple deleted successfully C:\ProgramData\AVAST Software deleted successfully C:\ProgramData\Oracle deleted successfully C:\ProgramData\PCSettings deleted successfully C:\Users\steven\AppData\Roaming\AdobeUM deleted successfully C:\Users\steven\AppData\Roaming\PeerNetworking deleted successfully C:\Users\steven\AppData\Roaming\Samsung deleted successfully C:\Users\steven\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3209317974-2775747799-1048052603-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{41564952-412D-5637-4300-7A786E7484D7} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\Program Files\AskPartnerNetwork deleted C:\ProgramData\AskPartnerNetwork deleted C:\ProgramData\APN deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\steven\AppData\Local\Temp ==== 2014-01-17 21:41:04 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Users\steven\AppData\Local\Temp\Offercast_AVIRAV7_.exe ====== Java Cache ===== 2014-01-16 18:25:02 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\steven\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-115141fd ====== C:\Windows\system32 ===== 2014-01-19 03:19:49 D6BACADF83661F08F9E1515AAE74B03E 92672 ----a-w- C:\Windows\System32\UIAnimation.dll 2014-01-19 03:19:48 8C459CFAC2FB3DFB693BCFEC32F25407 3023360 ----a-w- C:\Windows\System32\UIRibbon.dll 2014-01-19 03:19:48 22C2646DD3ED24004F994D0DA9755955 1164800 ----a-w- C:\Windows\System32\UIRibbonRes.dll 2014-01-19 03:18:34 8375E2BD58BFB375695135A511EBEE00 369664 ----a-w- C:\Windows\System32\WMPhoto.dll 2014-01-19 03:18:31 D1C47F951EA35073C97EF2E928CF9D6F 195584 ----a-w- C:\Windows\System32\dxdiagn.dll 2014-01-19 03:18:31 6836D001FC733F205ACB80A7986CB6C9 974848 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2014-01-19 03:18:31 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe 2014-01-19 03:18:31 247609D2CD28A57BC1FE37FDA48AC0DB 321024 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll 2014-01-19 03:18:31 012A965F34414458075EF4F0EDC11536 189440 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll 2014-01-19 03:18:30 6E895BDCB3158E3860A49662332736BA 519680 ----a-w- C:\Windows\System32\d3d11.dll 2014-01-19 03:17:30 9B9108D3019C18BD6D38B860813E6E52 31232 ----a-w- C:\Windows\System32\BthMtpContextHandler.dll 2014-01-19 03:17:30 801FBDB89D472B3C467EB112A0FC9246 81920 ----a-w- C:\Windows\System32\wpdbusenum.dll 2014-01-19 03:17:30 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe 2014-01-19 03:17:27 B53BD9E63867CD9FD853F666CA172713 60928 ----a-w- C:\Windows\System32\PortableDeviceConnectApi.dll 2014-01-19 03:17:25 58E42DDB9F734E8DBDA17E806EF3F64A 33280 ----a-w- C:\Windows\System32\WpdConns.dll 2014-01-19 03:17:25 3501443C148C780E8CE6B5108CE6D95E 61952 ----a-w- C:\Windows\System32\WpdMtpUS.dll 2014-01-19 03:17:24 E92143D1B2E32FAF6CC56FD97B908F6A 2537472 ----a-w- C:\Windows\System32\wpdshext.dll 2014-01-19 03:17:24 C220FC95DA7AD00AB03C184AFDDC5314 196608 ----a-w- C:\Windows\System32\PortableDeviceWMDRM.dll 2014-01-19 03:17:24 B2B117BD8D1EA80536CDD91797EF4A0A 100864 ----a-w- C:\Windows\System32\PortableDeviceClassExtension.dll 2014-01-19 03:17:24 A8FB1B20C5ABD1817B7F96251293BFF9 226816 ----a-w- C:\Windows\System32\WpdMtp.dll 2014-01-19 03:17:24 883D02AB5D350BC45E0F60E8CFA97FDC 160256 ----a-w- C:\Windows\System32\PortableDeviceTypes.dll 2014-01-19 03:17:24 81072240917688254A55C1C568B2377B 546816 ----a-w- C:\Windows\System32\wpd_ci.dll 2014-01-19 03:17:24 6B5C53E0932C510606D700B7A896EF73 87552 ----a-w- C:\Windows\System32\WPDShServiceObj.dll 2014-01-19 03:17:24 49456BFE373D90B895795C5A1A13A7C8 350208 ----a-w- C:\Windows\System32\WPDSp.dll 2014-01-19 03:17:24 2205A220A264E8C8B86492BF3D112907 334848 ----a-w- C:\Windows\System32\PortableDeviceApi.dll 2014-01-19 02:21:31 2F0BC1FC6142DCB31C7D9804962A7011 9728 ----a-w- C:\Windows\System32\Wdfres.dll 2014-01-19 02:21:27 76FD230DEAB73D2826458617DBB56A63 16896 ----a-w- C:\Windows\System32\winusb.dll 2014-01-19 02:21:26 FE47B7BC8EA320C2D9B5E5BF6E303765 73216 ----a-w- C:\Windows\System32\WUDFSvc.dll 2014-01-19 02:21:26 D5CF1536137026ACDED95BF6CBF849F6 172032 ----a-w- C:\Windows\System32\WUDFPlatform.dll 2014-01-19 02:21:24 D689B2C2E69156D954C24810F4081C1E 38912 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll 2014-01-19 02:21:24 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe 2014-01-19 02:21:23 A36F7A256E65D858A7039DB00ADEEBDD 613888 ----a-w- C:\Windows\System32\WUDFx.dll 2014-01-18 23:46:44 FF41E1AC301F51E16F61AD7C0F45467C 231424 ----a-w- C:\Windows\System32\msshsq.dll 2014-01-18 23:46:40 351FA1DF82CFFDEDA801604246E63E95 15872 ----a-w- C:\Windows\System32\icaapi.dll 2014-01-18 23:46:36 FF8FCDF1913016813AFB966A0F41B299 23552 ----a-w- C:\Windows\System32\mciseq.dll 2014-01-18 23:46:36 14FF750EFE13B0C21E5A06507C3A97B1 189952 ----a-w- C:\Windows\System32\winmm.dll 2014-01-18 23:46:31 AAF101900A23D75AE1AE00840FA6F3B8 11586048 ----a-w- C:\Windows\System32\shell32.dll 2014-01-18 23:46:25 E389C328AC7FE5673593ECAD269E7A54 783360 ----a-w- C:\Windows\System32\rpcrt4.dll 2014-01-18 23:46:11 87CDFFCBD09C1CA03A068343D5D93250 5120 ----a-w- C:\Windows\System32\wmi.dll 2014-01-18 23:46:11 09EA40F4DAD2EDB3587E5E0BAA9C3E15 158208 ----a-w- C:\Windows\System32\imagehlp.dll 2014-01-18 23:46:03 D6F0260D9051C0B60998F4CDBE9B2CC6 37376 ----a-w- C:\Windows\System32\cdd.dll 2014-01-18 23:45:49 66816B85E75821339644E9554B671CDB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-01-18 23:45:48 D40C56B9338EA2C3B3891A6FCE5E51F7 916992 ----a-w- C:\Windows\System32\wininet.dll 2014-01-18 23:45:48 94E1042B7B5CC2D8E1AD035ABF636AB4 630272 ----a-w- C:\Windows\System32\msfeeds.dll 2014-01-18 23:45:48 84D82550510F29F1AA595AE2E4B60FAA 2005504 ----a-w- C:\Windows\System32\iertutil.dll 2014-01-18 23:45:48 736CFAD98B81F3B633EBC398C281A528 55808 ----a-w- C:\Windows\System32\iernonce.dll 2014-01-18 23:45:48 3B6D421884302E4E73B0C979F9803DB6 174080 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-01-18 23:45:48 1E9965743771AF3F9327BCD379169601 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll 2014-01-18 23:45:48 15CD6BD3258338B67D731B2F1C7274E1 25600 ----a-w- C:\Windows\System32\jsproxy.dll 2014-01-18 23:45:48 067347D17DB31481B8633DC6DCC370A5 133632 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-18 23:45:47 E734BA46299B25A9182BC86C5CA94768 387584 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-01-18 23:45:47 1C29FB39E957A4411B8B6F2C30A34318 71680 ----a-w- C:\Windows\System32\iesetup.dll 2014-01-18 23:45:46 1E5690ED49D4168D533A8337536A1CBF 1213440 ----a-w- C:\Windows\System32\urlmon.dll 2014-01-18 23:45:45 6603246062426425B743C1E415F30154 1469440 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-01-18 23:45:45 39D09AF0C2BAC30FA93B11B81315AE6B 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2014-01-18 23:45:44 60BCDFD06EA9F3AD96F74674226529D1 206848 ----a-w- C:\Windows\System32\occache.dll 2014-01-18 23:45:43 EE8397215DF5E9C8076AD636A57B969C 109056 ----a-w- C:\Windows\System32\iesysprep.dll 2014-01-18 23:45:43 E3AC8293BD30CD20D42A773AE3AAECB5 11111936 ----a-w- C:\Windows\System32\ieframe.dll 2014-01-18 23:45:41 F32ED4E70FCEB40177DCADFB35045400 385024 ----a-w- C:\Windows\System32\html.iec 2014-01-18 23:45:41 E4B28C016079059A298DB6392ECC4C83 43520 ----a-w- C:\Windows\System32\licmgr10.dll 2014-01-18 23:45:41 C10CEDD90CCB9ED5E704D2BC1E3697F0 67072 ----a-w- C:\Windows\System32\mshtmled.dll 2014-01-18 23:45:41 74B4D54B65D5B04CB522DE539765485F 18944 ----a-w- C:\Windows\System32\corpol.dll 2014-01-18 23:45:41 575D95E2750755F5EE6A630767DFC68F 164352 ----a-w- C:\Windows\System32\ieui.dll 2014-01-18 23:45:41 4CA40A2B506D0D5F9A20138FE1FADADC 611840 ----a-w- C:\Windows\System32\mstime.dll 2014-01-18 23:45:40 AAE48AD540B87D67251DBF51E77E016F 184320 ----a-w- C:\Windows\System32\iepeers.dll 2014-01-18 23:45:40 12ED779B51FBC68D7226D29C751A65BB 105984 ----a-w- C:\Windows\System32\url.dll 2014-01-18 23:45:39 EE11316C5398ED18AD63D91B86B8162B 6018560 ----a-w- C:\Windows\System32\mshtml.dll 2014-01-18 23:45:30 D1AE4D2D559C23CE9DE4B3B10A90B901 57856 ----a-w- C:\Windows\System32\MSDvbNP.ax 2014-01-18 23:45:30 959A4BC486951267EE6343A431A92B12 293376 ----a-w- C:\Windows\System32\psisdecd.dll 2014-01-18 23:45:30 3A78D48221D32BC99C4B11B112D6EADA 217088 ----a-w- C:\Windows\System32\psisrndr.ax 2014-01-18 23:45:30 1B45ED071775A5E8BF51682EC5B61231 69632 ----a-w- C:\Windows\System32\Mpeg2Data.ax 2014-01-18 23:45:26 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-18 23:45:19 63396CBB1365769D520E0FD89C2419F2 623616 ----a-w- C:\Windows\System32\localspl.dll 2014-01-18 23:43:39 E87F6492F5406287EDF05DF40BB86780 102608 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2014-01-18 23:42:53 BC5E45CB2304AFB4D2EF2FD9C41299AF 979456 ----a-w- C:\Windows\System32\MFH264Dec.dll 2014-01-18 23:42:53 AAAE543C535ED596ECAD2AB8761C2C6F 478720 ----a-w- C:\Windows\System32\dxgi.dll 2014-01-18 23:42:52 759982EBE2B8DE1F4B50D14D0EFD6682 876032 ----a-w- C:\Windows\System32\XpsPrint.dll 2014-01-18 23:42:52 3439DFAD865BF24C3E3DE3BCB2F9C39F 135680 ----a-w- C:\Windows\System32\XpsRasterService.dll 2014-01-18 23:42:51 7BE8835CA7E2975F2E865CEEE8821EB6 261632 ----a-w- C:\Windows\System32\mfreadwrite.dll 2014-01-18 23:42:51 44CEE5264282105A89B650FDB07E40FF 357376 ----a-w- C:\Windows\System32\MFHEAACdec.dll 2014-01-18 23:42:50 743B1957729DE905DC44782A957FD284 302592 ----a-w- C:\Windows\System32\mfmp4src.dll 2014-01-18 23:42:50 67D16247C56C26A4F0D79D1A7F272B8F 2873344 ----a-w- C:\Windows\System32\mf.dll 2014-01-18 23:42:49 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2014-01-18 23:42:49 BF142D4F8C61ED3629A9CDD7BA867900 209920 ----a-w- C:\Windows\System32\mfplat.dll 2014-01-18 23:42:49 167AC31450C0C53A01FA1491E94D7678 1075712 ----a-w- C:\Windows\System32\shdocvw.dll 2014-01-18 23:42:48 B5950DF243837D8217F4E597919B224A 586240 ----a-w- C:\Windows\System32\stobject.dll 2014-01-18 23:42:45 E821547F853BF67CABE187B6FAA5D212 26112 ----a-w- C:\Windows\System32\printfilterpipelineprxy.dll 2014-01-18 23:42:45 B9103A56ACABDED3E87C2A8777B6456C 98816 ----a-w- C:\Windows\System32\mfps.dll 2014-01-18 23:42:45 5EC8FB83F31AA2D6F421F02C3F4F4475 258048 ----a-w- C:\Windows\System32\winspool.drv 2014-01-18 23:42:18 950343D413EEDC3A24472BB2046CFB59 75776 ----a-w- C:\Windows\System32\synceng.dll 2014-01-18 23:41:18 D0F138624B9B49F349C5D3D2341199A1 429056 ----a-w- C:\Windows\System32\EncDec.dll 2014-01-18 23:41:14 F1DBB1AC69239D292A9035032C5B4F00 2048 ----a-w- C:\Windows\System32\tzres.dll 2014-01-18 23:40:26 9258E6D71D65B90A9308978085B934AA 376320 ----a-w- C:\Windows\System32\dpnet.dll 2014-01-18 23:40:25 F189F4921D3C24AC96861AA27D329B9B 23040 ----a-w- C:\Windows\System32\dpnsvr.exe 2014-01-18 23:40:17 57390AF2F8939AB038FC4A5D10B50D52 335360 ----a-w- C:\Windows\System32\SysFxUI.dll 2014-01-18 23:38:04 98B656EAF128CD06F625B09C84D959E1 467968 ----a-w- C:\Windows\System32\netapi32.dll 2014-01-18 23:37:55 3DFEEC45E5F22993216083FB777719D5 683008 ----a-w- C:\Windows\System32\d2d1.dll 2014-01-18 23:37:55 33EBF5DCD45F878B3622AD82AB37AF3A 1172480 ----a-w- C:\Windows\System32\d3d10warp.dll 2014-01-18 23:37:55 29E4EA31C6DEBE5EFB384EEFA4F1EF63 160768 ----a-w- C:\Windows\System32\d3d10_1.dll 2014-01-18 23:37:54 8CE364388C8ECA59B14B539179276D44 797696 ----a-w- C:\Windows\System32\FntCache.dll 2014-01-18 23:37:54 8B02D2ECC7EF6E1F6AF08459E3F741F6 1029120 ----a-w- C:\Windows\System32\d3d10.dll 2014-01-18 23:37:53 E607F9C6A2386647B572580CB147C7B3 1554432 ----a-w- C:\Windows\System32\xpsservices.dll 2014-01-18 23:37:53 A15ED03919107C2A6A3395EE02C7DD47 847360 ----a-w- C:\Windows\System32\OpcServices.dll 2014-01-18 23:37:53 9C7094F537782A82B6A29B4A7172E180 189952 ----a-w- C:\Windows\System32\d3d10core.dll 2014-01-18 23:37:53 6843926AFF733D46A04F9D4E1C1A6B14 1068544 ----a-w- C:\Windows\System32\DWrite.dll 2014-01-18 23:37:53 556F1CBE9BA19E2CCD6F8D9AF71AF5C7 219648 ----a-w- C:\Windows\System32\d3d10_1core.dll 2014-01-18 23:37:53 1217AEB3DBED42C54ADD826EDDC21660 288768 ----a-w- C:\Windows\System32\XpsGdiConverter.dll 2014-01-18 23:37:53 04802864F51046E93471083A24469ACE 486400 ----a-w- C:\Windows\System32\d3d10level9.dll 2014-01-18 23:37:34 A520C77CFFABC96E32818451B60905C7 66560 ----a-w- C:\Windows\System32\packager.dll 2014-01-18 23:35:58 13CC59C1B04E9F20A87987C68CD4BE3F 204288 ----a-w- C:\Windows\System32\ncrypt.dll 2014-01-18 23:35:21 17AF64D727545F2804F6E6D998327E3F 680448 ----a-w- C:\Windows\System32\msvcrt.dll 2014-01-18 23:35:17 DC3105CC925A0D47F61B54E66AB730FC 892928 ----a-w- C:\Windows\System32\kernel32.dll 2014-01-18 23:35:02 4CA9275776D204BF25CE2B2561B17E44 726528 ----a-w- C:\Windows\System32\jscript.dll 2014-01-18 23:35:00 420B075CD71AB9E58D15DD258958FBA3 353280 ----a-w- C:\Windows\System32\shlwapi.dll 2014-01-18 23:34:52 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll 2014-01-18 23:34:49 C43A71C2845C88D7E5A8A26D3850BDFB 1548288 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2014-01-18 23:34:44 A4E7946B71BBDF8708C7AC97FD9E9008 443904 ----a-w- C:\Windows\System32\win32spl.dll 2014-01-18 23:34:44 2D3D47B93E0BE86EEBB261734AB5B6A1 37376 ----a-w- C:\Windows\System32\printcom.dll 2014-01-18 23:34:34 2497FD012104DFF64BF01DA98ECF6F75 131072 ----a-w- C:\Windows\System32\wshom.ocx 2014-01-18 23:34:34 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-01-18 23:34:33 F9D5C623E913CDAA198ECF0E6D2AA54A 36864 ----a-w- C:\Windows\System32\wshcon.dll 2014-01-18 23:34:33 DDEA43CDF00D6987F633F80AE4B7F2CE 172032 ----a-w- C:\Windows\System32\scrrun.dll 2014-01-18 23:34:33 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-18 23:34:31 872363237F24BCB03D73E2A3B4FBF38D 297984 ----a-w- C:\Windows\System32\gdi32.dll 2014-01-18 23:34:22 84BDC77A844493FCD76858B52690F31B 812544 ----a-w- C:\Windows\System32\certutil.exe 2014-01-18 23:34:20 5827CF5BBA5AEBDB416556E076A19EAF 41984 ----a-w- C:\Windows\System32\certenc.dll 2014-01-18 23:33:56 0317420D419E1885894B3ED9D375D245 993792 ----a-w- C:\Windows\System32\crypt32.dll 2014-01-18 23:33:33 0296DAEB5555A248E8ABF7E5012A37A6 1400832 ----a-w- C:\Windows\System32\msxml6.dll 2014-01-18 23:33:30 E1E52D56D266C2741058BA6611970D0C 497152 ----a-w- C:\Windows\System32\qdvd.dll 2014-01-18 23:33:27 EE16F3E01C4A6C77383F1BBBD10AD6C2 596480 ----a-w- C:\Windows\System32\FWPUCLNT.DLL 2014-01-18 23:33:27 4687EE0C0DD2CE5F7AAA9C2E33C1DC78 444928 ----a-w- C:\Windows\System32\IKEEXT.DLL 2014-01-18 23:33:27 14D9A057A082E00116A7A4415051D07C 218228 ----a-w- C:\Windows\System32\WFP.TMF 2014-01-18 23:33:21 DBD9448D06E67FE6F29261FFAD205B68 615936 ----a-w- C:\Windows\System32\themeui.dll 2014-01-18 23:33:17 DBD02E3E6F061EBBBF9B99A9D7CBA30B 377344 ----a-w- C:\Windows\System32\winhttp.dll 2014-01-18 23:33:15 A136094368CA45BA50BF4E2703E93B82 293376 ----a-w- C:\Windows\System32\atmfd.dll 2014-01-18 23:33:14 D1F8FE7C788C437DDE311E9F0C09005E 34304 ----a-w- C:\Windows\System32\atmlib.dll 2014-01-18 23:33:08 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2014-01-18 23:33:07 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe 2014-01-18 23:33:07 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe 2014-01-18 23:33:07 B9FDFF876B0E7B4FECBAA5708C6ED616 1205168 ----a-w- C:\Windows\System32\ntdll.dll 2014-01-18 23:33:07 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll 2014-01-18 23:32:59 DC15AB7168C0309D8F04FD95B6240422 238080 ----a-w- C:\Windows\System32\oleacc.dll 2014-01-18 23:32:59 CCE5E7C0F8AA13207E777C43F4DA80A3 555520 ----a-w- C:\Windows\System32\UIAutomationCore.dll 2014-01-18 23:32:59 B218342214D9BBA0F54EA12BA2E9278C 563712 ----a-w- C:\Windows\System32\oleaut32.dll 2014-01-18 23:32:59 7E38DA8C11833B99766A97CEE3F80F07 4096 ----a-w- C:\Windows\System32\oleaccrc.dll 2014-01-18 23:32:34 26B7512FAF33ECD0356874BBB20A9E20 505344 ----a-w- C:\Windows\System32\qedit.dll 2014-01-18 23:32:31 6ABD253226770EAE1292B4C945ED4B4B 1248768 ----a-w- C:\Windows\System32\msxml3.dll 2014-01-18 23:31:55 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll 2014-01-18 23:31:52 1908CC7673F72601AFFDCA022689CEDF 182784 ----a-w- C:\Windows\System32\xmllite.dll 2014-01-18 23:31:50 58035212AB7869A5FC3AF186ACBA8F09 532480 ----a-w- C:\Windows\System32\comctl32.dll 2014-01-18 23:31:45 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll 2014-01-18 23:31:39 4E07C27B4207ABB35F694E10ED609D2C 24576 ----a-w- C:\Windows\System32\cryptdlg.dll 2014-01-18 23:28:49 50E3E76B0901BB4FC029BB88BFA5CE79 278528 ----a-w- C:\Windows\System32\schannel.dll 2014-01-18 23:28:49 178FAC2B7C66E9A4400CE7AC37623E3F 1259008 ----a-w- C:\Windows\System32\lsasrv.dll 2014-01-18 23:28:48 D602FEDBD9155FC2DED6863FB60C950F 72704 ----a-w- C:\Windows\System32\secur32.dll 2014-01-18 23:28:48 A3E186B4B935905B829219502557314E 9728 ----a-w- C:\Windows\System32\lsass.exe 2014-01-18 22:50:02 D16A740186870C32941C0E61DF4F1298 172544 ----a-w- C:\Windows\System32\wintrust.dll 2014-01-18 22:50:02 71B479749F0F52C4FEC726C6FFA2CE1C 98304 ----a-w- C:\Windows\System32\cryptnet.dll 2014-01-18 22:50:02 684C130BBC6DB681BAD4920A4C944AA5 133120 ----a-w- C:\Windows\System32\cryptsvc.dll 2014-01-18 14:30:49 BDC0C99E472176C8C2C853A68ADC5073 45080 ----a-w- C:\Windows\System32\wups2.dll 2014-01-18 14:30:49 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe 2014-01-18 14:30:48 FC3EC24FCE372C89423E015A2AC1A31E 1933848 ----a-w- C:\Windows\System32\wuaueng.dll 2014-01-18 14:30:48 285C594C4913FA9DC7BB6BA3AD6F101A 2422272 ----a-w- C:\Windows\System32\wucltux.dll 2014-01-18 14:29:50 C480F0E968ECA0D80D0299D7F204E33B 88576 ----a-w- C:\Windows\System32\wudriver.dll 2014-01-18 14:29:50 3458EDA96E30FBD0477A2800D3FB1909 35864 ----a-w- C:\Windows\System32\wups.dll 2014-01-18 14:29:49 1A617835452EEE5060976C9B9F5FE635 577048 ----a-w- C:\Windows\System32\wuapi.dll 2014-01-18 14:29:31 98F94089E9C549E223AB05BE54BAB2ED 171904 ----a-w- C:\Windows\System32\wuwebv.dll 2014-01-18 14:29:31 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe 2014-01-15 20:15:10 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-01-15 20:14:32 FD80D0AE205EC54D1A204DDBD6B766DA 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-01-15 20:14:32 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\System32\javaw.exe 2014-01-15 20:14:32 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\System32\java.exe ====== C:\Windows\system32\drivers ===== 2014-01-19 04:12:07 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2014-01-19 04:11:17 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2014-01-19 03:17:25 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\drivers\WpdUsb.sys 2014-01-19 02:21:44 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-01-19 02:21:27 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2014-01-19 02:21:27 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2014-01-19 02:21:25 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2014-01-18 23:46:40 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2014-01-18 23:46:11 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2014-01-18 23:46:03 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-01-18 23:45:58 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2014-01-18 23:42:15 D18D53974FD715D50FC76F9FFE1C830D 905664 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-01-18 23:40:21 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2014-01-18 23:40:17 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-18 23:40:17 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-18 23:40:12 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2014-01-18 23:40:09 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\drivers\usbser.sys 2014-01-18 23:35:32 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-01-18 23:35:24 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-18 23:35:24 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-18 23:35:23 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-18 23:35:23 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-18 23:35:23 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-18 23:35:23 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-18 23:35:14 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-01-18 23:33:23 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2014-01-18 23:31:47 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-01-18 23:31:04 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2014-01-18 23:31:04 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys 2014-01-18 23:28:49 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2014-01-17 21:37:22 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys 2014-01-17 21:37:13 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-01-17 21:37:13 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-01-17 21:37:13 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys 2014-01-16 20:10:14 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys ====== C:\Windows\Tasks ====== 2014-01-19 07:50:18 -------- d-----w- C:\Windows\system32\Tasks\WPD 2014-01-16 19:07:28 A99B13816E2F923661CB3B78CCE5917B 3300 ----a-w- C:\Windows\system32\Tasks\4842 2014-01-16 19:07:26 E85597A4DA0E8AC8D4EC4F4E6C548955 3202 ----a-w- C:\Windows\system32\Tasks\0 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-19 08:15:25 -------- d-----w- C:\Program Files\trend micro 2014-01-19 04:13:09 -------- d-----w- C:\Program Files\Windows Portable Devices 2014-01-17 21:42:47 -------- d-----w- C:\Program Files\VNT 2014-01-17 21:36:53 -------- d-----w- C:\Program Files\Avira 2014-01-16 18:47:12 708168 ----a-w- C:\Program Files\5mUninstall MyFunCards.dll 2014-01-16 18:47:12 186744 ----a-w- C:\Program Files\5mres.dll 2014-01-15 20:15:33 -------- d-----w- C:\Program Files\Common Files\Java ======= C: ===== ====== C:\Users\steven\AppData\Roaming ====== 2014-01-17 21:43:05 -------- d-----w- C:\Users\steven\AppData\Local\VNT 2014-01-17 21:41:23 -------- d-----w- C:\Users\steven\AppData\Roaming\Avira ====== C:\Users\steven ====== 2014-01-19 08:15:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\steven\Desktop\RSIT.exe 2014-01-17 21:37:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-01-17 21:36:53 -------- d-----w- C:\ProgramData\Avira 2014-01-17 21:35:21 -------- d-----w- C:\Users\Public\Downloads 2014-01-16 20:07:49 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\steven\Downloads\avira_free_antivirus_nl.exe 2014-01-15 20:15:37 -------- d-----w- C:\ProgramData\Sun 2014-01-15 20:14:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-01-19 08:15:27 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\steven.exe 2014-01-19 08:15:00 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\steven\Desktop\RSIT.exe 2014-01-19 03:18:31 60BBAF3F5A38D0274B0C46710A218051 252928 ----a-w- C:\Windows\System32\dxdiag.exe 2014-01-19 03:17:30 1D7D7E32A80109D5C3167309265EAC83 30208 ----a-w- C:\Windows\System32\WPDShextAutoplay.exe 2014-01-19 02:21:24 980B6A5F92B8DB235C4A26728C2BE732 196608 ----a-w- C:\Windows\System32\WUDFHost.exe 2014-01-18 23:46:16 FC1CDF0AC20808719891DD6D965B8F99 299160 ----a-w- C:\Windows\System32\XPSViewer\XPSViewer.exe 2014-01-18 23:45:49 66816B85E75821339644E9554B671CDB 13312 ----a-w- C:\Windows\System32\msfeedssync.exe 2014-01-18 23:45:48 89ADB3737BA5D80146D012B5FB184C07 376320 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-01-18 23:45:48 3B6D421884302E4E73B0C979F9803DB6 174080 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-01-18 23:45:48 067347D17DB31481B8633DC6DCC370A5 133632 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-01-18 23:45:38 D66144C1BC885E523AD74BAD1EC6566D 638120 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-01-18 23:42:49 DFD714F1A410B32DA258423CF592A96E 667648 ----a-w- C:\Windows\System32\printfilterpipelinesvc.exe 2014-01-18 23:41:14 A41D107A42B7CFC4FD6C566CC6F37F23 19456 ----a-w- C:\Windows\servicing\GC32\tzupd.exe 2014-01-18 23:40:25 F189F4921D3C24AC96861AA27D329B9B 23040 ----a-w- C:\Windows\System32\dpnsvr.exe 2014-01-18 23:34:34 1D0A82B11235D68CF55A54B2ADECB9F1 155648 ----a-w- C:\Windows\System32\wscript.exe 2014-01-18 23:34:33 B44B59C85DC2C2D39542F97BF545A308 135168 ----a-w- C:\Windows\System32\cscript.exe 2014-01-18 23:34:22 84BDC77A844493FCD76858B52690F31B 812544 ----a-w- C:\Windows\System32\certutil.exe 2014-01-18 23:33:08 61E5B6E75A5E53D1052A6D18BF67B59A 3603904 ----a-w- C:\Windows\System32\ntkrnlpa.exe 2014-01-18 23:33:07 CB284FC56D12BF5D2503CB75B03FD40A 3551680 ----a-w- C:\Windows\System32\ntoskrnl.exe 2014-01-18 23:33:07 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe 2014-01-18 23:28:48 A3E186B4B935905B829219502557314E 9728 ----a-w- C:\Windows\System32\lsass.exe 2014-01-18 14:30:49 2E0B0A051FFAA86E358465BB0880D453 53784 ----a-w- C:\Windows\System32\wuauclt.exe 2014-01-18 14:29:31 069385484EA57B663D688894C88975C5 33792 ----a-w- C:\Windows\System32\wuapp.exe 2014-01-17 21:43:05 ABC13EE82ECC14C63709465BA9BCA0AD 202192 ----a-w- C:\Users\steven\AppData\Local\VNT\vntldr.exe 2014-01-17 21:41:04 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Users\steven\AppData\Local\Temp\Offercast_AVIRAV7_.exe 2014-01-17 21:37:31 5BC02AC86CB9F875BD91A5D009132FDE 645688 ----a-w- C:\Program Files\Avira\AntiVir Desktop\wsctool.exe 2014-01-17 21:37:24 26731C2F4452C1A2DBDBAE8D201E4CE2 399416 ----a-w- C:\Program Files\Avira\AntiVir Desktop\updrgui.exe 2014-01-17 21:37:23 91ECCE87F494816737BD6F1B0B671C2A 934968 ----a-w- C:\Program Files\Avira\AntiVir Desktop\update.exe 2014-01-17 21:37:22 1106B8D42E6614240C03AB76224DAF02 422456 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setuppending.exe 2014-01-17 21:37:21 FE79366FECD444A16CCA9979134DBEA8 440376 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sched.exe 2014-01-17 21:37:21 039ECAE9617FBC500B891256F139FD79 1315384 ----a-w- C:\Program Files\Avira\AntiVir Desktop\setup.exe 2014-01-17 21:37:18 1305B94364F8F8F80DCD0E22E64E267A 467000 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe 2014-01-17 21:37:18 02AC980B23C6539B56DEC7956DE2DA3B 458296 ----a-w- C:\Program Files\Avira\AntiVir Desktop\licmgr.exe 2014-01-17 21:37:17 17819ACCC4D21E3C07E80454A40A26EB 466488 ----a-w- C:\Program Files\Avira\AntiVir Desktop\guardgui.exe 2014-01-17 21:37:16 D49A434E4BF69D23291D54164D5D15D6 796728 ----a-w- C:\Program Files\Avira\AntiVir Desktop\fact.exe 2014-01-17 21:37:16 AFE071E446E1A2ABB75B0B9234AC726E 474680 ----a-w- C:\Program Files\Avira\AntiVir Desktop\ccuac.exe 2014-01-17 21:37:16 849D6BD0357DD1E39B01FFF40659B5ED 401976 ----a-w- C:\Program Files\Avira\AntiVir Desktop\checkt.exe 2014-01-17 21:37:14 BD64ED04CB32C31F9F6812415405E65E 566328 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebloader.exe 2014-01-17 21:37:14 B1625BA4BB3667C3219F2E2EB34AE0E7 411704 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avupgsvc.exe 2014-01-17 21:37:14 42AFC20DB8D9D8651E26140E95B6A902 858720 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwsc.exe 2014-01-17 21:37:14 29D956C8CB67222D678FAF20D485B25B 1011768 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe 2014-01-17 21:37:13 FDE9C7030FB1E9E2715E113EE6A10F90 440376 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avguard.exe 2014-01-17 21:37:13 FDA1329BF7F5F92C71C692798B642BAC 661048 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe 2014-01-17 21:37:13 F88A5D699B6F6AD080ECD58548EF4D7F 511544 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avrestart.exe 2014-01-17 21:37:13 F143483EF1FD85495AF9EAD190C55983 441400 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avadmin.exe 2014-01-17 21:37:13 DD231039B13EC2ABDE315D76E658EF0E 684600 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 2014-01-17 21:37:13 8A2DEC9995EFD16D97A84E3CB7F09812 759864 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avnotify.exe 2014-01-17 21:37:13 782ED0F2DFF01B1556A353E4283F2888 1032760 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avscan.exe 2014-01-17 21:37:13 72B909F1594FC52D25FC3622B9D80D45 769592 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avconfig.exe 2014-01-17 21:37:13 6F1E9AB820B3DD8BD38C0190A206205D 431672 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe 2014-01-17 21:37:13 4E41301AB03814EABE37FCF194B728A6 1326512 ----a-w- C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe 2014-01-17 05:07:16 00C2D68C98FA311C1A80EE33ED846923 36500648 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_chrome_installer.exe 2014-01-16 20:07:49 29B7410D1B5313E298094651A0C98530 129870080 ----a-w- C:\Users\steven\Downloads\avira_free_antivirus_nl.exe 2014-01-16 18:26:55 1D0A1FF655C6CF2EA2DE4FB6AA8246AD 9046696 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_31.0.1650.63_chrome_updater.exe 2014-01-15 20:15:10 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-01-15 20:14:32 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\System32\javaw.exe 2014-01-15 20:14:32 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\System32\java.exe 2014-01-15 20:14:08 C422AF851B98378A39B51D99FE707E64 146344 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-01-15 20:14:07 0E37C7C174521E16CEA0A6BC46F03BCD 16296 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-01-15 20:14:06 EBAB810C999D8C31F0D5D8B28B3EEDD1 15784 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-01-15 20:14:06 ACA236A716C2291E40ED069F2CBB3D35 49064 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-01-15 20:14:06 6E2BECF6E17FF8DC850C058A38A50C4F 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-01-15 20:14:06 6E1B0EEBF3D1CC7ECF4104E1473900FF 15784 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-01-15 20:14:05 F4BA3A5D5FDE0A321CD7C4A74749CE5B 15784 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-01-15 20:14:05 397A6EA17BB97800939DE44D7BFEEC04 15784 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-01-15 20:14:05 18BC25C50200C3DD4E67611D2467DAA2 15784 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-01-15 20:14:02 ED1F5F1906F8D963612A4831CDB331D6 15784 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-01-15 20:14:02 762E372DCFDAE32FAE52C1A50A0029C2 15784 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-01-15 20:14:02 49A5F3169A23C00F9F2023DFE04D7AF6 15784 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-01-15 20:14:01 6EEAD2C8A5CAC1F0F2066ABD77BA9092 15784 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-01-15 20:14:00 B9436A665A8621073A12338B16D7BFD4 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-01-15 20:13:59 A8F2A6D5782AA0166D8367FF674DDF77 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-01-15 20:13:54 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-01-15 20:13:54 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-01-15 20:13:53 E9BFEA5B2F3F7598DA990F9728768790 66984 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-01-15 20:13:53 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-01-15 20:13:52 FBC27FD8E76C53E6E8066944BBE2BF73 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-01-15 20:13:52 5877E6618DA03EE8E7A869F57EE6ACE5 15784 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-01-15 19:55:31 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\steven\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe === C: other files == 2014-01-19 03:17:25 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wpdmtp.inf_2a7adb02\WpdUsb.sys 2014-01-19 03:17:25 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\drivers\WpdUsb.sys 2014-01-19 03:17:25 C034851122F667F26F813ED1E541C191 50688 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bthmtpenum.inf_201caa7f\BthMtpEnum.sys 2014-01-19 02:21:27 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2014-01-19 02:21:27 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys 2014-01-19 02:21:25 48704647CD2E9DAA2EB81BDE6D029EDB 47720 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys 2014-01-19 02:21:24 30FC6E5448D0CBAAA95280EEEF7FEDAE 34944 ----a-w- C:\Windows\System32\DriverStore\FileRepository\winusb.inf_abb27f1e\winusb.sys 2014-01-19 02:21:24 30FC6E5448D0CBAAA95280EEEF7FEDAE 34944 ----a-w- C:\Windows\System32\DriverStore\FileRepository\winusb.inf_80bcffa4\winusb.sys 2014-01-19 02:21:24 30FC6E5448D0CBAAA95280EEEF7FEDAE 34944 ----a-w- C:\Windows\System32\DriverStore\FileRepository\winusb.inf_37e181dd\winusb.sys 2014-01-18 23:46:40 F4EAA7ECBCB25DE901C9B7F2CDCDA0B3 24064 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2014-01-18 23:46:11 B972A66758577E0BFD1DE0F91AAA27B5 12800 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2014-01-18 23:46:03 988670D8343EF9835FB3659DB71B2EFA 638400 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-01-18 23:45:58 8D31A140B55021BBD3A608F5A7AA2E18 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys 2014-01-18 23:45:58 228F444F9AF0D3B9ECA9FC3F4FEB12F2 15872 ----a-w- C:\Windows\System32\DriverStore\FileRepository\netrndis.inf_f705a06e\usb8023x.sys 2014-01-18 23:45:26 A6E18756EA7B6E971184B57B86251FC5 2050560 ----a-w- C:\Windows\System32\win32k.sys 2014-01-18 23:44:23 D330803EAB2A15CAEC7F011F1D4CB30E 30208 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_426d1460\BTHUSB.SYS 2014-01-18 23:44:23 611FF3F2F095C8D4A6D4CFD9DCC09793 508416 ----a-w- C:\Windows\System32\DriverStore\FileRepository\bth.inf_426d1460\bthport.sys 2014-01-18 23:42:15 D18D53974FD715D50FC76F9FFE1C830D 905664 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2014-01-18 23:40:21 B9C2B89F08670E159F7181891E449CD9 53120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2014-01-18 23:40:17 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\portcls.sys 2014-01-18 23:40:17 6DBA75306DD9B242B6F1C343179AD201 167936 ----a-w- C:\Windows\System32\drivers\portcls.sys 2014-01-18 23:40:17 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdmaudio.inf_d2056fa8\drmk.sys 2014-01-18 23:40:17 2A63675F6FA8EF0FF9F5C72695584CAA 130048 ----a-w- C:\Windows\System32\drivers\drmk.sys 2014-01-18 23:40:12 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\DriverStore\FileRepository\volume.inf_2abeaeba\volsnap.sys 2014-01-18 23:40:12 786DB5771F05EF300390399F626BF30A 224640 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2014-01-18 23:40:09 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\DriverStore\FileRepository\mdmcpq.inf_fad2d0b6\usbser.sys 2014-01-18 23:40:09 8E6C378A885D6FFDA8F05E8D27B95C0E 27648 ----a-w- C:\Windows\System32\drivers\usbser.sys 2014-01-18 23:35:32 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys 2014-01-18 23:35:24 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbccgp.sys 2014-01-18 23:35:24 AAB0B5F72D2D726FBFDC895A2902DE1D 73216 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2014-01-18 23:35:24 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbhub.sys 2014-01-18 23:35:24 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_4d475c8b\usbhub.sys 2014-01-18 23:35:24 2AE6BCEBD85D31317E433733DAF25888 197632 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-18 23:35:23 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbd.sys 2014-01-18 23:35:23 FE619ED13CE12F5B43C04E3EA061BBD6 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-18 23:35:23 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbohci.sys 2014-01-18 23:35:23 D457EBD0C3A8B3A3A144355B5EE91CBC 19456 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-18 23:35:23 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbport.sys 2014-01-18 23:35:23 B09C74A41F26B08149707EA5E7F956C2 226304 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-18 23:35:23 44056325428A8E4C755830426E29878F 23552 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbuhci.sys 2014-01-18 23:35:23 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_2aa7a50a\usbehci.sys 2014-01-18 23:35:23 153E8515CB86F8BB5D1A8B478EBF4BB2 39936 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-18 23:35:14 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbvideo.inf_052c97ea\usbvideo.sys 2014-01-18 23:35:14 73FF24E21B690625A58109637DDA0DF7 134272 ----a-w- C:\Windows\System32\drivers\usbvideo.sys 2014-01-18 23:35:14 49A623C16E482F4D31AD0EBD801DD8EC 68608 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbcir.inf_933ee10a\usbcir.sys 2014-01-18 23:35:14 1114579556DB85E9FAF9590DBC64CD62 73344 ----a-w- C:\Windows\System32\DriverStore\FileRepository\wdma_usb.inf_e74ab35a\USBAUDIO.sys 2014-01-18 23:33:23 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys 2014-01-18 23:31:47 C127EBD5AFAB31524662C48DFCEB773A 180736 ----a-w- C:\Windows\System32\drivers\rdpwd.sys 2014-01-18 23:31:04 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\DriverStore\FileRepository\input.inf_c7f006cc\hidparse.sys 2014-01-18 23:31:04 BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8 25472 ----a-w- C:\Windows\System32\drivers\hidparse.sys 2014-01-18 23:31:04 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\DriverStore\FileRepository\sti.inf_45d79eaa\usbscan.sys 2014-01-18 23:31:04 1D714B8497CD68307806D5D3F60A5169 35328 ----a-w- C:\Windows\System32\drivers\usbscan.sys 2014-01-18 23:28:49 4A1445EFA932A3BAF5BDB02D7131EE20 440704 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2014-01-17 21:37:22 D66430ED8DF1E05D0F694B6BE3C1FB48 43040 ----a-w- C:\Program Files\Avira\AntiVir Desktop\sweb.zip 2014-01-17 21:37:22 A36EE93698802CD899F98BFD553D8185 28520 ----a-w- C:\Windows\System32\drivers\ssmdrv.sys 2014-01-17 21:37:13 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Windows\System32\drivers\avkmgr.sys 2014-01-17 21:37:13 D8C712305F73CD34D1B344810E522728 37352 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avkmgr.sys 2014-01-17 21:37:13 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2014-01-17 21:37:13 B8C10FF9369394EB84993F331810CF29 90400 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avgntflt.sys 2014-01-17 21:37:13 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Windows\System32\drivers\avipbb.sys 2014-01-17 21:37:13 4189E5AB2CAD6F395D87DAAE73EB090F 135648 ----a-w- C:\Program Files\Avira\AntiVir Desktop\avipbb.sys 2014-01-16 20:10:14 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-01-15 20:14:11 863EB6802B1C3B7630290871599BE0BD 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-3209317974-2775747799-1048052603-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3050A J611 series (NET)"="C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN17C4B57Z05PJ:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" "hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" "avgnt"="C:\Program Files\Avira\AntiVir Desktop\avgnt.exe /min" "VNT"="C:\Program Files\VNT\vntldr.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3050A J611 series (NET)"="C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe -deviceID CN17C4B57Z05PJ:NW -scfn HP Deskjet 3050A J611 series (NET) -AutoStart 1" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/12/2013 09:48] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/03/2012 19:56] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [29/03/2012 19:56] C:\Windows\tasks\HP Photo Creations Messager.job --a------ C:\ProgramData\HP Photo Creations\MessageCheck.exe [15/02/2011 11:11] C:\Windows\tasks\User_Feed_Synchronization-{E2CD1FAE-D5D5-46D8-9FD2-0744E2735DB0}.job --ah----- C:\Windows\system32\msfeedssync.exe [25/10/2013 05:53] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\0" [c:\program files\internet explorer\iexplore.exe] "C:\Windows\system32\tasks\4842" [wscript.exe C:\Users\steven\AppData\Local\Temp\launchie.vbs //B] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\HP Health Check" ["c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"] "C:\Windows\system32\tasks\HP Photo Creations Messager" [C:\ProgramData\HP Photo Creations\MessageCheck.exe] "C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3050A J611 series" ["C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe"] "C:\Windows\system32\tasks\User_Feed_Synchronization-{E2CD1FAE-D5D5-46D8-9FD2-0744E2735DB0}" [C:\Windows\system32\msfeedssync.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [05/09/2009 09:53] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions pcoohmdcpejoeggdnihdfhohjgdbllgm - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\ToolbarCR.crx[] YouTube - steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== C:\zoek_backup content ====================== C:\zoek_backup (files=50 folders=36 14956856 bytes) ==== EOF on zo 19/01/2014 at 18:53:44,83 ====================== -
Beste, Bij scan van de antivirus heb ik ontdekt dat op de pc JS/Lyricscontainer.A en DR/FakePic.Gen stonden. Hieronder het logje van RSIT. De antivirus heeft deze blijkbaar wel goed in quarantaine gezet want in het logje vind ik er niet direct nog iets van terug. Maar wel veel toolbars ed. Met Hijackthis wist ik hoe ik deze moest verwijderen, maar met RSIT niet. Hoe moet ik nu te werk gaan? Logfile of random's system information tool 1.09 (written by random/random) Run by steven at 2014-01-19 09:21:06 Microsoft® Windows Vista™ Home Basic Service Pack 2 System drive C: has 171 GB (75%) free of 228 GB Total RAM: 1790 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:21:09, on 19/01/2014 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19489) Boot mode: Normal Running processes: C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\taskeng.exe C:\Users\steven\AppData\Local\VNT\vntldr.exe C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\steven\Desktop\RSIT.exe C:\Windows\system32\msfeedssync.exe C:\Program Files\trend micro\steven.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=hompag R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/nl/index.php?rvs=hompag R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - "C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" (file missing) O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [VNT] C:\Program Files\VNT\vntldr.exe O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN17C4B57Z05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1 O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\steven\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Planner (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 8382 bytes ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\HP Photo Creations Messager.job C:\Windows\tasks\User_Feed_Synchronization-{E2CD1FAE-D5D5-46D8-9FD2-0744E2735DB0}.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}] Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2013-12-20 12240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-15 462760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Aanmelden - Help - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-15 171944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}] Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904] {41564952-412D-5637-4300-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll [2013-12-20 12240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-04-17 1049896] "QlbCtrl.exe"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2008-08-01 202032] "HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008] "hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2008-04-15 488752] "GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12 49208] ""= [] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2013-12-13 684600] "VNT"=C:\Program Files\VNT\vntldr.exe [2013-12-20 202192] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Deskjet 3050A J611 series (NET)"=C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2011-03-30 1721192] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2013-10-02 20472992] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "msacm.l3codecp"=l3codecp.acm "MSVideo8"=VfWWDM32.dll "msacm.siren"=sirenacm.dll "vidc.dvsd"=pdvcodec.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-19 09:15:25 ----D---- C:\Program Files\trend micro 2014-01-19 09:15:24 ----D---- C:\rsit 2014-01-19 05:13:09 ----D---- C:\Program Files\Windows Portable Devices 2014-01-19 04:19:49 ----A---- C:\Windows\system32\UIAnimation.dll 2014-01-19 04:19:48 ----A---- C:\Windows\system32\UIRibbonRes.dll 2014-01-19 04:19:48 ----A---- C:\Windows\system32\UIRibbon.dll 2014-01-19 04:18:34 ----A---- C:\Windows\system32\WMPhoto.dll 2014-01-19 04:18:31 ----A---- C:\Windows\system32\WindowsCodecsExt.dll 2014-01-19 04:18:31 ----A---- C:\Windows\system32\WindowsCodecs.dll 2014-01-19 04:18:31 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll 2014-01-19 04:18:31 ----A---- C:\Windows\system32\dxdiagn.dll 2014-01-19 04:18:31 ----A---- C:\Windows\system32\dxdiag.exe 2014-01-19 04:18:30 ----A---- C:\Windows\system32\d3d11.dll 2014-01-19 04:17:30 ----A---- C:\Windows\system32\WPDShextAutoplay.exe 2014-01-19 04:17:30 ----A---- C:\Windows\system32\wpdbusenum.dll 2014-01-19 04:17:30 ----A---- C:\Windows\system32\BthMtpContextHandler.dll 2014-01-19 04:17:27 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll 2014-01-19 04:17:25 ----A---- C:\Windows\system32\WpdMtpUS.dll 2014-01-19 04:17:25 ----A---- C:\Windows\system32\WpdConns.dll 2014-01-19 04:17:25 ----A---- C:\Windows\system32\drivers\WpdUsb.sys 2014-01-19 04:17:24 ----A---- C:\Windows\system32\WPDSp.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\WPDShServiceObj.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\wpdshext.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\WpdMtp.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\wpd_ci.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceTypes.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll 2014-01-19 04:17:24 ----A---- C:\Windows\system32\PortableDeviceApi.dll 2014-01-19 03:21:31 ----A---- C:\Windows\system32\Wdfres.dll 2014-01-19 03:21:27 ----A---- C:\Windows\system32\winusb.dll 2014-01-19 03:21:27 ----A---- C:\Windows\system32\drivers\WUDFRd.sys 2014-01-19 03:21:27 ----A---- C:\Windows\system32\drivers\WUDFPf.sys 2014-01-19 03:21:26 ----A---- C:\Windows\system32\WUDFSvc.dll 2014-01-19 03:21:26 ----A---- C:\Windows\system32\WUDFPlatform.dll 2014-01-19 03:21:25 ----A---- C:\Windows\system32\drivers\WdfLdr.sys 2014-01-19 03:21:24 ----A---- C:\Windows\system32\WUDFHost.exe 2014-01-19 03:21:24 ----A---- C:\Windows\system32\WUDFCoinstaller.dll 2014-01-19 03:21:23 ----A---- C:\Windows\system32\WUDFx.dll 2014-01-19 03:09:06 ----SHD---- C:\Config.Msi 2014-01-19 00:46:44 ----A---- C:\Windows\system32\msshsq.dll 2014-01-19 00:46:40 ----A---- C:\Windows\system32\icaapi.dll 2014-01-19 00:46:40 ----A---- C:\Windows\system32\drivers\tssecsrv.sys 2014-01-19 00:46:36 ----A---- C:\Windows\system32\winmm.dll 2014-01-19 00:46:36 ----A---- C:\Windows\system32\mciseq.dll 2014-01-19 00:46:31 ----A---- C:\Windows\system32\shell32.dll 2014-01-19 00:46:25 ----A---- C:\Windows\system32\rpcrt4.dll 2014-01-19 00:46:11 ----A---- C:\Windows\system32\wmi.dll 2014-01-19 00:46:11 ----A---- C:\Windows\system32\imagehlp.dll 2014-01-19 00:46:11 ----A---- C:\Windows\system32\drivers\fs_rec.sys 2014-01-19 00:46:03 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2014-01-19 00:46:03 ----A---- C:\Windows\system32\cdd.dll 2014-01-19 00:45:58 ----A---- C:\Windows\system32\drivers\usb8023.sys 2014-01-19 00:45:49 ----A---- C:\Windows\system32\msfeedssync.exe 2014-01-19 00:45:48 ----A---- C:\Windows\system32\wininet.dll 2014-01-19 00:45:48 ----A---- C:\Windows\system32\msfeedsbs.dll 2014-01-19 00:45:48 ----A---- C:\Windows\system32\msfeeds.dll 2014-01-19 00:45:48 ----A---- C:\Windows\system32\jsproxy.dll 2014-01-19 00:45:48 ----A---- C:\Windows\system32\ieUnatt.exe 2014-01-19 00:45:48 ----A---- C:\Windows\system32\iertutil.dll 2014-01-19 00:45:48 ----A---- C:\Windows\system32\iernonce.dll 2014-01-19 00:45:48 ----A---- C:\Windows\system32\ie4uinit.exe 2014-01-19 00:45:47 ----A---- C:\Windows\system32\iesetup.dll 2014-01-19 00:45:47 ----A---- C:\Windows\system32\iedkcs32.dll 2014-01-19 00:45:46 ----A---- C:\Windows\system32\urlmon.dll 2014-01-19 00:45:44 ----A---- C:\Windows\system32\occache.dll 2014-01-19 00:45:43 ----A---- C:\Windows\system32\iesysprep.dll 2014-01-19 00:45:43 ----A---- C:\Windows\system32\ieframe.dll 2014-01-19 00:45:41 ----A---- C:\Windows\system32\mstime.dll 2014-01-19 00:45:41 ----A---- C:\Windows\system32\mshtmled.dll 2014-01-19 00:45:41 ----A---- C:\Windows\system32\licmgr10.dll 2014-01-19 00:45:41 ----A---- C:\Windows\system32\ieui.dll 2014-01-19 00:45:41 ----A---- C:\Windows\system32\corpol.dll 2014-01-19 00:45:40 ----A---- C:\Windows\system32\url.dll 2014-01-19 00:45:40 ----A---- C:\Windows\system32\iepeers.dll 2014-01-19 00:45:39 ----A---- C:\Windows\system32\mshtml.dll 2014-01-19 00:45:30 ----A---- C:\Windows\system32\psisdecd.dll 2014-01-19 00:45:26 ----A---- C:\Windows\system32\win32k.sys 2014-01-19 00:45:19 ----A---- C:\Windows\system32\localspl.dll 2014-01-19 00:43:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2014-01-19 00:42:53 ----A---- C:\Windows\system32\MFH264Dec.dll 2014-01-19 00:42:53 ----A---- C:\Windows\system32\dxgi.dll 2014-01-19 00:42:52 ----A---- C:\Windows\system32\XpsRasterService.dll 2014-01-19 00:42:52 ----A---- C:\Windows\system32\XpsPrint.dll 2014-01-19 00:42:51 ----A---- C:\Windows\system32\mfreadwrite.dll 2014-01-19 00:42:51 ----A---- C:\Windows\system32\MFHEAACdec.dll 2014-01-19 00:42:50 ----A---- C:\Windows\system32\mfmp4src.dll 2014-01-19 00:42:50 ----A---- C:\Windows\system32\mf.dll 2014-01-19 00:42:49 ----A---- C:\Windows\system32\shdocvw.dll 2014-01-19 00:42:49 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe 2014-01-19 00:42:49 ----A---- C:\Windows\system32\mfplat.dll 2014-01-19 00:42:48 ----A---- C:\Windows\system32\stobject.dll 2014-01-19 00:42:45 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll 2014-01-19 00:42:45 ----A---- C:\Windows\system32\mfps.dll 2014-01-19 00:42:18 ----A---- C:\Windows\system32\synceng.dll 2014-01-19 00:42:15 ----A---- C:\Windows\system32\drivers\tcpip.sys 2014-01-19 00:41:18 ----A---- C:\Windows\system32\EncDec.dll 2014-01-19 00:41:14 ----A---- C:\Windows\system32\tzres.dll 2014-01-19 00:40:26 ----A---- C:\Windows\system32\dpnet.dll 2014-01-19 00:40:25 ----A---- C:\Windows\system32\dpnsvr.exe 2014-01-19 00:40:21 ----A---- C:\Windows\system32\drivers\partmgr.sys 2014-01-19 00:40:17 ----A---- C:\Windows\system32\SysFxUI.dll 2014-01-19 00:40:17 ----A---- C:\Windows\system32\drivers\portcls.sys 2014-01-19 00:40:17 ----A---- C:\Windows\system32\drivers\drmk.sys 2014-01-19 00:40:12 ----A---- C:\Windows\system32\drivers\volsnap.sys 2014-01-19 00:40:09 ----A---- C:\Windows\system32\drivers\usbser.sys 2014-01-19 00:38:04 ----A---- C:\Windows\system32\netapi32.dll 2014-01-19 00:37:55 ----A---- C:\Windows\system32\d3d10warp.dll 2014-01-19 00:37:55 ----A---- C:\Windows\system32\d3d10_1.dll 2014-01-19 00:37:55 ----A---- C:\Windows\system32\d2d1.dll 2014-01-19 00:37:54 ----A---- C:\Windows\system32\FntCache.dll 2014-01-19 00:37:54 ----A---- C:\Windows\system32\d3d10.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\xpsservices.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\XpsGdiConverter.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\OpcServices.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\DWrite.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\d3d10level9.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\d3d10core.dll 2014-01-19 00:37:53 ----A---- C:\Windows\system32\d3d10_1core.dll 2014-01-19 00:37:34 ----A---- C:\Windows\system32\packager.dll 2014-01-19 00:35:58 ----A---- C:\Windows\system32\ncrypt.dll 2014-01-19 00:35:32 ----A---- C:\Windows\system32\drivers\ntfs.sys 2014-01-19 00:35:24 ----A---- C:\Windows\system32\drivers\usbhub.sys 2014-01-19 00:35:24 ----A---- C:\Windows\system32\drivers\usbccgp.sys 2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbport.sys 2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbohci.sys 2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbehci.sys 2014-01-19 00:35:23 ----A---- C:\Windows\system32\drivers\usbd.sys 2014-01-19 00:35:21 ----A---- C:\Windows\system32\msvcrt.dll 2014-01-19 00:35:17 ----A---- C:\Windows\system32\kernel32.dll 2014-01-19 00:35:14 ----A---- C:\Windows\system32\drivers\usbvideo.sys 2014-01-19 00:35:02 ----A---- C:\Windows\system32\jscript.dll 2014-01-19 00:35:00 ----A---- C:\Windows\system32\shlwapi.dll 2014-01-19 00:34:52 ----A---- C:\Windows\system32\quartz.dll 2014-01-19 00:34:49 ----A---- C:\Windows\system32\WMVDECOD.DLL 2014-01-19 00:34:44 ----A---- C:\Windows\system32\win32spl.dll 2014-01-19 00:34:44 ----A---- C:\Windows\system32\printcom.dll 2014-01-19 00:34:34 ----A---- C:\Windows\system32\wscript.exe 2014-01-19 00:34:33 ----A---- C:\Windows\system32\wshcon.dll 2014-01-19 00:34:33 ----A---- C:\Windows\system32\scrrun.dll 2014-01-19 00:34:33 ----A---- C:\Windows\system32\cscript.exe 2014-01-19 00:34:31 ----A---- C:\Windows\system32\gdi32.dll 2014-01-19 00:34:22 ----A---- C:\Windows\system32\certutil.exe 2014-01-19 00:34:20 ----A---- C:\Windows\system32\certenc.dll 2014-01-19 00:33:56 ----A---- C:\Windows\system32\crypt32.dll 2014-01-19 00:33:33 ----A---- C:\Windows\system32\msxml6.dll 2014-01-19 00:33:30 ----A---- C:\Windows\system32\qdvd.dll 2014-01-19 00:33:27 ----A---- C:\Windows\system32\IKEEXT.DLL 2014-01-19 00:33:27 ----A---- C:\Windows\system32\FWPUCLNT.DLL 2014-01-19 00:33:23 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2014-01-19 00:33:21 ----A---- C:\Windows\system32\themeui.dll 2014-01-19 00:33:17 ----A---- C:\Windows\system32\winhttp.dll 2014-01-19 00:33:15 ----A---- C:\Windows\system32\atmfd.dll 2014-01-19 00:33:14 ----A---- C:\Windows\system32\atmlib.dll 2014-01-19 00:33:08 ----A---- C:\Windows\system32\ntkrnlpa.exe 2014-01-19 00:33:07 ----A---- C:\Windows\system32\smss.exe 2014-01-19 00:33:07 ----A---- C:\Windows\system32\ntoskrnl.exe 2014-01-19 00:33:07 ----A---- C:\Windows\system32\ntdll.dll 2014-01-19 00:33:07 ----A---- C:\Windows\system32\csrsrv.dll 2014-01-19 00:32:59 ----A---- C:\Windows\system32\UIAutomationCore.dll 2014-01-19 00:32:59 ----A---- C:\Windows\system32\oleaut32.dll 2014-01-19 00:32:59 ----A---- C:\Windows\system32\oleaccrc.dll 2014-01-19 00:32:59 ----A---- C:\Windows\system32\oleacc.dll 2014-01-19 00:32:34 ----A---- C:\Windows\system32\qedit.dll 2014-01-19 00:32:31 ----A---- C:\Windows\system32\msxml3.dll 2014-01-19 00:31:55 ----A---- C:\Windows\system32\mstscax.dll 2014-01-19 00:31:52 ----A---- C:\Windows\system32\xmllite.dll 2014-01-19 00:31:50 ----A---- C:\Windows\system32\comctl32.dll 2014-01-19 00:31:47 ----A---- C:\Windows\system32\drivers\rdpwd.sys 2014-01-19 00:31:45 ----A---- C:\Windows\system32\winsrv.dll 2014-01-19 00:31:39 ----A---- C:\Windows\system32\cryptdlg.dll 2014-01-19 00:31:04 ----A---- C:\Windows\system32\drivers\usbscan.sys 2014-01-19 00:31:04 ----A---- C:\Windows\system32\drivers\hidparse.sys 2014-01-19 00:28:49 ----A---- C:\Windows\system32\schannel.dll 2014-01-19 00:28:49 ----A---- C:\Windows\system32\lsasrv.dll 2014-01-19 00:28:49 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2014-01-19 00:28:48 ----A---- C:\Windows\system32\secur32.dll 2014-01-19 00:28:48 ----A---- C:\Windows\system32\lsass.exe 2014-01-18 23:50:02 ----A---- C:\Windows\system32\wintrust.dll 2014-01-18 23:50:02 ----A---- C:\Windows\system32\cryptsvc.dll 2014-01-18 23:50:02 ----A---- C:\Windows\system32\cryptnet.dll 2014-01-18 15:30:49 ----A---- C:\Windows\system32\wups2.dll 2014-01-18 15:30:49 ----A---- C:\Windows\system32\wuauclt.exe 2014-01-18 15:30:48 ----A---- C:\Windows\system32\wucltux.dll 2014-01-18 15:30:48 ----A---- C:\Windows\system32\wuaueng.dll 2014-01-18 15:29:50 ----A---- C:\Windows\system32\wups.dll 2014-01-18 15:29:50 ----A---- C:\Windows\system32\wudriver.dll 2014-01-18 15:29:49 ----A---- C:\Windows\system32\wuapi.dll 2014-01-18 15:29:31 ----A---- C:\Windows\system32\wuwebv.dll 2014-01-18 15:29:31 ----A---- C:\Windows\system32\wuapp.exe 2014-01-17 22:42:47 ----D---- C:\Program Files\VNT 2014-01-17 22:42:44 ----D---- C:\ProgramData\AskPartnerNetwork 2014-01-17 22:42:44 ----D---- C:\Program Files\AskPartnerNetwork 2014-01-17 22:41:27 ----D---- C:\ProgramData\APN 2014-01-17 22:41:23 ----D---- C:\Users\steven\AppData\Roaming\Avira 2014-01-17 22:37:22 ----A---- C:\Windows\system32\drivers\ssmdrv.sys 2014-01-17 22:37:13 ----A---- C:\Windows\system32\drivers\avkmgr.sys 2014-01-17 22:37:13 ----A---- C:\Windows\system32\drivers\avipbb.sys 2014-01-17 22:37:13 ----A---- C:\Windows\system32\drivers\avgntflt.sys 2014-01-17 22:36:53 ----D---- C:\ProgramData\Avira 2014-01-17 22:36:53 ----D---- C:\Program Files\Avira 2014-01-17 22:13:51 ----D---- C:\Windows\system32\eu-ES 2014-01-17 22:13:51 ----D---- C:\Windows\system32\ca-ES 2014-01-17 22:13:50 ----D---- C:\Windows\system32\vi-VN 2014-01-16 21:10:20 ----D---- C:\Users\steven\AppData\Roaming\Malwarebytes 2014-01-16 21:10:15 ----D---- C:\ProgramData\Malwarebytes 2014-01-16 21:10:14 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2014-01-16 21:10:14 ----A---- C:\Windows\system32\drivers\mbam.sys 2014-01-16 19:47:12 ----A---- C:\Program Files\5mUninstall MyFunCards.dll 2014-01-16 19:47:12 ----A---- C:\Program Files\5mres.dll 2014-01-16 19:43:19 ----D---- C:\Windows\pss 2014-01-16 19:35:34 ----D---- C:\Program Files\CCleaner 2014-01-15 21:31:44 ----D---- C:\AdwCleaner 2014-01-15 21:15:53 ----D---- C:\ProgramData\Oracle 2014-01-15 21:15:37 ----D---- C:\ProgramData\Sun 2014-01-15 21:15:33 ----D---- C:\Program Files\Common Files\Java 2014-01-15 21:15:10 ----A---- C:\Windows\system32\javaws.exe 2014-01-15 21:14:32 ----A---- C:\Windows\system32\WindowsAccessBridge.dll 2014-01-15 21:14:32 ----A---- C:\Windows\system32\javaw.exe 2014-01-15 21:14:32 ----A---- C:\Windows\system32\java.exe 2014-01-09 21:57:45 ----D---- C:\Windows\system32\log ======List of files/folders modified in the last 1 month====== 2014-01-19 09:21:07 ----D---- C:\Windows\Temp 2014-01-19 09:15:37 ----D---- C:\Windows\Prefetch 2014-01-19 09:15:25 ----RD---- C:\Program Files 2014-01-19 09:14:30 ----D---- C:\Windows\system32\drivers 2014-01-19 08:50:40 ----D---- C:\Users\steven\AppData\Roaming\Skype 2014-01-19 08:50:18 ----D---- C:\Windows\system32\Tasks 2014-01-19 05:46:43 ----D---- C:\Windows\rescache 2014-01-19 05:43:16 ----D---- C:\Windows\winsxs 2014-01-19 05:41:13 ----D---- C:\Windows\Microsoft.NET 2014-01-19 05:41:11 ----RSD---- C:\Windows\assembly 2014-01-19 05:36:05 ----SHD---- C:\System Volume Information 2014-01-19 05:23:03 ----D---- C:\Windows\System32 2014-01-19 05:23:03 ----A---- C:\Windows\system32\PerfStringBackup.INI 2014-01-19 05:23:02 ----D---- C:\Windows\inf 2014-01-19 05:20:58 ----D---- C:\Windows\system32\catroot 2014-01-19 05:14:01 ----D---- C:\Windows 2014-01-19 05:13:11 ----D---- C:\Windows\system32\fr-FR 2014-01-19 05:13:10 ----D---- C:\Windows\system32\nl-NL 2014-01-19 05:13:10 ----D---- C:\Windows\system32\drivers\nl-NL 2014-01-19 05:13:10 ----D---- C:\Windows\system32\drivers\fr-FR 2014-01-19 05:13:09 ----D---- C:\Windows\system32\wbem 2014-01-19 05:13:07 ----D---- C:\Windows\system32\zh-TW 2014-01-19 05:13:07 ----D---- C:\Windows\system32\tr-TR 2014-01-19 05:13:07 ----D---- C:\Windows\system32\sr-Latn-CS 2014-01-19 05:13:07 ----D---- C:\Windows\system32\sk-SK 2014-01-19 05:13:07 ----D---- C:\Windows\system32\ro-RO 2014-01-19 05:13:07 ----D---- C:\Windows\system32\pt-PT 2014-01-19 05:13:07 ----D---- C:\Windows\system32\pt-BR 2014-01-19 05:13:07 ----D---- C:\Windows\system32\lv-LV 2014-01-19 05:13:07 ----D---- C:\Windows\system32\lt-LT 2014-01-19 05:13:07 ----D---- C:\Windows\system32\ja-JP 2014-01-19 05:13:07 ----D---- C:\Windows\system32\it-IT 2014-01-19 05:13:07 ----D---- C:\Windows\system32\fi-FI 2014-01-19 05:13:07 ----D---- C:\Windows\system32\el-GR 2014-01-19 05:13:07 ----D---- C:\Windows\system32\de-DE 2014-01-19 05:13:06 ----D---- C:\Windows\system32\zh-HK 2014-01-19 05:13:06 ----D---- C:\Windows\system32\zh-CN 2014-01-19 05:13:06 ----D---- C:\Windows\system32\uk-UA 2014-01-19 05:13:06 ----D---- C:\Windows\system32\th-TH 2014-01-19 05:13:06 ----D---- C:\Windows\system32\sv-SE 2014-01-19 05:13:06 ----D---- C:\Windows\system32\sl-SI 2014-01-19 05:13:06 ----D---- C:\Windows\system32\ru-RU 2014-01-19 05:13:06 ----D---- C:\Windows\system32\pl-PL 2014-01-19 05:13:06 ----D---- C:\Windows\system32\nb-NO 2014-01-19 05:13:06 ----D---- C:\Windows\system32\ko-KR 2014-01-19 05:13:06 ----D---- C:\Windows\system32\hu-HU 2014-01-19 05:13:06 ----D---- C:\Windows\system32\hr-HR 2014-01-19 05:13:06 ----D---- C:\Windows\system32\he-IL 2014-01-19 05:13:06 ----D---- C:\Windows\system32\et-EE 2014-01-19 05:13:06 ----D---- C:\Windows\system32\es-ES 2014-01-19 05:13:06 ----D---- C:\Windows\system32\en-US 2014-01-19 05:13:06 ----D---- C:\Windows\system32\da-DK 2014-01-19 05:13:06 ----D---- C:\Windows\system32\cs-CZ 2014-01-19 05:13:06 ----D---- C:\Windows\system32\bg-BG 2014-01-19 05:13:06 ----D---- C:\Windows\system32\ar-SA 2014-01-19 05:13:03 ----D---- C:\Program Files\Internet Explorer 2014-01-19 05:12:51 ----RSD---- C:\Windows\Fonts 2014-01-19 05:12:46 ----D---- C:\Windows\system32\XPSViewer 2014-01-19 05:12:42 ----D---- C:\Program Files\Windows Mail 2014-01-19 05:12:33 ----D---- C:\Program Files\Common Files\System 2014-01-19 05:12:25 ----D---- C:\Windows\system32\migration 2014-01-19 05:12:06 ----D---- C:\Windows\system32\drivers\UMDF 2014-01-19 04:51:47 ----SHD---- C:\Windows\Installer 2014-01-19 04:24:43 ----D---- C:\Windows\tracing 2014-01-19 04:20:08 ----D---- C:\Windows\system32\catroot2 2014-01-17 22:53:53 ----D---- C:\Program Files\Common Files 2014-01-17 22:42:44 ----HD---- C:\ProgramData 2014-01-17 22:27:21 ----A---- C:\ProgramData\hpqp.ini 2014-01-17 22:25:14 ----SHD---- C:\boot 2014-01-17 22:14:30 ----D---- C:\Program Files\Windows Sidebar 2014-01-17 22:14:30 ----D---- C:\Program Files\Windows Calendar 2014-01-17 22:14:30 ----D---- C:\Program Files\Movie Maker 2014-01-17 22:14:29 ----D---- C:\Program Files\Windows Media Player 2014-01-17 22:14:28 ----D---- C:\Program Files\Windows Photo Gallery 2014-01-17 22:14:28 ----D---- C:\Program Files\Windows Collaboration 2014-01-17 22:14:27 ----D---- C:\Windows\servicing 2014-01-17 22:14:27 ----D---- C:\Program Files\Windows Defender 2014-01-17 22:14:24 ----D---- C:\Windows\IME 2014-01-17 22:14:21 ----D---- C:\Windows\system32\oobe 2014-01-17 22:14:21 ----D---- C:\Windows\system32\fr 2014-01-17 22:14:19 ----D---- C:\Windows\system32\AdvancedInstallers 2014-01-17 22:14:16 ----D---- C:\Windows\system32\SLUI 2014-01-17 22:14:16 ----D---- C:\Windows\system32\setup 2014-01-17 22:14:15 ----D---- C:\Windows\system32\manifeststore 2014-01-17 22:14:13 ----D---- C:\Windows\system32\migwiz 2014-01-17 22:13:57 ----D---- C:\Windows\AppPatch 2014-01-17 22:13:50 ----D---- C:\Windows\system32\Boot 2014-01-17 22:07:22 ----D---- C:\ProgramData\NVIDIA 2014-01-17 22:01:38 ----A---- C:\Windows\fonts\GlobalUserInterface.CompositeFont 2014-01-16 20:41:49 ----D---- C:\Windows\panther 2014-01-16 20:41:42 ----D---- C:\Windows\Minidump 2014-01-16 20:41:42 ----D---- C:\Windows\Debug 2014-01-16 20:29:33 ----D---- C:\ProgramData\Norton 2014-01-16 20:29:33 ----D---- C:\Program Files\Google 2014-01-16 20:29:31 ----D---- C:\ProgramData\AVAST Software 2014-01-16 20:26:42 ----D---- C:\ProgramData\Apple Computer 2014-01-16 20:26:42 ----D---- C:\Program Files\iTunes 2014-01-16 20:26:41 ----D---- C:\Program Files\Common Files\Apple 2014-01-16 20:25:28 ----DC---- C:\Windows\system32\DRVSTORE 2014-01-16 20:14:48 ----HD---- C:\Program Files\InstallShield Installation Information 2014-01-16 20:14:04 ----D---- C:\ProgramData\CyberLink 2014-01-16 20:14:04 ----D---- C:\Program Files\CyberLink 2014-01-16 20:05:16 ----D---- C:\Program Files\QuickTime 2014-01-16 20:02:24 ----D---- C:\ProgramData\WildTangent 2014-01-16 20:02:24 ----D---- C:\Program Files\HP Games 2014-01-16 19:50:07 ----D---- C:\ProgramData\Microsoft Help 2014-01-16 19:47:33 ----D---- C:\Windows\system32\MRT 2014-01-16 19:38:22 ----A---- C:\Windows\system32\mrt.exe 2014-01-15 21:13:31 ----D---- C:\Program Files\Java 2014-01-15 21:10:18 ----D---- C:\Windows\Tasks 2014-01-15 20:52:46 ----D---- C:\Users\steven\AppData\Roaming\HpUpdate ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-07-03 18544] R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2013-12-13 135648] R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2013-12-13 37352] R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2013-12-13 28520] R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2013-12-13 90400] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704] R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-04-27 909824] R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-06-05 222208] R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2007-06-18 16768] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-11-01 985600] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-11-01 208896] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2013-04-04 22856] R3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-01-29 1042464] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2008-05-09 43040] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-07-23 9791072] R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-04-24 14848] R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-09-19 61952] R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-21 9216] R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-04-17 199344] R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-12 134272] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-11-01 661504] R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560] S3 cpuz132;cpuz132; \??\C:\Users\steven\AppData\Local\Temp\cpuz132\cpuz132_x32.sys [] S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632] S3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2008-12-13 36608] S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520] S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2011-08-17 18176] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2011-08-17 23168] S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576] S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM); C:\Windows\system32\DRIVERS\SE2Bbus.sys [2006-11-10 61600] S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\SE2Bmdfl.sys [2006-11-10 9360] S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\SE2Bmdm.sys [2006-11-10 97184] S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592] S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112] S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2011-08-17 8192] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328] S3 usbser;Nokia USB Serial Port Driver ; C:\Windows\system32\drivers\usbser.sys [2013-08-29 27648] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-08-17 8192] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136] S3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 194048] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira Planner; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2013-12-13 440376] R2 AntiVirService;Avira Real-Time Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2013-12-13 440376] R2 AntiVirWebService;Avira Web Protection; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2013-12-13 1011768] R2 APNMCP;Ask-updateservice; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [2013-12-20 166352] R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208] R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-23 211488] R2 Recovery Service for Windows;Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [2008-10-06 365952] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560] R3 Com4QLBEx;Com4QLBEx; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2008-05-01 165192] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-29 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-14 257416] S3 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048] S3 fsssvc;De service Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864] S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-29 136176] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856] -----------------EOF-----------------
-
Ik heb een Canon Pixima MX895 printer. Als ik via mijn tablet wil printen op mijn printer moet ik altijd mijn pc hebben opstaan. Ik print af via de app van Canon zelf (Canon EPP), Printershare of Google Cloud printen. Kan dit niet omzeild worden zodat de pc niet altijd hoeft op te staan?
-
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Heb mijn oor bij Microsoft zelf eens opgestoken en is opgelost -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Programma doet niets. Het springt tevoorschijn maar verdwijnt onmiddellijk terug. Onmogelijk iets ervan te lezen. Heb wel kunnen merken dat het een DOS bestandje is. - - - Updated - - - Ik ben nog een beetje in mijn logboek aan het zoeken tussen de foutmeldingen. Eén ervan is de volgnede en bekom ik altijd bij het opstarten blijkbaar: Windows (2748) Windows: De verificatie van de databasepagina die is gelezen van bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb bij een verschuiving van 28278784 (0x0000000001af8000) (databasepagina 862 (0x35E)) voor 32768 (0x00008000) bytes is mislukt vanwege een ongeldige paginacontrolesom. De verwachte controlesom is [d92026dfbb9dfd09:000000000000035e:000000000000035e:00330033068c0344] en de resulterende controlesom is [270b270bf55ad31b:000000000000035e:000000000000035e:0a78f5874200d8e2]. Tijdens de leesbewerking treedt fout -1018 (0xfffffc06) op. Als dit probleem zich blijft voordoen, herstelt u de database vanaf een vorige back-up. Dit probleem wordt waarschijnlijk veroorzaakt door een hardwareprobleem. Neem contact met uw hardwareverkoper op voor ondersteuning bij het vaststellen van het probleem. -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Ja ik heb het al met een gewone dvd geprobeerd maar dvd leest ook niet af. Ik heb gisteren een andere dvd speler aangesloten en zo mijn office geïnstalleerd. Maar op het einde viel pc ook vanzelf in slaapstand en kreeg hem er ook niet uit. Office is geïnstalleerd maar krijg nog steeds dezelfde melding bij het aanklikken van een link. Bestaat er geen freeware om volledige pc te controleren op correcte werking? Zou misschien handig van pas kunnen komen. Aangezien ik toch nogal wat fouten en waarschuwingen in het logboek terug vind. -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Ik ben nog een beetje verder aan het graven in de fouten bij het lezen van mijn cdrom. Mijn logboek staat vol met fouten en waarschuwingen allerhande. Bij de cdrom fout staat bijvoorbeeld "Beschadigd blok in apparaat \Device\CdRom0" -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Het is me eindelijk gelukt om office te herinstalleren. Maar na installatie geeft hij in Outlook nog steeds dezelfde foutmelding als in het begin. -
Het gaat over het vervolg. Weet eigenlijk niet of het nog te maken heeft met de vorige topic. Is wel dezelfde pc.
-
Als ik probeer een dvd af te spelen / lezen loopt mijn pc telkens vast. Ik probeer mijn office pakket terug te installeren met de dvd maar telkens ik hem laad loopt mijn pc vast, krijg een zwart scherm maar pc zelf blijft draaien. Moet hem telkens resetten voor ik verder kan en de dvd eruit halen anders kan ik ook niet meer opstarten. Ik heb een LG HL-DT-ST DVDRAM GSA-4167B DVD brander en heb reeds een update gedaan van mijn driver maar daar zat het probleem blijkbaar niet. Als ik er een film dvd in steek blokkeert de speler ook maar schakelt de pc niet uit.
-
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Ik heb al een beetje van alles geprobeerd, tot ik zelf ook niet meer verder kon. Ik heb office er gewoon af gesmeten en probeer het nu terug te installeren. Van zodra ik de DVD van office in de pc zet begint hij als zot te draaien en sluit zichzelf zonder enige verwittiging gewoon af. Heb een test gedaan met een gewone dvd met film erop en hij herkent de dvd maar je krijgt de inhoud echt niet geopend. Hij schakelt zichzelf telkens in slaapstand om nadien terug op te starten. All by himself. Kan toch niets met koeling te maken hebben? Je hoort de pc wel hoog in toeren gaan. -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Nu krijg ik telkens fout 1704 in office 2010 -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Krijg telkens problemen met het herstellen van office. Krijg altijd een blauw scherm met daarop een volledige tekst dat Windows moet worden afgesloten wegens fouten of fout programma. Heb het nog een paar keer geprobeerd maar lukt echt niet om office te herstellen. -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Nergens iets gevonden. Ik denk dus dat het aan mijn antivirus zal liggen. Heb ondertussen ook al eens geprobeerd om te scannen met Karspersky en die vind ook niets terug. Mag/zal er dus vanuit gaan dat de pc virusvrij is. Maar probleem met office is nog steeds hetzelfde. Link kan niet geopend worden -
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Bij deze krijg ik telkens de melding
-
verborgen virus of ongewenst programma
thierry1 reageerde op thierry1's topic in Archief Bestrijding malware & virussen
Dat is er nog steeds
